Configuring Fortiguard Services; Fortiguard Distribution Network; Fortiguard Services - Fortinet FortiGate Series Administration Manual
Hide thumbs
Also See for FortiGate Series:
- Administration manual (60 pages) ,
- Install manual (51 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
Configuring FortiGuard Services
Configuring FortiGuard Services
FortiGuard Distribution Network
FortiGuard services
322
Go to System > Maintenance > FortiGuard to configure your FortiGate unit to use the
FortiGuard Distribution Network (FDN) and FortiGuard Services. The FDN provides
updates to antivirus definitions, IPS definitions, and the Antispam rule set. FortiGuard
Services include FortiGuard web filtering and the FortiGuard Analysis and Management
Service.
The FDN is a world-wide network of FortiGuard Distribution Servers (FDS). The FDN
provides updates to antivirus (including grayware) definitions, IPS definitions, and the
antispam rule set. When the FortiGate unit contacts the FDN, it connects to the nearest
FDS based on the current time zone setting.
The FortiGate unit supports the following update options:
•
user-initiated updates from the FDN
•
hourly, daily, or weekly scheduled antivirus definition, IPS definition, and antispam rule
set updates from the FDN
•
push updates from the FDN
•
update status including version numbers, expiry dates, and update dates and times
•
push updates through a NAT device.
Registering your FortiGate unit on the
contract and connection to the FDN. On the Fortinet Support web page, go to
Registration
and follow the instructions.
The FortiGate unit must be able to connect to the FDN using HTTPS on port 443 to
receive scheduled updates. For more information, see
page
329.
You can also configure the FortiGate unit to receive push updates. When the FortiGate
unit is receiving push updates, the FDN must be able to route packets to the FortiGate unit
using UDP port 9443. For more information, see
the FortiGate unit is behind a NAT device, see
device" on page
331.
Worldwide coverage of FortiGuard services is provided by FortiGuard service points.
When the FortiGate unit is connecting to the FDN, it is connecting to the closest
FortiGuard service point. Fortinet adds new service points as required.
If the closest service point becomes unreachable for any reason, the FortiGate unit
contacts another service point and information is available within seconds. By default, the
FortiGate unit communicates with the service point via UDP on port 53. Alternately, you
can switch the UDP port used for service point communication to port 8888 by going to
System > Maintenance > FortiGuard.
If you need to change the default FortiGuard service point host name, use the hostname
keyword in the system fortiguard CLI command. You cannot change the FortiGuard
service point name using the web-based manager.
For more information about FortiGuard services, see the
Fortinet Support web page
"To enable scheduled updates" on
"Enabling push updates" on page
"Enabling push updates through a NAT
FortiGuard Center
FortiGate Version 4.0 MR1 Administration Guide
http://docs.fortinet.com/
System Maintenance
provides a valid license
Product
330. If
web page.
01-410-89802-20090903
•
Feedback
Advertisement
Table of Contents
