FortiClient relies on several signature databases to identify and stop malware. Keeping these database up-to-date to remain protected from new threats as they are identified is imperative.
In some situations, FortiClient may fail to update these signatures. In these situations, you must be able to readily identify these endpoints so corrective action can be taken.
EMS can detect when an endpoint is out-of-date by downloading a list of the current versions for signatures and engines and comparing that to the versions reported from FortiClient status updates. EMS can also send an email when this happens. See Configuring Endpoint Alerts.
You can verify if EMS has up-to-date signatures by going to System Settings > FortiGuard Services > View Signature List, and comparing that to FortiGuard.com > Services > Service of interest, such as AV.
- Go to System Settings > FortiGuard Services.
- Configure the Software and Signature Update Services options:
Configure FortiGuard server location to Global, US, or Europe. Europe is only available if you have selected the Enable SSL checkbox.
Enter the desired port number to communicate to the FortiGuard server.
Enable SSL to connect to FortiGuard using HTTPS, or disable SSL to connect using HTTP. HTTPS must be enabled to use the FortiGuard Europe server.
View Signature List
View a list of latest signature versions.
Use FortiManager for client software/signature updates
Turn on to use FortiManager for updating FortiClient software or signatures. You must specify the IP address or hostname for FortiManager as well as the port number.
Configure the port number.
Configure the failover port.
Configure the timeout interval (in seconds).
Enable failover to FDN when FortiManager is unavailable.
- Configure the Cloud Services options:
Select the FortiCloud region from the dropdown list.
Select the FortiCloud time offset from the dropdown list.
- Click Save.