As is with the rest of FortiMonitor, security was (and is) top of mind when implementing CounterMeasures. A couple of key considerations were made to ensure a secure experience:
-
SSL communication: all communication between the agent and FortiMonitor is over SSL (this goes for all agent communication)
-
All Outbound Communication: the agent only requires outbound communication and only receives information in response to requests made to FortiMonitor (this goes for all agent communication)
-
Only local code is executed: Only code that is located on the instance is executed. Nothing that is retrieved from FortiMonitor is executed