Connecting To The Fortiresponse Distribution Network - Fortinet FortiGate 50A Installation And Configuration Manual

Updating antivirus and attack definitions

Connecting to the FortiResponse Distribution Network

74
The Update page on the web-based manager displays the following antivirus and
attack definition update information.
Version Current antivirus engine, virus definition, and attack definition version
numbers.
Expiry date Expiry date of your license for antivirus engine, virus definition, and attack
definition updates.
Last update Date and time on which the FortiGate unit last attempted to download
antivirus engine, virus definition, and attack definition updates.
attempt
Last update Success or failure of the last update attempt. No updates means the last
update attempt was successful but no new updates were available. Update
status
succeeded or similar messages mean the last update attempt was
successful and new updates were installed. Other messages can indicate
that the FortiGate was not able to connect to the FDN and other error
conditions.
This section describes:
• Connecting to the FortiResponse Distribution Network
• Manually initiating antivirus and attack definitions updates
• Configuring update logging
Before the FortiGate unit can receive antivirus and attack updates, it must be able to
connect to the FortiResponse Distribution Network (FDN). The FortiGate unit uses
HTTPS on port 8890 to connect to the FDN. The FortiGate external interface must
have a path to the Internet using port 8890. For information about configuring
scheduled updates, see
You can also configure the FortiGate unit to allow push updates. Push updates are
provided to the FortiGate unit from the FDN using HTTPS on UDP port 9443. To
receive push updates, the FDN must have a path to the FortiGate external interface
using UDP port 9443. For information about configuring push updates, see
push updates" on page
The FDN is a world-wide network of FortiResponse Distribution Servers (FDSs).
When the FortiGate unit connects to the FDN it connects to the nearest FDS. To do
this, all FortiGate units are programmed with a list of FDS addresses sorted by
nearest time zone according to the time zone configured for the FortiGate unit. To
make sure the FortiGate unit receives updates from the nearest FDS, check that you
have selected the correct time zone for your area.
To make sure the FortiGate unit can connect to the FDN
1 Go to System > Config > Time and make sure the time zone is set to the time zone
for the region in which your FortiGate unit is located.
2 Go to System > Update.
3 Select Refresh.
The FortiGate unit tests its connection to the FDN. The test results are displayed at
the top of the System Update page.
Virus and attack definitions updates and registration
"Scheduling updates" on page
78.
76.
"Enabling
Fortinet Inc.