Limitations of agentless polling mode.
- If there are many user logins at the same time, the FSSO daemon may miss some.
- Winsec polling only.
- No NTLM.
- No workstation checks and dead entry.
- FSSO-polling Agentless may not work correctly with nested users group.
- More CPU consuming: with local polling.
A. and D.
Agenteless Polling Mode
- Doesn't require an external DC agent or collector agent
- - FortiGate collects the data directly
- Event logging must be enabled on the DCs
- More CPU and RAM required by FortiGate
- Support for polling option WinSecLog only
- - FortiGate uses the SMB protocol to read the event viewer logs
- Fewer available features than collector agent-based polling mode
- FortiGate doesn't poll workstation
- - Workstation verification is not available in agentless polling mode
Reference: FortiGate 7.4 Administration Study Guide, page 132
A. FortiGate uses the SMB protocol to read the event viewer logs from the DCs.
D. FortiGate does not support workstation check.
Reference and download study guide:
https://ebin.pub/fortinet-fortigate-infrastructure-study-guide-for-fortios-72.html
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
efot
Highly Voted 2 years, 3 months agoerawemk
Highly Voted 1 year, 9 months agotharindas
Most Recent 1 month agoherlock_sholmes_2810
2 months, 1 week agoGeniusA
1 year, 3 months agoSlash_JM
1 year, 6 months agoraydel92
1 year, 7 months agoBrandon534
1 year, 9 months agoefot
2 years, 3 months ago