Operating as an FDS in a Closed Network
The Micro-FortiGuard Server for FortiClient can be operated as a local FDS server when it is in a closed network with no internet connectivity.
Without a connection to a FortiGuard server, update packages and licenses must be manually downloaded from support, and then uploaded to the Micro-FortiGuard Server for FortiClient.
As databases can be large, we recommend uploading them using the CLI. See Uploading packages with the CLI. |
Go to FortiGuard
Enable Communication with FortiGuard Servers |
Toggle OFF to disable communication with the FortiGuard servers. |
Enable Antivirus and IPS Service |
Toggle ON to enable antivirus and intrusion protection service. When on, select what versions of FortiClient to download updates for. |
Enable Web Filter Services |
This option is not functional. |
Upload Options for FortiGate/FortiMail |
|
AntiVirus/IPS Packages |
Select to upload antivirus and IPS packages. Browse for the file you downloaded from the Customer Service & Support portal on your management computer, or drag and drop the file onto the dialog box. Click OK to upload the package to Micro-FortiGuard Server for FortiClient. |
Web Filter Database |
This option is not functional. |
Email Filter Database |
This option is not functional. |
Service License |
This option is not functional. |
Upload Options for FortiClient |
|
AntiVirus/IPS Packages |
Select to upload the FortiClient AntiVirus/IPS packages. Browse for the file you downloaded from the Customer Service & Support portal on your management computer, or drag and drop the file onto the dialog box. Click OK to upload the package to Micro-FortiGuard Server for FortiClient. |
Uploading packages with the CLI
Packages and licenses can be uploaded using the CLI. This should be used when the packages being uploaded are large, like database packages.
To upload packages and license files using the CLI:
- If not already done, disable communications with the FortiGuard server and enable a closed network with the following CLI commands:
config fmupdate publicnetwork
set status disable
end
- Upload an update package or license:
- Load the package or license file to an FTP, SCP, or TFTP server
- Run the following CLI command:
execute fmupdate {ftp | scp | tftp} import <av-ips | fct-av | url | spam | file-query | license-fgt | license-fct | custom-url | domp> <remote_file> <ip> <port> <remote_path> <user> <password>