When events for inactive viruses start appearing in the malware data, the signatures are moved back into the AV Signature Database. Inactive virus signatures are moved to the Extended AV Signature Database (see Configuring antivirus and IPS options in the FortiOS Administration guide.). Signatures for those viruses are kept in the Active AV Signature Database that is used by multiple Fortinet products. For example, antivirus data allow FortiGuard to determine what viruses are currently active. The malware statistics are used to improve various aspects of FortiGate malware protection. This information is never shared with external parties ( Fortinet Privacy Policy). Included with these malware statistics is the IP address and serial number of the FortiGate and the country in which the FortiGate is located. Submission of malware statistics to FortiGuardįortiGates periodically send encrypted Antivirus, IPS, botnet IP list, and Application Control event statistics to FortiGuard. See Anycast and unicast services for a list of services.įor more information, see FortiGuard in the FortiOS Administration guide. The default FortiGuard access mode is anycast. When the FortiGuard protocol is configured to use HTTPS (default), third party certificate verification and OCSP stapling check is implemented for all FortiGuard servers that are connected to FortiOS. If accepting push updates is enabled, the FDN sends notice that a FortiGuard AV and IPS update is available on UDP/9443. The FortiGate must be connected to the internet in order to automatically connect to the FortiGuard Distribution Network (FDN) to validate the license and download FDN updates. The FortiGuard communication protocol is used by FortiGuard to communicate with Fortinet devices.įortiGuard services can be purchased and registered to your FortiGate unit.
0 kommentar(er)
