Advanced settings
The advanced settings provides a central location for configuring and enabling your FortiManager system’s built-in FDS as an FDN override server.
By default, this option is disabled and devices contact FDN directly. After enabling and configuring FortiGuard, and configuring your devices to use the FortiManager system as their FortiGuard server, you can view overall and per device statistics on FortiGuard service benefits. FortiGuard Management has three supported configuration options:
l Antivirus and IPS Update Service for FortiGate l Antivirus and email filter update Service for FortiMail l Vulnerability Scan and Management Support for FortiAnalyzer
FortiGuard Center advanced settings
Configure the following settings:
| Disable communication with the FortiGuard servers. | When disabled, you must upoad packages, databasess, and licenses to your FortiManager. |
| Enable Antivirus and IPS Service | Select to enable antivirus and intrusion protection service. |
| FortiGuard Connection Status | The status of the current connection between the FDN and the FortiManager system.
l Disconnected: Appears when the FDN connection fails. l Connected: Appears when the initial FDN connection succeeds, but a synchronization connection has not yet occurred. l Out of Sync: Appears when the initial FDN connection succeeds, but the built-in FDS is disabled. l Synchronized: Appears when the built-in FDS is enabled, and the FDN packages download successfully. |
| Enable Antivirus and IPS
Update Service for FortiGate |
Select the OS versions from the table for updating antivirus and intrusion protection for FortiGate.
You can select to download updates for FortiOS versions 5.0 (5.2, 5.0,), 4.0 (4.3, 4.2, 4.1, 4.0), and 3.0 (MR7, MR6). |
| Enable Antivirus and Email Select the OS versions from the table for updating antivirus and email filter Filter Update Service for for FortiMail.
FortiMail You can select to download updates for FortiMail OS versions 5.0 (5.1, 5.0), 4.0 (4.1, 4.0), and 3.0 (MR5, MR4). |
| Enable Vulnerability Scan Select the OS versions from the table for supporting Vulnerability Scan and and Management Support Management Support for FortiAnalyzer.
for FortiAnalyzer You can select to download updates for FortiAnalyzer OS versions 5.0 (5.0) and 4.0 (4.3, 4.2, 4.1, 4.0). |
| Enable Web Filter and Ser- Select to enable web filter services.
vices |
| FortiGuard Web Filter and The status of the current connection between the FDN and the FortiManEmail Filter Connection ager system. See FortiGuard Connection Status for more information.
Status |
| Enable Email Filter Services Select to enable email filter services. |
| FortiGuard Web Filter and The status of the current connection between the FDN and the FortiManEmail Filter Connection ager system. See FortiGuard Connection Status for more information.
Status |
| Server Override Mode Select Strict (Access Override ServerOnly) or Loose (Allow Access Other Servers) override mode. |
| FortiGuard Antivirus and IPS Settings |
| FortiGuard Distribution Net- Select the required settings from the following options:
work (FDN) l Use Override Service Address forFortiGate/FortiMail: type an IP address and port number. Select the add icon to add multiple override server addresses (maximum = 10). Select the delete icon to remove entries. l Allow Push Update: type an IP address and port if selected l Use Web Proxy: type an IP address, port, user name, and password is selected l Schedule RegularUpdates: select the update frequency from the drop-down lists if selected. Click Update to apply the changes. |
| Advanced Select whether or not Update Entries from FDS Server and Update Histories forEach FortiGate are logged. |
| FortiGuard Web Filter and Email Filter Settings |
| Connection to FDS Server Select the required settings from the following options:
(s) l Use Override ServerAddress forFortiClient: type an IP address and port number. Select the add icon to add multiple override server addresses (maximum = 10). Select the delete icon to remove entries. l Use Override ServerAddress forFortiGate/FortiMail: type an IP address and port number. Select the add icon to add multiple override server addresses (maximum = 10). Select the delete icon to remove entries. l Use Web Proxy: Type an IP address, port, user name, and password if selected. l Polling Frequency: Type the polling frequency from the drop-down lists. Click Update to apply the changes. |
| Log Settings Select the required settings from the following options: l Log FortiGuard ServerUpdate Events: enable or disable l FortiGuard Web Filtering: Choose from Log URL disabled, Log non-url events, Log all URL lookups.
l FortiGuard Anti-spam: Choose from Log Spam disabled, Log nonspam events, Log all Spam lookups. l FortiGuard Anti-virus Query: Choose from Log Virus disabled, Log non-virus events, Log all Virus lookups. |
| Override FortiGuard Server (Local FortiManager) |
| Additional Number of Priv- Select the add icon on the right side of the column to add additional private ate FortiGuard Servers servers. Type the IP address and selected the time zone of the private (Excluding This One) (#) server to be added. Select the delete icon to remove entries. |
| Enable Antivirus and IPS Select to enable antivirus and IPS update service for private servers. Update Service for Private
Server |
| Enable Web Filter and Select to enable web filter and email filter update service for private servEmail Filter Update Service ers.
for Private Server |
| Allow FortiGates to Access Select to allow FortiGates to access public FortiGuard servers when private Public FortiGuard Servers serves are unavailable. when Private Servers are
Unavailable |