Configuring FortiGuard service settings
FortiGuard periodically updates the WAF Signature Database, IP Reputation Database, and Geo IP Database. You can go to the FortiGuard website to download the update packages that you can upload to FortiADC, or you can schedule automatic updates.
Before you begin:
- If you want to perform a manual update, you must download the update file from the FortiGuard website.
You must have Read-Write permission for System settings.
To configure FortiGuard service settings:
- Go to System > Settings.
- Click the FortiGuard tab.
- Complete the configuration as described in FortiGuard service configuration.
- Save the configuration.
Review your registration and license information. If you need to update your registration or renew your license, click Login Now to open the login page for the Fortinet Service & Support website.
Note: If your license is invalid, FortiGuard does not send updates to your FortiADC. The functionality on your FortiADC unit remains intact and useful even though it is out of date.
Shows the hardware model of your FortiADC unit.
Shows the firmware version on your FortiADC unit.
Shows the status of Enhanced Support of your FortiADC unit. .
Shows the status of Comprehensive Support of your FortiADC unit.
Shows the version of the Web Application Firewall Signature file on your FortiADC unit. To manually update the file, click Update to display controls that enable you to select and upload the latest WAF Signature file.
Shows the version of the IP Reputation file on your FortiADC unit. To manually update the file, click Update to display controls that enable you to select and upload the latest IP reputation file.
Shows the version and region of the Geo IP file on your FortiADC unit. To manually update the file, click Update to display controls that enable you to select and upload the latest Geo IP file.
Shows the status of the Web Filter on your FortiADC unit.
Click the button to enable or disable the Scheduled Update feature.
Note: If enabled, you must set the frequency, date, or time of the update schedule. See below.
|Scheduled Update Frequency||
|Scheduled Update Day||
Select the day of the week for the scheduled update.
|Scheduled Update Time||
Specify the time (hour and minute) for the scheduled update.
Click the button to enable or disable the Override Server feature.
Note: This feature provides another option for your FortiADCto connect to FortiGuard when it ( FortiADC) is unable to connect to FortiGuard via the default FortiGuard server IP address.
If enabled, you must enter the Override Server Address that you have obtained from the Fortinet Service and Support team. See below.
|Override Server Address||
Enter the Override Server Address provided by the Fortinet Service and Support team.
Click the button to enable or disable tunneling.
If enabled, you must configure all the settings for the tunneling function. See below.
Note: Tunneling, or port forwarding, is a way of transmitting private (usually corporate) data through a public network in a disguised way — the routing nodes in the public network are unaware that the transmission is part of a private network.
Enter the Tunneling Address that was provided to you.
Enter the Tunneling Port number that was provided to you.
Specify your user name for the tunneling configuration.
Specify your password for the tunneling configuration.
Click the Save button to save your FortiGuard service configuration.
Click the button to enable or disable caching of the categorical lists of websites.
Note: FortiGuard maintains massive lists of web sites classified into categories so that you can enforce categorical decisions in your rules, like "do not do SSL forward proxy for sites belonging to the Personal Privacy category."
Specify a cache expiration value. The default is 3600. The valid range is from 10 to 86,400. When the cache expires, FortiADC initiates an update from FortiGuard.
Specify the port to receive updates. The default is 53. An alternative is 8888.
Click Save to save your Web Filter configuration.