FortiManager and FortiGuard
The FortiGuard Distribution Network (FDN) provides FortiGuard services for FortiManager systems and their managed devices as well as FortiClient agents. The FDN is a world-wide network of FortiGuard Distribution Servers (FDS), which update the FortiGuard services on your FortiManager system on a regular basis so that your FortiManager system is protected against the latest threats.
The FortiGuard services available on the FortiManager system include:
- Antivirus and IPS engines and signatures
- Web filtering and email filtering rating databases and lookups (select systems)
- Vulnerability scan and management support for FortiAnalyzer
In FortiGuard Management, you can configure the FortiManager system to act as a local FDS, or use a web proxy server to connect to the FDN. FortiManager systems acting as a local FDS synchronize their FortiGuard service update packages with the FDN, then provide FortiGuard these updates and look up replies to your private network’s FortiGate devices. The local FDS provides a faster connection, reducing Internet connection load and the time required to apply frequent updates, such as antivirus signatures, to many devices.
The following table identifies what ports FortiManager uses with FortiGuard:
Functionality | Port(s) |
---|---|
FortiManager Antispam or Web Filtering rating lookup from a FortiClient endpoint or FortiGate unit |
UDP 53 and 888, TCP 80 |
FortiManager Antivirus or IPS (Intrusion Prevention System) update request from a FortiGate unit |
TCP 8890 |
FortiManager listens to FortiGuard for FortiClient AV/IPS database and WebFilter database updates |
TCP 80/8891 |
FortiManager Antivirus or IPS update FDN connection FortiManager WF/AS update FortiManager firmware images update |
TCP 443 |
FortiGuard Antivirus or IPS Push update to FortiManager |
UDP 9443 |