Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiManager 7.0.2 Administration Guide
    7.0.2
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.7
    5.2.6
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3
    5.0.2
    4.3.8
    4.3.7
    4.3.6
    4.3.5
    4.3.4
    4.3.3
    4.3.2
    4.3.1
    4.3.0
    4.2.9
    4.2.8
    4.2.7
    4.2.6
    4.2.5
    4.2.4
    4.2.3
    4.2.2
    4.2.1
    4.2.0
    4.1.0
    4.0.3
    4.0.2
    4.0.1
    4.0.0

    IoT packages

    IoT packages

    You can enable download of packages for the Internet of Things (IoT) service by using the CLI. Following is a summary of how FortiManager handles the IoT packages:

    1. FortiManager downloads packages from FortiGuard.
    2. FortiManager merges the downloaded packages into Run Database.
    3. FortiManager provides the query service.
    Note

    Downloads of IoT packages from FortiGuard to FortiManager are currently supported only when Anycast is enabled on FortiManager.

    Several databases are used for IoT packages. Use the diagnose fmupdate fgd-dbver command to view the following databases for IoT packages:

    • iots: IoT single MAC database

      object ID: 00000000IOTS0000

      Contains IoT info with entry of a single MAC. Considered a delta object because each version contains parts of data, and FortiManager merges all valid data, which is the same as the URL query service.

    • iotr: IoT range MAC database

      object ID: 00000000IOTR0000

      Contains IoT info with entry of a MAC range. Considered a regular object, and FortiManager uses only the latest version.

    • iotm: IoT mapping database

      object ID: 00000000IOTR0000

      Regular object used to map the info data to strings in tag-length-value (TLV) format.

    To configure IoT package download:
    1. Enable Anycast on FortiManager:

      config fmupdate fds-setting

      set fortiguard-anycast enable

      end

    2. Enable download of IoT packages:

      config fmupdate service

      set query-iot enable

      end

    3. Configure downloading of IoT packages:

      config fmupdate web-spam fgd-setting

      set iot-log nofilequery

      set iot-preload enable

      set restrict-iots-dbver <string>

      end

    Previous
    Next

    IoT packages

    IoT packages

    You can enable download of packages for the Internet of Things (IoT) service by using the CLI. Following is a summary of how FortiManager handles the IoT packages:

    1. FortiManager downloads packages from FortiGuard.
    2. FortiManager merges the downloaded packages into Run Database.
    3. FortiManager provides the query service.
    Note

    Downloads of IoT packages from FortiGuard to FortiManager are currently supported only when Anycast is enabled on FortiManager.

    Several databases are used for IoT packages. Use the diagnose fmupdate fgd-dbver command to view the following databases for IoT packages:

    • iots: IoT single MAC database

      object ID: 00000000IOTS0000

      Contains IoT info with entry of a single MAC. Considered a delta object because each version contains parts of data, and FortiManager merges all valid data, which is the same as the URL query service.

    • iotr: IoT range MAC database

      object ID: 00000000IOTR0000

      Contains IoT info with entry of a MAC range. Considered a regular object, and FortiManager uses only the latest version.

    • iotm: IoT mapping database

      object ID: 00000000IOTR0000

      Regular object used to map the info data to strings in tag-length-value (TLV) format.

    To configure IoT package download:
    1. Enable Anycast on FortiManager:

      config fmupdate fds-setting

      set fortiguard-anycast enable

      end

    2. Enable download of IoT packages:

      config fmupdate service

      set query-iot enable

      end

    3. Configure downloading of IoT packages:

      config fmupdate web-spam fgd-setting

      set iot-log nofilequery

      set iot-preload enable

      set restrict-iots-dbver <string>

      end

    Previous
    Next