Also it is interesting when doing an automation on the fabric is the REST API used or the forti fabric protocol as for example I see that automation Stitches are only configured under the security fabric and from what I read an automation Stitch can involve multiple forti devices that are part of the fabric like stopping the source ip and mac on the firewalls but also on the forti switches and cool stuff like that.
I am starting to wonder if forti fabric is not LLDP for discovery then forti analyzer for logging (also the devices probably share in the logs with the analyzer what they discovered by LLDP) and the REST-API for automating stuff (expecially if there is forti manager added as an optional component to the fabric). Maybe there is no propriotory protocol involved.
The "Fabric" is not just one protocol. As you've already discovered it uses LLDP for Switch and AP discovery as well as FortiLink (proprietary CAPWAP) for control. There's also the API integrations using HTTPS. And others...
To answer your quesiton though, yes all communications are secured and encrypted. Specifically FortiLink
I found this article below and now I see that the root firewall (this makes me ask what happens if the root firewalls goes down but maybe this is a question for another time and if I do not find a well documented answer :) ) is the only one where automation stiches can be created (strange that fortimanager lacks this option) and maybe "enable 'Allow access' to FortiGate REST API " should also be checked in the security fabric for the automations to work, so I am starting to think that the automations use the API to trigger stuff on the security fabric.
Still interesting what protocol is used for communication between the security fabric devices and its encryption outside of the logging to analyzer that can be encrypted of the API that I think is for automation stiches to work.
FortiManager would not have any role in automation stitch creation—it is responsible for config management only. FortiAnalyzer, on the other hand (which is required part of the Fabric) will do Automation stitches and playbooks.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.