Fortinet white logo
Fortinet white logo

CLI Reference

config system fortiguard

config system fortiguard

Use this command to configure how the FortiADC system receives scheduled updates from FortiGuard services.

FortiGuard periodically updates the WAF Signature Database, IP Reputation Database, and Geo IP Database.

Before you begin:

  • You must have read-write permission for system settings.

Syntax

config system fortiguard

set override-server-status {enable|disable}

set override-server-address <string>

set tunneling-status {enable|disable}

set tunneling-dns {enable|disable}

set tunneling-address <proxy_address>

set tunneling-password <password>

set tunneling-port <proxy_port>

set tunneling-username <string>

set anycast {enable|disable}

set anycast-source {fortinet|aws}

set scheduled-update-day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

set scheduled-update-frequency {daily|weekly|every}

set scheduled-update-status {enable|disable}

set scheduled-update-time <hh:mm>

set update-dldb {enable|disable}

end

override-server-status

Enable/disable connection to the override server address.

override-server-address

Override server IP address.

tunneling-status

Enable/disable Web proxy tunneling for FDN. Disabled by default.

tunneling-dns

Enable/disable DNS via web proxy tunneling for FDN.

tunneling-address

Web proxy IP address.

tunneling-password

The password for Web proxy authentication.

tunneling-port

Web proxy port.

tunneling-username

The username for Web proxy authentication.

anycast

Enable/disable anycast fortiguard server. Enabled by default.

anycast-source

Anycast FortiGuard server source.

Choose the source between FDS hosted by Fortinet or a mirror hosted by AWS for better performance.

scheduled-update-day

Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday.

scheduled-update-frequency

  • Every—Schedule periodic updates. Specify the time to perform the update.
  • Daily—Schedule daily updates. Specify the time of day to perform the update.
  • Weekly—Schedule weekly updates. Specify the day and time to perform the update.

scheduled-update-status

Enable/disable scheduled updates.

scheduled-update-time

<hh:mm> hour and minute, hh: 0-23, mm: {00|15|30|45}.

update-dldb

Enable to allow the DLP database to be updated. This is enabled by default.

When update-dldb is disabled, the scheduled FortiGuard service updates will skip the DLP package updates. In addition, if update-dldb is disabled, the execute update-now and execute update-dldb commands will not trigger the DLP package update.

Example

FortiADC-VM # get system fortiguard

scheduled-update-status: enable

scheduled-update-frequency: weekly

scheduled-update-day: Sunday

scheduled-update-time: 04:00

override-server-status: disable

push-update-status : enable

push-update-override-status: disable

tunneling-status : disable

FortiADC-VM # config system fortiguard

FortiADC-VM (fortiguard) # set scheduled-update-time 23:45

FortiADC-VM (fortiguard) # end

FortiADC-VM # get system fortiguard

scheduled-update-status: enable

scheduled-update-frequency: weekly

scheduled-update-day: Sunday

scheduled-update-time: 23:45

override-server-status: disable

push-update-status : enable

push-update-override-status: disable

tunneling-status : disable

See also

config system fortiguard

config system fortiguard

Use this command to configure how the FortiADC system receives scheduled updates from FortiGuard services.

FortiGuard periodically updates the WAF Signature Database, IP Reputation Database, and Geo IP Database.

Before you begin:

  • You must have read-write permission for system settings.

Syntax

config system fortiguard

set override-server-status {enable|disable}

set override-server-address <string>

set tunneling-status {enable|disable}

set tunneling-dns {enable|disable}

set tunneling-address <proxy_address>

set tunneling-password <password>

set tunneling-port <proxy_port>

set tunneling-username <string>

set anycast {enable|disable}

set anycast-source {fortinet|aws}

set scheduled-update-day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

set scheduled-update-frequency {daily|weekly|every}

set scheduled-update-status {enable|disable}

set scheduled-update-time <hh:mm>

set update-dldb {enable|disable}

end

override-server-status

Enable/disable connection to the override server address.

override-server-address

Override server IP address.

tunneling-status

Enable/disable Web proxy tunneling for FDN. Disabled by default.

tunneling-dns

Enable/disable DNS via web proxy tunneling for FDN.

tunneling-address

Web proxy IP address.

tunneling-password

The password for Web proxy authentication.

tunneling-port

Web proxy port.

tunneling-username

The username for Web proxy authentication.

anycast

Enable/disable anycast fortiguard server. Enabled by default.

anycast-source

Anycast FortiGuard server source.

Choose the source between FDS hosted by Fortinet or a mirror hosted by AWS for better performance.

scheduled-update-day

Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday.

scheduled-update-frequency

  • Every—Schedule periodic updates. Specify the time to perform the update.
  • Daily—Schedule daily updates. Specify the time of day to perform the update.
  • Weekly—Schedule weekly updates. Specify the day and time to perform the update.

scheduled-update-status

Enable/disable scheduled updates.

scheduled-update-time

<hh:mm> hour and minute, hh: 0-23, mm: {00|15|30|45}.

update-dldb

Enable to allow the DLP database to be updated. This is enabled by default.

When update-dldb is disabled, the scheduled FortiGuard service updates will skip the DLP package updates. In addition, if update-dldb is disabled, the execute update-now and execute update-dldb commands will not trigger the DLP package update.

Example

FortiADC-VM # get system fortiguard

scheduled-update-status: enable

scheduled-update-frequency: weekly

scheduled-update-day: Sunday

scheduled-update-time: 04:00

override-server-status: disable

push-update-status : enable

push-update-override-status: disable

tunneling-status : disable

FortiADC-VM # config system fortiguard

FortiADC-VM (fortiguard) # set scheduled-update-time 23:45

FortiADC-VM (fortiguard) # end

FortiADC-VM # get system fortiguard

scheduled-update-status: enable

scheduled-update-frequency: weekly

scheduled-update-day: Sunday

scheduled-update-time: 23:45

override-server-status: disable

push-update-status : enable

push-update-override-status: disable

tunneling-status : disable

See also