Fortinet 612 FortiWeb 5.0 Patch 6 Administration Guide
Signatures & patches• Upgrade to the latest available firmware to take advantage of new security features and
stability enhancements (see “Updating the firmware” on page 77).
• Use FortiWeb services to take advantage of new definitions for viruses, predefined robots,
data types, URL patterns, disreputable clients, and attack signatures.
Update methods can be either:
• Manual (see “Uploading signature & geography-to-IP updates” on page 146 or “Manually
initiating update requests” on page 144)
• Automatic (see “Scheduling automatic signature updates” on page 141)
Figure 75:System > Config > FortiGuard
Buffer hardeningWhile analyzing traffic, FortiWeb’s HTTP parser must extract and buffer each part in the request
or response. The buffer allows FortiWeb to scan and/or rewrite it before deciding to block or
forward the finished traffic. Buffers are not infinite — due to the physical limitations inherent in
all RAM, they are allocated a maximum size. If the part of the request or response is too large to
fit the buffer, FortiWeb must either pass or block the traffic without further analysis of that part.
Practically speaking, while oversized requests are not common, when they do exist, they may
be harmless. Movie uploads are a common example. HTTP GET requests involving many
database queries with encrypted values are another example. In these cases, hardening the