Which three statements are true about zero-trust telemetry compliance? (Choose three.)
Which three statements are true about zero-trust telemetry compliance? (Choose three.)
For zero-trust telemetry compliance, FortiClient checks the endpoint using the ZTNA tags provided by FortiClient EMS, which ensures that the endpoint meets the required security criteria. ZTNA tags are configured in FortiClient based on criteria such as certificates and the logged-in domain to maintain secure connectivity. Furthermore, FortiClient EMS sends the endpoint information received through FortiClient Telemetry to FortiOS, facilitating the integration and enforcement of security policies. These steps are critical for ensuring that only compliant devices are granted access to network resources.
This slide shows how FortiClient-EMS and FortiGate check for compliance: FortiClient-EMS is connected to FortiGate as a participant in the Security Fabric. FortiClient Telemetry attempts to connect to FortiClient-EMS. Based on the FortiClient-EMS configuration, FortiClient may receive an SSL certificate from EMS to verify the connection. FortiClient-EMS sends the endpoint information received through FortiClient Telemetry to FortiOS. Zero-trust tagging rules are configured in FortiClient-EMS, based on criteria such as certificates, the logged in domain, files present, OS versions, running processes, registry keys. FortiClient-EMS sends zero-trust tagging rules to the endpoint. FortiClient checks the endpoint using the provided zero trust tagging rules and sends back the results to FortiClient-EMS. FortiClient-EMS dynamically groups the endpoint, based on the zero-trust tagging rules. FortiOS can receive the dynamic endpoint groups from FortiClient-EMS and use them to create dynamic firewall policies. Network access is provided to the endpoint, based on the zero-trust tagging rules.
study guide page 67: Fortinet ZTNA workflow