FortiInsight agents are installed on “endpoints”. These agents collect endpoint activity data, and push this data to the FortiInsight Collector Server at the back-end, where it is stored and analysed by the FortiInsight system.
The activity data sent by the agent is in the form of 'events'. These are operating system level activities, such as machine on/off, user logon/off, process start/stop, file read/write/delete/rename/move, etc. and are collected and sent as they happen in real-time on the endpoint. Any endpoint which is off network (i.e. cannot connect to the FortiInsight back-end), shall cache activity data locally and then upload this to the collector server as soon as connectivity is re-established.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.