Configuring Antivirus and IPS Options
Go to System > FortiGuard, and expand the AV and IPS Options section to configure the antivirus and IPS
options for connecting and downloading definition files.
Use override server address
Allow Push
Update
Select to configure an override server if you cannot connect to the FDN or if your organ- ization provides updates using their own FortiGuard server.
Select to allow updates sent automatically to your FortiGate when they are available
Allow Push Update status icon
The status of the FortiGate for receiving push updates:
- Gray (Unreachable) – the FortiGate is not able to connect to push update service
- Yellow (Not Available) – the push update service is not available with your current support license
- Green (Available) – the push update service is allowed.
Available only if both Use override server address and Allow Push Update are enabled.
Use override push IP and Port
Enter the IP address and port of the NAT device in front of your FortiGate. FDS will connect to this device when attempting to reach the FortiGate.
The NAT device must be configured to forward the FDS traffic to the FortiGate on
UDP port 9443.
Schedule
Updates
Select this check box to enable updates to be sent to your FortiGate at a specific time. For example, to minimize traffic lag times, you can schedule the update to occur on weekends or after work hours.
Note that a schedule of once a week means any urgent updates will not be pushed until the scheduled time. However, if there is an urgent update required, select the Update Now button.
Update Now Select to manually initiate an FDN update.
Submit attack characteristics… (recommended)
Select to help Fortinet maintain and improve IPS signatures. The information sent to the FortiGuard servers when an attack occurs and can be used to keep the database current as variants of attacks evolve.
Manual updates
To manually update the signature definitions file, you need to first go to the Support web site at https://support.fortinet.com. Once logged in, select FortiGuard Service Updates from the Download area of the web page. The browser will present you the most current antivirus and IPS signature definitions which you can download.
Once downloaded to your computer, log into the FortiGate to load the definition file.
To load the definition file onto the FortiGate
1. Go to System > FortiGuard.
2. Select the Update link for either AV Definitions or IPS Definitions.
3. Locate the downloaded file and select OK. The upload may take a few minutes to complete.
Automatic updates
The FortiGate can be configured to request updates from the FortiGuard Distribution Network. You can configure this to be on a scheduled basis, or with push notifications.
Scheduling updates
Scheduling updates ensures that the virus and IPS definitions are downloaded to your FortiGate on a regular basis, ensuring that you do not forget to check for the definition files yourself. As well, by scheduling updates during off-peak hours, such as evenings or weekends, when network usage is minimal, ensures that the network activity will not suffer from the added traffic of downloading the definition files.
If you require the most up-to-date definitions as viruses and intrusions are found in the wild, the FortiGuard Distribution Network can push updates to the FortiGates as they are developed. This ensures that your network will be protected from any breakouts of a virus within the shortest amount of time, minimizing any damaging effect that can occur. Push updates require that you have registered your FortiGate.
Once push updates are enabled, the next time new antivirus or IPS attack definitions are released, the FDN notifies all the FortiGate that a new update is available. Within 60 seconds of receiving a push notification, the unit automatically requests the update from the FortiGuard servers.
To enable scheduled updates – GUI
1. Go to System > FortiGuard.
2. Click the Expand Arrow for AV and IPS Options.
3. Select the Scheduled Update check box.
4. Select the frequency of the updates and when within that frequency.
5. Select Apply.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!