Enabling Push Updates - Fortinet FortiGate FortiGate-1000A Administration Manual
Fortinet fortigate fortigate-1000a: user guide
Hide thumbs
Also See for FortiGate FortiGate-1000A:
- Install manual (58 pages) ,
- Quick start manual (2 pages) ,
- Administration manual (458 pages)
Table of Contents
Advertisement
System Maintenance
Enabling push updates
FortiGate-1000A/FA2 Administration Guide
There are no special tunneling requirements if you have configured an override server
address to connect to the FDN.
The FDN can push updates to FortiGate units to provide the fastest possible response
to critical situations. You must register the FortiGate unit before it can receive push
updates. See
"To register a FortiGate unit" on page
When you configure a FortiGate unit to allow push updates, the FortiGate unit sends a
SETUP message to the FDN. The next time a new antivirus engine, new antivirus
definitions, new attack definitions or new attack engine are released, the FDN notifies
all FortiGate units that are configured for push updates that a new update is available.
Within 60 seconds of receiving a push notification, the FortiGate unit requests an
update from the FDN.
Note: Push updates are not supported if the FortiGate unit must use a proxy server to connect
to the FDN. For more information, see
page
136.
When the network configuration permits, configuring push updates is recommended in
addition to configuring scheduled updates. On average the FortiGate unit receives
new updates sooner through push updates than if the FortiGate unit receives only
scheduled updates. However, scheduled updates make sure that the FortiGate unit
receives the latest updates.
Enabling push updates is not recommended as the only method for obtaining updates.
The FortiGate unit might not receive the push notification. Also, when the FortiGate
unit receives a push notification it makes only one attempt to connect to the FDN and
download updates.
To enable push updates
1
Go to System > Maintenance > Update center.
2
Select Allow Push Update.
3
Select Apply.
Push updates when FortiGate IP addresses change
If you have redundant connections to the Internet, the FortiGate unit also sends the
SETUP message when one Internet connection goes down and the FortiGate unit
fails over to the other Internet connection.
The SETUP message that the FortiGate unit sends when you enable push updates
includes the IP address of the FortiGate interface that the FDN connects to. If your
FortiGate unit is running in NAT/Route mode, the SETUP message includes the
FortiGate interface 2 IP address. If your FortiGate unit is running in Transparent
mode, the SETUP message includes the FortiGate management IP address. The
FDN must be able to connect to this IP address for your FortiGate unit to be able to
receive push update messages. If your FortiGate unit is behind a NAT device, see
"Enabling push updates through a NAT device" on page
"To enable scheduled updates through a proxy server" on
01-28011-0254-20051115
Update center
142.
138.
137
Advertisement
Table of Contents
