Fortinet black logo

Agentless ZTNA with FortiSIEM UEBA and FortiGate

Home FortiSIEM 7.1.4 Agentless ZTNA with FortiSIEM UEBA and FortiGate
7.1.4
7.1.6
7.1.5
7.1.4
7.1.3
7.1.2
7.1.1
7.1.0
7.0.3
7.0.2
7.0.1
7.0.0
6.7.9
6.7.8
6.7.7
6.7.6
6.7.5
6.7.4
6.7.3
6.7.2

Native Windows as UEBA Telemetry

Native Windows as UEBA Telemetry

Where an agent cannot be deployed, there are still events that can be collected from the Windows device using an agentless method such as OMI. However, about 50% of the UEBA ML model will miss necessary data.

A comparison can be found here:

Example UEBA events

UEBA ML models and required event sources

Installing and configuring the FortiSIEM Windows Agent is available here and agentless monitoring of Windows is described in the External Systems Configuration Guide (ESCG).

Previous
Next

Native Windows as UEBA Telemetry

Where an agent cannot be deployed, there are still events that can be collected from the Windows device using an agentless method such as OMI. However, about 50% of the UEBA ML model will miss necessary data.

A comparison can be found here:

Example UEBA events

UEBA ML models and required event sources

Installing and configuring the FortiSIEM Windows Agent is available here and agentless monitoring of Windows is described in the External Systems Configuration Guide (ESCG).

Previous
Next