The following list is a formatted output of 'sudo /opt/forticlientems/bin/emscli service get --all --describe'

More information about the emscli tool is available at: How to use emscli CLI tool to manage Fort... - Fortinet Community

apache2:

[Importance: CRITICAL] This provides the EMS Console GUI and also the file server to store FortiClient installers and some signatures downloaded by FortiClients. This process also provides APIs that other systems use when integrating with EMS.

fcems_monitor:

[Importance: CRITICAL] EMS services monitor that ensures services are running and restarted accordingly when certain EMS config is updated. If a service crashes, the monitor will ensure it gets restarted.

fcems_reg:

[Importance: CRITICAL] This service is essential for endpoints to register to EMS.

fcems_probe:

[Importance: CRITICAL] When endpoints will try to establish connections to EMS they need to send a probe to ensure compatibility and this is the process responsible for providing the probe information.

fcems_ztna:

[Importance: CRITICAL] This process is critical for FortiGate integration as it serves APIs used by FortiOS to retrieve data from endpoints.

fcems_ecsocksrv:

[Importance: CRITICAL] This is the main service responsible for telemetry and is the server with wich endpoints communicate to register to EMS and get periodical posture checks and profile configuration from EMS.

fcems_das:

[Importance: CRITICAL] EMS data caching layer. Most EMS processes depend on this one to cache data and interface with the DB for cached type data. If this service becomes unavailable, most of EMS functionality will be compromised.

fcems_ka:

[Importance: CRITICAL] KA stands for Keep-Alive and this is the process responsible for processing the endpoint's heartbeats (KAs) and updating the endpoint information on EMS's database when new information is provided and also returning profile configuration updates to the endpoint. This process also plays a role in calculating posture tags applicable to the endpoint.

fcems_notify:

[Importance: CRITICAL] When integrating with FortiGate this component is responsible for notifying them of important changes on endpoints or configuration.

fcems_tag:

[Importance: CRITICAL] This service processes immediate requests sent by FortiClients when they detect a network information change on the endpoint.

fcems_wspgbouncer:

[Importance: CRITICAL] Connection pooler used for EMS process to talk to the PostgreSQL database.

fcems_pgbouncer:

[Importance: CRITICAL] Connection pooler used for EMS process to talk to the PostgreSQL database.

fcems_chromebook:

[Importance: HIGH] If there are Chromebook endpoints, this is the server process with which they communicate to get EMS services.

fcems_forensics:

[Importance: MEDIUM] This service integrates EMS with the Forensics platform and is only used if Forensics services are available and endpoints are selected to go through forensics analysis

fcems_installer:

[Importance: MEDIUM] Services responsible for repacking installers with EMS configuration, to use for deploying FortiClient upgrades to endpoints.

fcems_scep:

[Importance: MEDIUM] When using MDM integration this is the component that acts as SCEP server to provide and deploy ZTNA certificates to mobile endpoints.

fcems_adconnector:

[Importance: MEDIUM] A local Active Directory/Azure AD connector that interfaces with those servers to get info on their devices, groups, and users. It can also be used to authenticate EMS console users or endpoint users if AD-type onboarding is enabled.

fcems_upload:

[Importance: MEDIUM] This component is not essential for telemetry, but this processes endpoint requests to upload logs, software inventory, avatar and other files.

fcems_deploy:

[Importance: MEDIUM] Component responsible for scheduling and pushing FortiClient deployment to endpoints

fcems_update:

[Importance: MEDIUM] This process is responsible for checking for signatures and database information from FDS and getting the latest ones to load to EMS.

fcems_task:

[Importance: MEDIUM] This process is responsible for maintenance tasks on EMS including changing endpoints' online status and managing license distribution, resync, etc.

fcems_adevtsrv:

[Importance: MEDIUM] When using remote AD connectors, this is the component that interfaces with those connectors and allows them to send data to EMS.

fcems_mdmproxy:

[Importance: MEDIUM] When using MDM integration this component is responsible for integrating with the MDM vendor.

fcems_sip:

[Importance: MEDIUM] Component responsible for processing the list of software inventory uploaded by endpoints and also the list of PUA.

fcems_addaemon:

[Importance: MEDIUM] A local Active Directory/Azure AD connector that interfaces with those servers to get info on their devices, groups, and users. It can also be used to authenticate EMS console users or endpoint users if AD type onboarding is enabled.

fcems_dbop:

[Importance: MEDIUM] Component responsible for providing DB-related services such as backup/restore, site create/edit/delete.

fcems_adtask:

[Importance: LOW] Performs periodical tasks for Active Directory/Azure AD data (e.g. Periodical sync to get updates from those servers).

fcems_ftntdbimporter:

[Importance: LOW] component responsible for loading the vulnerabilities and application.