Fortinet white logo
Fortinet white logo

Export/Import function of FortiGuard objects for FortiManager in a closed network

Export/Import function of FortiGuard objects for FortiManager in a closed network

FortiManager now supports exporting and importing of FortiGuard objects in an air-gapped network scenario. The customer has two FortiManager devices – one is online and the other is offline (FortiManager device in an air-gapped network).

FortiManager provides the capability to export selected FortiGuard packages from the online FortiManager, and then import the packages to the offline FortiManager. This permits the offline FortiManager to work as a local FDS in an air-gapped network.

To export FortiGuard packages from the online FortiManager connected to FDN server:
  1. Go to FortiGuard > Package Management > Receive Status.

    The Receive Status tab opens.

  2. In the Receive Status tab, enter the name of the Fortinet product in the top-right search bar to filter related packages.

    For example, in the figure below, the search result displays only FortiSandbox related packages.

  3. Select the Package Name checkbox to select the packages of your choice, and click Export from the toolbar.
  4. Click OK in the Confirm dialog that appears.

    The packages will be downloaded as a compressed file.

    The Export window displays the progress as the packages are downloaded.

    Optionally, you can export packages with checksum so that an integrity check can be performed on the packages when importing.

    FortiManager also supports exporting web filter databases in FortiGuard > Query Server Management > Receive Status.

    The process of exporting web filter databases is same as exporting any other package.

  5. Click Close to close the dialog.
To import FortiGuard packages to the offline FortiManager in a closed network:
  1. In the offline FortiManager, go to FortiGuard > Package Management > Receive Status.
  2. Select Import from the toolbar to import the packages.

    The Import dialog opens.

  3. In the Import dialog, either drag and drop or browse to the compressed FortiGuard package file.

    The Import dialog updates with the compressed file.

  4. In the Import dialog, click OK.

    A confirmation dialog box is displayed.

  5. Click OK.
  6. The Import Task window displays the progress as the package is imported to the offline FortiManager.

    FortiManager also supports importing web filter databases in FortiGuard > Query Server Management > Receive Status.

    The process of importing web filter databases is same as importing any other package.

  7. Click Close.
To export AV-IPS packages to the FTP server through CLI:
  1. In the FortiManager CLI, use the following commands:

    execute fmupdate {ftp | tftp} fds-export <objid> <remote_file> <ip> <remote_path> <user> <password>

Export/Import function of FortiGuard objects for FortiManager in a closed network

Export/Import function of FortiGuard objects for FortiManager in a closed network

FortiManager now supports exporting and importing of FortiGuard objects in an air-gapped network scenario. The customer has two FortiManager devices – one is online and the other is offline (FortiManager device in an air-gapped network).

FortiManager provides the capability to export selected FortiGuard packages from the online FortiManager, and then import the packages to the offline FortiManager. This permits the offline FortiManager to work as a local FDS in an air-gapped network.

To export FortiGuard packages from the online FortiManager connected to FDN server:
  1. Go to FortiGuard > Package Management > Receive Status.

    The Receive Status tab opens.

  2. In the Receive Status tab, enter the name of the Fortinet product in the top-right search bar to filter related packages.

    For example, in the figure below, the search result displays only FortiSandbox related packages.

  3. Select the Package Name checkbox to select the packages of your choice, and click Export from the toolbar.
  4. Click OK in the Confirm dialog that appears.

    The packages will be downloaded as a compressed file.

    The Export window displays the progress as the packages are downloaded.

    Optionally, you can export packages with checksum so that an integrity check can be performed on the packages when importing.

    FortiManager also supports exporting web filter databases in FortiGuard > Query Server Management > Receive Status.

    The process of exporting web filter databases is same as exporting any other package.

  5. Click Close to close the dialog.
To import FortiGuard packages to the offline FortiManager in a closed network:
  1. In the offline FortiManager, go to FortiGuard > Package Management > Receive Status.
  2. Select Import from the toolbar to import the packages.

    The Import dialog opens.

  3. In the Import dialog, either drag and drop or browse to the compressed FortiGuard package file.

    The Import dialog updates with the compressed file.

  4. In the Import dialog, click OK.

    A confirmation dialog box is displayed.

  5. Click OK.
  6. The Import Task window displays the progress as the package is imported to the offline FortiManager.

    FortiManager also supports importing web filter databases in FortiGuard > Query Server Management > Receive Status.

    The process of importing web filter databases is same as importing any other package.

  7. Click Close.
To export AV-IPS packages to the FTP server through CLI:
  1. In the FortiManager CLI, use the following commands:

    execute fmupdate {ftp | tftp} fds-export <objid> <remote_file> <ip> <remote_path> <user> <password>