Hi,
We have setup FSSO using the DC agent based method and have a collector Agent connected to our Fortigate. All working as per the documentation.
However we have been asked a simple question that I can't find a clear answer on so far.
Is the traffic sent from the DC Agents to the Collector Agent encrypted/secure? Also the same for the traffic from the Collector Agent to the Fortigate?
The docs mention the ports used;
DC Agent keepalive and push logon info to CAUDP/8002CA keepalive and push logon info to FortigateTCP/8000
We need to tick off that the traffic, as it contains user information is not floating through the network in a way that could be compromised.
Anyone have an insight in to this, it would be interesting and big help.
Thanks,
CD
I am uncertain, however you if you can run a mirror port / and or packet capture on the uplinked switch you should be able to see if the traffic on tcp/8000 udp/8002 is encapsulated.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.