FortiClient Telemetry security features
FortiClient connects to the FortiGate and EMS over an SSL connection. All protocol exchanges flow through this secure connection. The connection is closed after protocol exchanges between both parties are complete. The SSL connections require a valid certificate.
The default Telemetry port number is 8013. This may be changed in EMS and FortiClient. When a port is not provided, FortiClient always attempt to connect to the default port, which is 8013. Changing this in EMS will lock out endpoints that are still using the default.
The EMS administrator may at anytime disconnect a rogue endpoint from EMS and prevent it from reconnecting to EMS in the future.
A list of TCP/IP ports used by the EMS is provided in Required services and ports. The network administrator may block all other ports or service requests to the EMS IP address or FQDN.