Frequently asked questions

Question	Answer
Are partner rule groups deployed globally or per region?	Per region. You must deploy partner rule groups in each AWS region where you have deployed applications.
Can I view the signatures/rules within the rule group itself?	No. The signatures/rules are propietary vendor information and not exposed to customers.
Can I view the name of the rule that blocked a request?	Yes. AWS network firewall logs reveal the signature ID and name. If needed, contact Fortinet Customer Service & Support for information.
Why do I get access denied when I click on a rule set to view?	The permissions within the AWS Network Firewall rule groups only permits blanket read/write/execute permissions, so Fortinet cannot share any viewing of the rules without exposing the entire rule set contents.
How can I check if the rule group addresses a particular malware/CVE/vulnerability?	The latest on Fortinet's signatures and insights on ongoing threats throughout the world can be found on the FortiGuard Labs website. There is currently no mechanism to share signature information.
What regions are these rules available in?	Network Firewall Rules are currently available in the following regions. Americas: us-east-1 us-east-2 us-west-1 us-west-2 ca-central-1 sa-east-1 Europe: eu-central-1 eu-west-1 eu-west-2 eu-west-3 eu-south-1 eu-north-1 APAC: ap-east-1 ap-south-1 ap-northeast-1 ap-northeast-2 ap-northeast-3 ap-southeast-1 ap-southeast-2 Other: af-south-1 me-south-1
How frequently does Fortinet update these rules?	The current rules update frequency is once per week.
Does the Fortinet rule group include support?	Yes. By purchasing a Fortinet rule group, customers are entitled for support from Fortinet.
What is the process for opening a support ticket with Fortinet?	Contact Fortinet directly at awsips@fortinet.com.

Question

Answer

Are partner rule groups deployed globally or per region?

Per region. You must deploy partner rule groups in each AWS region where you have deployed applications.

Can I view the signatures/rules within the rule group itself?

No. The signatures/rules are propietary vendor information and not exposed to customers.

Can I view the name of the rule that blocked a request?

Yes. AWS network firewall logs reveal the signature ID and name. If needed, contact Fortinet Customer Service & Support for information.

Why do I get access denied when I click on a rule set to view?

The permissions within the AWS Network Firewall rule groups only permits blanket read/write/execute permissions, so Fortinet cannot share any viewing of the rules without exposing the entire rule set contents.

How can I check if the rule group addresses a particular malware/CVE/vulnerability?

The latest on Fortinet's signatures and insights on ongoing threats throughout the world can be found on the FortiGuard Labs website. There is currently no mechanism to share signature information.

What regions are these rules available in?

Network Firewall Rules are currently available in the following regions.

Americas:

us-east-1
us-east-2
us-west-1
us-west-2
ca-central-1
sa-east-1

Europe:

eu-central-1
eu-west-1
eu-west-2
eu-west-3
eu-south-1
eu-north-1

APAC:

ap-east-1
ap-south-1
ap-northeast-1
ap-northeast-2
ap-northeast-3
ap-southeast-1
ap-southeast-2

Other:

af-south-1
me-south-1

How frequently does Fortinet update these rules?

The current rules update frequency is once per week.

Does the Fortinet rule group include support?

Yes. By purchasing a Fortinet rule group, customers are entitled for support from Fortinet.

What is the process for opening a support ticket with Fortinet?

Contact Fortinet directly at awsips@fortinet.com.

Administration Guide

Frequently asked questions

Frequently asked questions

Frequently asked questions