12.03.2015 Views

FortiGate Administration Guide - FirewallShop.com

FortiGate Administration Guide - FirewallShop.com

FortiGate Administration Guide - FirewallShop.com

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

System Maintenance<br />

FortiGuard Center<br />

For more information, see “Enabling push updates through a NAT device” on<br />

page 196.<br />

Figure 110:AntiVirus and IPS Options section<br />

Use override<br />

server address<br />

Allow Push<br />

Update<br />

Push Update<br />

Status Icon<br />

Use override<br />

push<br />

IP<br />

port<br />

Scheduled<br />

Update<br />

Every<br />

Daily<br />

Select to configure an override server if you cannot connect to the FDN<br />

or if your organization provides updates using their own FortiGuard<br />

server.<br />

When selected, enter the IP address or domain name of a FortiGuard<br />

server and select Apply. If the FDN Status still indicates no connection<br />

to the FDN, see “Troubleshooting FDN connectivity” on page 193.<br />

Select to allow push updates. Updates will be sent to your <strong>FortiGate</strong> unit<br />

when they are available without you checking if they are available.<br />

Push Update Status Icon shows the status of the push update service.<br />

The status of the <strong>FortiGate</strong> unit for receiving push updates:<br />

• grey - unreachable - <strong>FortiGate</strong> unit is not able to connect to push<br />

update service<br />

• yellow - not available - push update service is not available with<br />

current support license<br />

• green - available - push update service is allowed. See “To enable<br />

push updates” on page 195.<br />

If the icon is either grey or yellow, see “Troubleshooting FDN<br />

connectivity” on page 193.<br />

Enable if there is a NAT device between the <strong>FortiGate</strong> unit and the FDS.<br />

Override push allows you to create a forwarding policy that redirects<br />

in<strong>com</strong>ing FDS push updates to your <strong>FortiGate</strong> unit.<br />

The NAT device must be configured to forward the FDS traffic to the<br />

<strong>FortiGate</strong> unit, including UDP port 9443.<br />

See “Enabling push updates through a NAT device” on page 196.<br />

Available only if Allow Push Update is selected.<br />

Enter the IP address of the NAT device in front of your <strong>FortiGate</strong> unit.<br />

FDS will connect to this device when attempting to reach the <strong>FortiGate</strong><br />

unit.<br />

Available only if Use override push is enabled.<br />

Select the port on the NAT device that will receive the FDS push<br />

updates. This port must be forwarded to UDP port 9443 on the<br />

<strong>FortiGate</strong> unit.<br />

Available only if Use override push is enabled.<br />

Select this check box to enable scheduled updates.<br />

Attempt to update once every 1 to 23 hours. Select the number of hours<br />

between each update request.<br />

Attempt to update once a day. You can specify the hour of the day to<br />

check for updates. The update attempt occurs at a randomly<br />

determined time within the selected hour.<br />

<strong>FortiGate</strong> Version 3.0 MR5 <strong>Administration</strong> <strong>Guide</strong><br />

01-30005-0203-20070830 191

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!