Fortinet Updating Antivirus and Attack Definitions for Fortigate Devices

The Update page on the web-based manager displays the following antivirus and attack definition update information.

This section describes:

•Connecting to the FortiResponse Distribution Network

•Manually initiating antivirus and attack definitions updates

•Configuring update logging

Connecting to the FortiResponse Distribution Network

Before the FortiGate unit can receive antivirus and attack updates, it must be able to connect to the FortiResponse Distribution Network (FDN). The FortiGate unit uses HTTPS on port 8890 to connect to the FDN. The FortiGate external interface must have a path to the Internet using port 8890. For information about configuring scheduled updates, see “Scheduling updates” on page 76.

You can also configure the FortiGate unit to allow push updates. Push updates are provided to the FortiGate unit from the FDN using HTTPS on UDP port 9443. To receive push updates, the FDN must have a path to the FortiGate external interface using UDP port 9443. For information about configuring push updates, see “Enabling push updates” on page 78.

The FDN is a world-wide network of FortiResponse Distribution Servers (FDSs). When the FortiGate unit connects to the FDN it connects to the nearest FDS. To do this, all FortiGate units are programmed with a list of FDS addresses sorted by nearest time zone according to the time zone configured for the FortiGate unit. To make sure the FortiGate unit receives updates from the nearest FDS, check that you have selected the correct time zone for your area.

To make sure the FortiGate unit can connect to the FDN

1Go to System > Config > Time and make sure the time zone is set to the time zone for the region in which your FortiGate unit is located.

2Go to System > Update.

3Select Refresh.

The FortiGate unit tests its connection to the FDN. The test results are displayed at the top of the System Update page.