Fortinet 5.0 Patch 6 Scheduling automatic signature updates

Fortinet 141 FortiWeb 5.0 Patch 6 Administration Guide

See also

•Blocking known attacks & data leaks

•Validating parameters (“input rules”)

•Preventing tampering with hidden inputs

•Limiting file uploads

•Predefined data types

•Predefined suspicious request URLs

•Blacklisting source IPs with poor reputation

•Blacklisting countries & regions

•Updating data analytics definitions

Scheduling automatic signature updates

Your FortiWeb appliance uses signatures, IP lists, and data type definitions for many features,

including to detect attacks such as:

• cross-site scripting (XSS)

• SQL injection

•other common exploits

• data leaks

FortiWeb also can use virus definitions to block trojan uploads, and can use IP reputation

definitions to allow search engines but block botnets and anonymizing proxies preferred by

hackers. FortiGuard services ensure that your FortiWeb is using the most advanced attack

protections. Timely updates are crucial to defending your network.

You can configure the FortiWeb appliance to periodically poll for FortiGuard service updates

from the FDN, and automatically download and apply updates if they exist.

For example, you might schedule update requests every night at 2 AM local time, when traffic

volume is light.

To configure automatic updates

1. Verify that the FortiWeb appliance has a valid license and can connect to the FDN, or

(if destination NAT is used, for example) the IP address that you are using to override the

default IPs for FDN servers. For details, see “To determine your FortiGuard license status” on

page 134 and “To verify FortiGuard update connectivity” on page 136.

2. Go to System > Config > FortiGuard.

To access this part of the web UI, your administrator's account access profile must have

Read and Write permission to items in the Maintenance category. For details, see

“Permissions” on page 47.

The page informs you if you are not registered or if registration has expired. If your

registration is active, continue scheduling updates; otherwise, click Register or Renew.

Alternatively, you can manually upload update packages, or initiate an update request. For

details, see “Manually initiating update requests” on page 144 and “Uploading signature &

geography-to-IP updates” on page 146.

You can manually initiate updates as alternatives or in conjunction with scheduled updates. For

additional/alternative update methods, see “Manually initiating update requests” on page 144.