Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    6.2.2
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    system fortiguard

    Configure FortiGuard services.

      config system fortiguard
      Description: Configure FortiGuard services.
      set protocol [udp|http|...]
      set port [8888|53|...]
      set load-balance-servers {integer}
      set update-server-location [usa|any]
      set sandbox-region {string}
      set fortiguard-anycast [enable|disable]
      set fortiguard-anycast-source [fortinet|aws|...]
      set antispam-force-off [enable|disable]
      set antispam-cache [enable|disable]
      set antispam-cache-ttl {integer}
      set antispam-cache-mpercent {integer}
      set antispam-license {integer}
      set antispam-expiration {integer}
      set antispam-timeout {integer}
      set outbreak-prevention-force-off [enable|disable]
      set outbreak-prevention-cache [enable|disable]
      set outbreak-prevention-cache-ttl {integer}
      set outbreak-prevention-cache-mpercent {integer}
      set outbreak-prevention-license {integer}
      set outbreak-prevention-expiration {integer}
      set outbreak-prevention-timeout {integer}
      set webfilter-force-off [enable|disable]
      set webfilter-cache [enable|disable]
      set webfilter-cache-ttl {integer}
      set webfilter-license {integer}
      set webfilter-expiration {integer}
      set webfilter-timeout {integer}
      set sdns-server-ip {user}
      set sdns-server-port {integer}
      set source-ip {ipv4-address}
      set source-ip6 {ipv6-address}
      set proxy-server-ip {ipv4-address}
      set proxy-server-port {integer}
      set proxy-username {string}
      set proxy-password {password}
      set ddns-server-ip {ipv4-address}
      set ddns-server-port {integer}
  end

    config system fortiguard

    Parameter Name Description Type Size
    protocol Protocol used to communicate with the FortiGuard servers.
    udp: UDP for server communication (for use by FortiGuard or FortiManager).
    http: HTTP for server communication (for use only by FortiManager).
    https: HTTPS for server communication (for use by FortiGuard or FortiManager).
    		 option -
    port Port used to communicate with the FortiGuard servers.
    8888: port 8888 for server communication.
    53: port 53 for server communication.
    80: port 80 for server communication.
    443: port 443 for server communication.
    		 option -
    load-balance-servers Number of servers to alternate between as first FortiGuard option. integer Minimum value: 1 Maximum value: 266
    update-server-location Signature update server location.
    usa: FGD servers in United States.
    any: FGD servers in any location.
    		 option -
    sandbox-region Cloud sandbox region. string Maximum length: 63
    fortiguard-anycast Enable/disable use of FortiGuard's anycast network.
    enable: Enable use of FortiGuard's anycast network.
    disable: Disable use of FortiGuard's anycast network.
    		 option -
    fortiguard-anycast-source Configure which of Fortinet's servers to provide FortiGuard services in FortiGuard's anycast network. Default is Fortinet.
    fortinet: Use Fortinet's servers to provide FortiGuard services in FortiGuard's anycast network.
    aws: Use Fortinet's AWS servers to provide FortiGuard services in FortiGuard's anycast network.
    debug: Use Fortinet's internal test servers to provide FortiGuard services in FortiGuard's anycast network.
    		 option -
    antispam-force-off Enable/disable turning off the FortiGuard antispam service.
    enable: Turn off the FortiGuard antispam service.
    disable: Allow the FortiGuard antispam service.
    		 option -
    antispam-cache Enable/disable FortiGuard antispam request caching. Uses a small amount of memory but improves performance.
    enable: Enable FortiGuard antispam request caching.
    disable: Disable FortiGuard antispam request caching.
    		 option -
    antispam-cache-ttl Time-to-live for antispam cache entries in seconds (300 - 86400). Lower times reduce the cache size. Higher times may improve performance since the cache will have more entries. integer Minimum value: 300 Maximum value: 86400
    antispam-cache-mpercent Maximum percent of FortiGate memory the antispam cache is allowed to use (1 - 15%). integer Minimum value: 1 Maximum value: 15
    antispam-license Interval of time between license checks for the FortiGuard antispam contract. integer Minimum value: 0 Maximum value: 4294967295
    antispam-expiration Expiration date of the FortiGuard antispam contract. integer Minimum value: 0 Maximum value: 4294967295
    antispam-timeout Antispam query time out (1 - 30 sec, default = 7). integer Minimum value: 1 Maximum value: 30
    outbreak-prevention-force-off Turn off FortiGuard Virus Outbreak Prevention service.
    enable: Turn off FortiGuard antivirus service.
    disable: Allow the FortiGuard antivirus service.
    		 option -
    outbreak-prevention-cache Enable/disable FortiGuard Virus Outbreak Prevention cache.
    enable: Enable FortiGuard antivirus caching.
    disable: Disable FortiGuard antivirus caching.
    		 option -
    outbreak-prevention-cache-ttl Time-to-live for FortiGuard Virus Outbreak Prevention cache entries (300 - 86400 sec, default = 300). integer Minimum value: 300 Maximum value: 86400
    outbreak-prevention-cache-mpercent Maximum percent of memory FortiGuard Virus Outbreak Prevention cache can use (1 - 15%, default = 2). integer Minimum value: 1 Maximum value: 15
    outbreak-prevention-license Interval of time between license checks for FortiGuard Virus Outbreak Prevention contract. integer Minimum value: 0 Maximum value: 4294967295
    outbreak-prevention-expiration Expiration date of FortiGuard Virus Outbreak Prevention contract. integer Minimum value: 0 Maximum value: 4294967295
    outbreak-prevention-timeout FortiGuard Virus Outbreak Prevention time out (1 - 30 sec, default = 7). integer Minimum value: 1 Maximum value: 30
    webfilter-force-off Enable/disable turning off the FortiGuard web filtering service.
    enable: Turn off the FortiGuard web filtering service.
    disable: Allow the FortiGuard web filtering service to operate.
    		 option -
    webfilter-cache Enable/disable FortiGuard web filter caching.
    enable: Enable FortiGuard web filter caching.
    disable: Disable FortiGuard web filter caching.
    		 option -
    webfilter-cache-ttl Time-to-live for web filter cache entries in seconds (300 - 86400). integer Minimum value: 300 Maximum value: 86400
    webfilter-license Interval of time between license checks for the FortiGuard web filter contract. integer Minimum value: 0 Maximum value: 4294967295
    webfilter-expiration Expiration date of the FortiGuard web filter contract. integer Minimum value: 0 Maximum value: 4294967295
    webfilter-timeout Web filter query time out (1 - 30 sec, default = 7). integer Minimum value: 1 Maximum value: 30
    sdns-server-ip IP address of the FortiDNS server. user Not Specified
    sdns-server-port Port used to communicate with FortiDNS servers. integer Minimum value: 1 Maximum value: 65535
    source-ip Source IPv4 address used to communicate with FortiGuard. ipv4-address Not Specified
    source-ip6 Source IPv6 address used to communicate with FortiGuard. ipv6-address Not Specified
    proxy-server-ip IP address of the proxy server. ipv4-address Not Specified
    proxy-server-port Port used to communicate with the proxy server. integer Minimum value: 0 Maximum value: 65535
    proxy-username Proxy user name. string Maximum length: 64
    proxy-password Proxy user password. password Not Specified
    ddns-server-ip IP address of the FortiDDNS server. ipv4-address Not Specified
    ddns-server-port Port used to communicate with FortiDDNS servers. integer Minimum value: 1 Maximum value: 65535
    Previous
    Next

    system fortiguard

    Configure FortiGuard services.

      config system fortiguard
      Description: Configure FortiGuard services.
      set protocol [udp|http|...]
      set port [8888|53|...]
      set load-balance-servers {integer}
      set update-server-location [usa|any]
      set sandbox-region {string}
      set fortiguard-anycast [enable|disable]
      set fortiguard-anycast-source [fortinet|aws|...]
      set antispam-force-off [enable|disable]
      set antispam-cache [enable|disable]
      set antispam-cache-ttl {integer}
      set antispam-cache-mpercent {integer}
      set antispam-license {integer}
      set antispam-expiration {integer}
      set antispam-timeout {integer}
      set outbreak-prevention-force-off [enable|disable]
      set outbreak-prevention-cache [enable|disable]
      set outbreak-prevention-cache-ttl {integer}
      set outbreak-prevention-cache-mpercent {integer}
      set outbreak-prevention-license {integer}
      set outbreak-prevention-expiration {integer}
      set outbreak-prevention-timeout {integer}
      set webfilter-force-off [enable|disable]
      set webfilter-cache [enable|disable]
      set webfilter-cache-ttl {integer}
      set webfilter-license {integer}
      set webfilter-expiration {integer}
      set webfilter-timeout {integer}
      set sdns-server-ip {user}
      set sdns-server-port {integer}
      set source-ip {ipv4-address}
      set source-ip6 {ipv6-address}
      set proxy-server-ip {ipv4-address}
      set proxy-server-port {integer}
      set proxy-username {string}
      set proxy-password {password}
      set ddns-server-ip {ipv4-address}
      set ddns-server-port {integer}
  end

    config system fortiguard

    Parameter Name Description Type Size
    protocol Protocol used to communicate with the FortiGuard servers.
    udp: UDP for server communication (for use by FortiGuard or FortiManager).
    http: HTTP for server communication (for use only by FortiManager).
    https: HTTPS for server communication (for use by FortiGuard or FortiManager).
    		 option -
    port Port used to communicate with the FortiGuard servers.
    8888: port 8888 for server communication.
    53: port 53 for server communication.
    80: port 80 for server communication.
    443: port 443 for server communication.
    		 option -
    load-balance-servers Number of servers to alternate between as first FortiGuard option. integer Minimum value: 1 Maximum value: 266
    update-server-location Signature update server location.
    usa: FGD servers in United States.
    any: FGD servers in any location.
    		 option -
    sandbox-region Cloud sandbox region. string Maximum length: 63
    fortiguard-anycast Enable/disable use of FortiGuard's anycast network.
    enable: Enable use of FortiGuard's anycast network.
    disable: Disable use of FortiGuard's anycast network.
    		 option -
    fortiguard-anycast-source Configure which of Fortinet's servers to provide FortiGuard services in FortiGuard's anycast network. Default is Fortinet.
    fortinet: Use Fortinet's servers to provide FortiGuard services in FortiGuard's anycast network.
    aws: Use Fortinet's AWS servers to provide FortiGuard services in FortiGuard's anycast network.
    debug: Use Fortinet's internal test servers to provide FortiGuard services in FortiGuard's anycast network.
    		 option -
    antispam-force-off Enable/disable turning off the FortiGuard antispam service.
    enable: Turn off the FortiGuard antispam service.
    disable: Allow the FortiGuard antispam service.
    		 option -
    antispam-cache Enable/disable FortiGuard antispam request caching. Uses a small amount of memory but improves performance.
    enable: Enable FortiGuard antispam request caching.
    disable: Disable FortiGuard antispam request caching.
    		 option -
    antispam-cache-ttl Time-to-live for antispam cache entries in seconds (300 - 86400). Lower times reduce the cache size. Higher times may improve performance since the cache will have more entries. integer Minimum value: 300 Maximum value: 86400
    antispam-cache-mpercent Maximum percent of FortiGate memory the antispam cache is allowed to use (1 - 15%). integer Minimum value: 1 Maximum value: 15
    antispam-license Interval of time between license checks for the FortiGuard antispam contract. integer Minimum value: 0 Maximum value: 4294967295
    antispam-expiration Expiration date of the FortiGuard antispam contract. integer Minimum value: 0 Maximum value: 4294967295
    antispam-timeout Antispam query time out (1 - 30 sec, default = 7). integer Minimum value: 1 Maximum value: 30
    outbreak-prevention-force-off Turn off FortiGuard Virus Outbreak Prevention service.
    enable: Turn off FortiGuard antivirus service.
    disable: Allow the FortiGuard antivirus service.
    		 option -
    outbreak-prevention-cache Enable/disable FortiGuard Virus Outbreak Prevention cache.
    enable: Enable FortiGuard antivirus caching.
    disable: Disable FortiGuard antivirus caching.
    		 option -
    outbreak-prevention-cache-ttl Time-to-live for FortiGuard Virus Outbreak Prevention cache entries (300 - 86400 sec, default = 300). integer Minimum value: 300 Maximum value: 86400
    outbreak-prevention-cache-mpercent Maximum percent of memory FortiGuard Virus Outbreak Prevention cache can use (1 - 15%, default = 2). integer Minimum value: 1 Maximum value: 15
    outbreak-prevention-license Interval of time between license checks for FortiGuard Virus Outbreak Prevention contract. integer Minimum value: 0 Maximum value: 4294967295
    outbreak-prevention-expiration Expiration date of FortiGuard Virus Outbreak Prevention contract. integer Minimum value: 0 Maximum value: 4294967295
    outbreak-prevention-timeout FortiGuard Virus Outbreak Prevention time out (1 - 30 sec, default = 7). integer Minimum value: 1 Maximum value: 30
    webfilter-force-off Enable/disable turning off the FortiGuard web filtering service.
    enable: Turn off the FortiGuard web filtering service.
    disable: Allow the FortiGuard web filtering service to operate.
    		 option -
    webfilter-cache Enable/disable FortiGuard web filter caching.
    enable: Enable FortiGuard web filter caching.
    disable: Disable FortiGuard web filter caching.
    		 option -
    webfilter-cache-ttl Time-to-live for web filter cache entries in seconds (300 - 86400). integer Minimum value: 300 Maximum value: 86400
    webfilter-license Interval of time between license checks for the FortiGuard web filter contract. integer Minimum value: 0 Maximum value: 4294967295
    webfilter-expiration Expiration date of the FortiGuard web filter contract. integer Minimum value: 0 Maximum value: 4294967295
    webfilter-timeout Web filter query time out (1 - 30 sec, default = 7). integer Minimum value: 1 Maximum value: 30
    sdns-server-ip IP address of the FortiDNS server. user Not Specified
    sdns-server-port Port used to communicate with FortiDNS servers. integer Minimum value: 1 Maximum value: 65535
    source-ip Source IPv4 address used to communicate with FortiGuard. ipv4-address Not Specified
    source-ip6 Source IPv6 address used to communicate with FortiGuard. ipv6-address Not Specified
    proxy-server-ip IP address of the proxy server. ipv4-address Not Specified
    proxy-server-port Port used to communicate with the proxy server. integer Minimum value: 0 Maximum value: 65535
    proxy-username Proxy user name. string Maximum length: 64
    proxy-password Proxy user password. password Not Specified
    ddns-server-ip IP address of the FortiDDNS server. ipv4-address Not Specified
    ddns-server-port Port used to communicate with FortiDDNS servers. integer Minimum value: 1 Maximum value: 65535
    Previous
    Next