Thanks for your minds and help!
As part of the development of monitoring in an untrusted environment, the information security team requests additional information about the mechanisms used to protect and validate traffic between the Environment Active Gate (AGE) and cluster nodes. In particular, questions are of interest:
1. Is the message format validation from agents (OneAgent) to AGE and further to cluster nodes? How is validation implemented?
2. Is the cluster protected from the transfer of executable and / or other potentially malicious files (for example, in case of changing the agent code installed in an untrusted environment)? How is this protection implemented?
3. Are agents and/or AGEs that are installed in an untrusted environment protected from modification? How is this protection implemented?