FortiGuard Management – FortiManager 5.2

FortiGuard Management

The FortiGuard Distribution Network (FDN) provides FortiGuard services for your FortiManager system and its managed devices and FortiClient agents. The FDN is a world-wide network of FortiGuard Distribution Servers (FDS) which update the FortiGuard services on your FortiManager system on a regular basis so that your FortiManager system is protected against the latest threats.

The FortiGuard services available on the FortiManager system include:

l Antivirus and IPS engines and signatures l Web filtering and email filtering rating databases and lookups (select systems) l Vulnerability scan and management support for FortiAnalyzer

To view and configure these services, go to FortiGuard > FortiGuard Management > Advanced Settings.

In FortiGuard Management, you can configure the FortiManager system to act as a local FDS, or use a web proxy server to connect to the FDN. FortiManager systems acting as a local FDS synchronize their FortiGuard service update packages with the FDN, then provide FortiGuard these updates and look up replies to your private network’s FortiGate devices. The local FDS provides a faster connection, reducing Internet connection load and the time required to apply frequent updates, such as antivirus signatures, to many devices.

As an example, you might enable FortiGuard services to FortiGate devices on the built-in FDS, then specify the FortiManager system’s IP address as the override server on your devices. Instead of burdening your Internet connection with all the devices downloading antivirus updates separately, the FortiManager system would use the Internet connection once to download the FortiGate antivirus package update, then redistribute the package to the devices.

FortiGuard Management also includes firmware revision management. To view and configure firmware options, go to FortiGuard Management > Firmware Images. You can download these images from the Customer Service & Support portal to install on your managed devices or on the FortiManager system.

Before you can use your FortiManager system as a local FDS, you must:

  • Register your devices with Fortinet Customer Service & Support and enable the FortiGuard service licenses. See your device documentation for more information on registering your products.
  • If the FortiManager system’s Unregistered Device Options do not allow service to unregistered devices, add your devices to the device list, or change the option to allow service to unregistered devices. For more information, see the FortiManagerCLI Reference.

For information about FDN service connection attempt handling or adding devices, see Device Manager.

  • Enable and configure the FortiManager system’s built-in FDS. For more information, see Configuring network interfaces. l Connect the FortiManager system to the FDN.

The FortiManager system must retrieve service update packages from the FDN before it can redistribute them to devices and FortiClient agents on the device list. For more information, see Connecting the built-in FDS to the FDN.

  • Configure each device or FortiClient endpoint to use the FortiManager system’s built-in FDS as their override server. You can do this when adding a FortiGate system. For more information, see Adding a device.

This section contains the following topics:

  • Advanced settings l Configuring devices to use the built-in FDS l Configuring FortiGuard services l Logging events related to FortiGuard services l Restoring the URL or antispam database l Package management l Query server management l Firmware images

For information on current security threats, virus and spam sample submission, and FortiGuard service updates available through the FDN, including antivirus, IPS, web filtering, and email filtering, see the FortiGuard Center website, http://www.fortiguard.com/.

This entry was posted in Administration Guides, FortiManager and tagged , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.