FortiGuard Services
 
FortiGuard Services
The FortiGuard Distribution Network (FDN) provides FortiGuard services for your FortiManager system and its managed devices and agents. The FDN is a world-wide network of FortiGuard Distribution Servers (FDS) which update the FortiGuard services on your FortiManager system on a regular basis so that your FortiManager system is protected against the latest threats.
The FortiGuard services available on the FortiManager system include:
Antivirus (AV) and Intrusion Protection (IPS) engines and signatures
Web Filtering and Email Filter rating databases and lookups (select systems)
To view and configure these services, go to System Settings > FortiGuard Center > Configuration.
In FortiGuard Center, you can configure the FortiManager system to act as a local FDS, or use a web proxy server to connect to the FDN. FortiManager systems acting as a local FDS synchronize their FortiGuard service update packages with the FDN, then provide FortiGuard these updates and look up replies to your private network’s FortiGate devices. The local FDS provides a faster connection, reducing Internet connection load and the time required to apply frequent updates, such as Antivirus signatures, to many devices.
As an example, you might enable FortiGuard services to FortiGate devices on the built-in FDS, then specify the FortiManager system’s IP address as the override server on your devices. Instead of burdening your Internet connection with all the devices downloading Antivirus updates separately, the FortiManager system would use the Internet connection once to download the FortiGate Antivirus package update, then re‑distribute the package to the devices.
FortiGuard Center also includes firmware revision management. To view and configure firmware options, go to System Settings > FortiGuard Center > Firmware Images. You can download these images from the Customer Service & Support site to install on your managed devices or on the FortiManager system.
Before you can use your FortiManager system as a local FDS, you must:
Register your devices with Fortinet Customer Service & Support and enable the FortiGuard service licenses. See your device documentation for more information on registering your products.
If the FortiManager system’s Unregistered Device Options do not allow service to unregistered devices, add your devices to the device list, or change the option to allow service to unregistered devices.
For information about FDN service connection attempt handling or adding devices, see “Device Management” on page 144.
Enable and configure the FortiManager system’s built-in FDS. For more information, see “Configuring network interfaces”.
Connect the FortiManager system to the FDN.
The FortiManager system must retrieve service update packages from the FDN before it can redistribute them to devices and agents on the device list. For more information, see “Connecting the built-in FDS to the FDN”.
Configure each device or FortiClient agent to use the FortiManager system’s built‑in FDS as their override server. You can do this when adding a FortiGate system. For more information, see “Adding a device”.
This section contains the following topics:
FortiGuard center
Configuring devices to use the built-in FDS
Configuring FortiGuard services
Logging events related to FortiGuard services
Restoring the URL or antispam database
 
For information on current security threats, virus and spam sample submission, and FortiGuard service updates available through the FDN, including Antivirus (AV), Intrusion Protection (IPS), Web Filtering (WF), and Email Filter, see the FortiGuard web site, http://www.fortiguard.com/.