• All Files

Home

Working with FortiGuard IOCs

The following sections describe how to work with FortiGuard malware domains, IPs, and URLs.

• Working with FortiGuard Malware Domains
• Working with FortiGuard Malware IPs
• Working with FortiGuard Malware URLs

Working with FortiGuard Malware Domains

The following sections describe how to enable, disable, and setup a proxy for the FortiGuard Malware domain.

• Enabling the FortiGuard IOC Service
• Disabling the FortiGuard IOC Service
• Using a Proxy for the FortiGuard IOC Service

Enabling the FortiGuard IOC Service

To start the FortiGuard IOC service, follow these steps:

1. Go to Resources > Malware Domains and select the FortiGuard Malware Domain folder.
2. Select an inactive domain from the table.
3. Click More > Update. In the Update FortiGuard IOC Service dialog box, select Enable IOC Service.
4. (Optional) Schedule the starting of the service. See Specifying a schedule.
5. Click Save.

Disabling the FortiGuard IOC Service

To stop the FortiGuard IOC service, follow these steps:

1. Go to Resources > Malware Domains and select the FortiGuard Malware Domain folder.
2. Select an active domain from the table.
3. Click More > Update. In the Update FortiGuard IOC Service dialog box, select Disable IOC Service.
4. Click Save.

Using a Proxy for the FortiGuard IOC Service

Follow these steps to use a proxy for the FortiGuard IOC service:

1. Go to Resources > Malware Domains and select the FortiGuard Malware Domain folder.
2. Select a domain from the table.
3. Click More > Update. In the Update FortiGuard IOC Service dialog box, select Use Proxy.
4. The Mode will be Proxy. Provide the following information:
   1. IP/Host
   2. Port
   3. User Name
   4. Password
5. Click Save.

Working with FortiGuard Malware IPs

For FortiGuard Malware IPs, go to Resources > Malware IPs, select the FortiGuard Malware IP folder, and repeat the same steps as for FortiGuard Malware Domains.

Working with FortiGuard Malware URLs

For FortiGuard Malware URLs, go to Resources > Malware URLs, select the FortiGuard Malware URL folder, and repeat the same steps as for FortiGuard Malware Domains.