Fortinet black logo

Administration Guide

FortiGuard

Copy Link
Copy Doc ID b3398b39-9e9d-11ea-8b7d-00505692583a:161156
Download PDF

FortiGuard

Go to System > FortiGuard to view the FortiGuard page.

The following options and information are available:

Module Name

The FortiGuard module name such as AntiVirus Scanner, AntiVirus Extreme Signature, AntiVirus Active Signature, AntiVirus Extended Signature, Network Alerts Signature, Sandbox System Tools, Sandbox Rating Engine, Sandbox Tracer Engine, Android Analytic Engine, Android Rating Engine, Linux Analytic Engine, Linux Rating Engine, Industry Security Signature, and Traffic Sniffer.

All modules automatically install update packages when they are available on FDN.

Current Version

The current version of the module.

Last Check Time

The time that module last checked for an update.

Last Update Time

The time that module was last updated.

Last Check Status

The status of the last update attempt.

Upload Package File

Select Choose File to locate a package file on the management computer, then select Submit to upload the package file to FortiSandbox.

If the unit has no access to the Fortinet FDN servers, you can go to the Customer Service and Support site to download package files manually.

FortiGuard Server Location

Select FDN servers for package update and Web Filtering query. The default selection is Nearest, that is, the closest FDN server according to the unit's time zone. When US Region is selected, only servers inside Unite States are used.

FortiGuard Server Settings

Use override FDN server to download module updates

Select to enable an override FDN server, or FortiManager, to download module update, then enter the server IP address or FQDN in the text box. When an overridden FDN server is used, FortiGuard Server Location will be disabled.

Click Connect FDN Now button to schedule an immediate update check.

Use Proxy

Select to enable a Proxy. Configure the Proxy Type (HTTP Connect, SOCKS v4, or SOCKS v5), Server Name, Port, Proxy Username, and Password.

Connect FDN Now

Click the Connect FDN Now button to connect the override FDN server/Proxy.

FortiGuard Web Filter Settings

Secure Connection

FortiSandbox supports secure XOR Encrypted connections for the FortiGuard Web Filter settings. When checked, the system will use the secure XOR Encrypted mode for the connection.

Use override server for web filtering query

Select to enable an override server address for web filtering query, then enter the server IP address or FQDN in the text box.

By default, the closest web filtering server according to the unit's time zone is used.

Use Proxy

Select to enable a Proxy. Configure the SOCKS v5 server name or IP, Port, Proxy Username, and Password.

VM Image Download Proxy Setting

Use Proxy

Select to enable a Proxy. Configure the Proxy Type (HTTP Connect, SOCKS v4, or SOCKS v5), Server Name/IP, Port, Proxy Username, and Password.

FortiSandbox Community Cloud and Threat Intelligence Settings

Use override server for community cloud server query

Select this option when a FortiManager is used for FortiGuard upgrades in your environment.

When using a FortiManager for FortiGuard upgrades, only verdict information is available for malware. Malware's behavior information is not available.

Use Proxy

Select to enable a Proxy. Configure the SOCKS v5 server name or IP, Port, Proxy Username, and Password.

FortiGuard

Go to System > FortiGuard to view the FortiGuard page.

The following options and information are available:

Module Name

The FortiGuard module name such as AntiVirus Scanner, AntiVirus Extreme Signature, AntiVirus Active Signature, AntiVirus Extended Signature, Network Alerts Signature, Sandbox System Tools, Sandbox Rating Engine, Sandbox Tracer Engine, Android Analytic Engine, Android Rating Engine, Linux Analytic Engine, Linux Rating Engine, Industry Security Signature, and Traffic Sniffer.

All modules automatically install update packages when they are available on FDN.

Current Version

The current version of the module.

Last Check Time

The time that module last checked for an update.

Last Update Time

The time that module was last updated.

Last Check Status

The status of the last update attempt.

Upload Package File

Select Choose File to locate a package file on the management computer, then select Submit to upload the package file to FortiSandbox.

If the unit has no access to the Fortinet FDN servers, you can go to the Customer Service and Support site to download package files manually.

FortiGuard Server Location

Select FDN servers for package update and Web Filtering query. The default selection is Nearest, that is, the closest FDN server according to the unit's time zone. When US Region is selected, only servers inside Unite States are used.

FortiGuard Server Settings

Use override FDN server to download module updates

Select to enable an override FDN server, or FortiManager, to download module update, then enter the server IP address or FQDN in the text box. When an overridden FDN server is used, FortiGuard Server Location will be disabled.

Click Connect FDN Now button to schedule an immediate update check.

Use Proxy

Select to enable a Proxy. Configure the Proxy Type (HTTP Connect, SOCKS v4, or SOCKS v5), Server Name, Port, Proxy Username, and Password.

Connect FDN Now

Click the Connect FDN Now button to connect the override FDN server/Proxy.

FortiGuard Web Filter Settings

Secure Connection

FortiSandbox supports secure XOR Encrypted connections for the FortiGuard Web Filter settings. When checked, the system will use the secure XOR Encrypted mode for the connection.

Use override server for web filtering query

Select to enable an override server address for web filtering query, then enter the server IP address or FQDN in the text box.

By default, the closest web filtering server according to the unit's time zone is used.

Use Proxy

Select to enable a Proxy. Configure the SOCKS v5 server name or IP, Port, Proxy Username, and Password.

VM Image Download Proxy Setting

Use Proxy

Select to enable a Proxy. Configure the Proxy Type (HTTP Connect, SOCKS v4, or SOCKS v5), Server Name/IP, Port, Proxy Username, and Password.

FortiSandbox Community Cloud and Threat Intelligence Settings

Use override server for community cloud server query

Select this option when a FortiManager is used for FortiGuard upgrades in your environment.

When using a FortiManager for FortiGuard upgrades, only verdict information is available for malware. Malware's behavior information is not available.

Use Proxy

Select to enable a Proxy. Configure the SOCKS v5 server name or IP, Port, Proxy Username, and Password.