Fortinet black logo

CLI Reference

av-ips

av-ips

Use the following commands to configure antivirus settings.

av-ips advanced-log

Use this command to enable logging of FortiGuard Antivirus and IPS update packages received by the FortiAnalyzer unit’s built-in FDS from the FortiGuard Distribution Network (FDN).

Syntax

config fmupdate av-ips advanced-log

set log-fortigate {enable | disable}

set log-server {enable | disable}

end

Variables

Description

log-fortigate {enable | disable}

Enable/disable logging of FortiGuard Antivirus and IPS service updates of FortiGate devices. Default: disable

log-server {enable | disable}

Enable/disable logging of update packages received by the built-in FDS server. Default: disable

Example

Enable logging of FortiGuard Antivirus updates to FortiClient installations and update packages downloaded by the built-in FDS from the FDN.

config fmupdate av-ips advanced-log

set log-forticlient enable

set log-server enable

end

av-ips update-schedule

Use this command to configure the built-in FDS to retrieve FortiGuard Antivirus and IPS updates at a specified day and time.

Syntax

config fmupdate av-ips update-schedule

set day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

set frequency {every | daily | weekly}

set status {enable | disable}

set time <hh:mm>

end

Variables

Description

day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

Enter the day of the week when the update will begin.

This option only appears when the frequency is weekly.

frequency {every | daily | weekly}

Enter to configure the frequency of the updates. The following options are available:

  • every: Time interval.
  • daily: Every day.
  • weekly: Every week.

Default: every

status {enable | disable}

Enable/disable regularly scheduled updates. Default: enable

time <hh:mm>

Enter the time or interval when the update will begin. For example, if you want to schedule an update every day at 6:00 PM, enter 18:00.

The time period format is the 24-hour clock: hh=0-23, mm=0-59. If the minute is 60, the updates will begin at a random minute within the hour.

If the frequency is every, the time is interpreted as an hour and minute interval, rather than a time of day.

Default: 01:60

Example

You could schedule the built-in FDS to request the latest FortiGuard Antivirus and IPS updates every five hours, at a random minute within the hour.

config fmupdate av-ips udpate-schedule

set status enable

set frequency every

set time 05:60

end

av-ips web-proxy

Use this command to configure a web proxy if FortiGuard Antivirus and IPS updates must be retrieved through a web proxy.

Syntax

config fmupdate av-ips web-proxy

set ip <ipv4_address>

set ip6 <ipv6_address>

set mode {proxy | tunnel}

set password <password>

set port <integer>

set status {enable | disable}

set username <username_string>

end

Variables

Description

ip <ipv4_address>

Enter the IPv4 address of the web proxy. Default: 0.0.0.0

ip6 <ipv6_address>

Enter the IPv6 address of the web proxy.

mode {proxy | tunnel}

Enter the web proxy mode. The following options are available:

  • proxy: HTTP proxy.
  • tunnel: HTTP tunnel.

password <password>

If the web proxy requires authentication, enter the password for the user name.

port <integer>

Enter the port number of the web proxy. Range: 1 to 65535. Default: 80

status {enable | disable}

Enable/disable connections through the web proxy. Default: disable

username <username_string>

If the web proxy requires authentication, enter the user name.

Example

You could enable a connection through a non-transparent web proxy on an alternate port.

config fmupdate av-ips web-proxy

set status enable

set mode proxy

set ip 10.10.30.1

set port 8890

set username avipsupdater

set password cvhk3rf3u9jvsYU

end

av-ips

Use the following commands to configure antivirus settings.

av-ips advanced-log

Use this command to enable logging of FortiGuard Antivirus and IPS update packages received by the FortiAnalyzer unit’s built-in FDS from the FortiGuard Distribution Network (FDN).

Syntax

config fmupdate av-ips advanced-log

set log-fortigate {enable | disable}

set log-server {enable | disable}

end

Variables

Description

log-fortigate {enable | disable}

Enable/disable logging of FortiGuard Antivirus and IPS service updates of FortiGate devices. Default: disable

log-server {enable | disable}

Enable/disable logging of update packages received by the built-in FDS server. Default: disable

Example

Enable logging of FortiGuard Antivirus updates to FortiClient installations and update packages downloaded by the built-in FDS from the FDN.

config fmupdate av-ips advanced-log

set log-forticlient enable

set log-server enable

end

av-ips update-schedule

Use this command to configure the built-in FDS to retrieve FortiGuard Antivirus and IPS updates at a specified day and time.

Syntax

config fmupdate av-ips update-schedule

set day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

set frequency {every | daily | weekly}

set status {enable | disable}

set time <hh:mm>

end

Variables

Description

day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

Enter the day of the week when the update will begin.

This option only appears when the frequency is weekly.

frequency {every | daily | weekly}

Enter to configure the frequency of the updates. The following options are available:

  • every: Time interval.
  • daily: Every day.
  • weekly: Every week.

Default: every

status {enable | disable}

Enable/disable regularly scheduled updates. Default: enable

time <hh:mm>

Enter the time or interval when the update will begin. For example, if you want to schedule an update every day at 6:00 PM, enter 18:00.

The time period format is the 24-hour clock: hh=0-23, mm=0-59. If the minute is 60, the updates will begin at a random minute within the hour.

If the frequency is every, the time is interpreted as an hour and minute interval, rather than a time of day.

Default: 01:60

Example

You could schedule the built-in FDS to request the latest FortiGuard Antivirus and IPS updates every five hours, at a random minute within the hour.

config fmupdate av-ips udpate-schedule

set status enable

set frequency every

set time 05:60

end

av-ips web-proxy

Use this command to configure a web proxy if FortiGuard Antivirus and IPS updates must be retrieved through a web proxy.

Syntax

config fmupdate av-ips web-proxy

set ip <ipv4_address>

set ip6 <ipv6_address>

set mode {proxy | tunnel}

set password <password>

set port <integer>

set status {enable | disable}

set username <username_string>

end

Variables

Description

ip <ipv4_address>

Enter the IPv4 address of the web proxy. Default: 0.0.0.0

ip6 <ipv6_address>

Enter the IPv6 address of the web proxy.

mode {proxy | tunnel}

Enter the web proxy mode. The following options are available:

  • proxy: HTTP proxy.
  • tunnel: HTTP tunnel.

password <password>

If the web proxy requires authentication, enter the password for the user name.

port <integer>

Enter the port number of the web proxy. Range: 1 to 65535. Default: 80

status {enable | disable}

Enable/disable connections through the web proxy. Default: disable

username <username_string>

If the web proxy requires authentication, enter the user name.

Example

You could enable a connection through a non-transparent web proxy on an alternate port.

config fmupdate av-ips web-proxy

set status enable

set mode proxy

set ip 10.10.30.1

set port 8890

set username avipsupdater

set password cvhk3rf3u9jvsYU

end