We have the request to confirm that there is no way to manipulate download and upload packages and integrate suspicious Malware or Viruses/unexpected batch-files/scirpts or executables between Beacon and Agent and therefore, affecting the Application itself.
1.) from Agent (NDI-file) to the Beacon (upload), there should be no possibility to integrate suspicious things or to be later executed on the Beacon
2.) from Beacon (policy or within Agent upgrade packages) to the Agent (download), there should be no way to execute suspicious things on Agent, integrated in the downloaded Package.
3.) ApplicationServer and configured Settings, to be distributed in the environment. If the Server is effected, it should not be distributed, based on FNMS communications.
4.) If you manipulate a Agent-Upgrade Package one the Beacon forcefully, and you will integrate a suspicious File /executable into it and let this Package go live, will it be ensured that this "evil" package will not get deployed?
So, if one of the Beacon or the Agent is effected by a Virus or something else, it should not effect the Application (Batch-Server) based on the internal communication between Agent -> Beacon -> Server vice versa only. Correct?
And, yes we have Virus-scanners active in our env. So, the question is more about the detection/prevention of doing maliciouse things, if it comes to a native communication within the FNMS-Applikation and its environment, regardless of other Services running. (using FNMS 2022R1 on-prem)
And not to see something like this (with a smily and we haven't faced it) after an Agent was upgrade by the Server policy automatically
Jan 18, 2023 04:39 AM - edited Jan 18, 2023 05:44 AM
Thank you Durgeshsingh for your fast reply,
according to this, it ensures that your Virus-scanning-toolset has detected some suspicious software and you/one should act according to your companies policies.
My question is in regard and beforehand this situation will occure.
Is FNMS in somehow able to detect or prevent suspicious packages from distribution into the environment? Not using any 3rd Partytools to detect a security issue, but using the native functionalities within FNMS and prevent/or not distribute / recive any manipulated settings or configurations or NDI-files
Jan 18, 2023 06:08 AM - edited Jan 18, 2023 06:32 AM