Fortinet black logo

Administration Guide

IoT packages

IoT packages

You can enable download of packages for the Internet of Things (IoT) service by using the CLI. Following is a summary of how FortiManager handles the IoT packages:

  1. FortiManager downloads packages from FortiGuard.
  2. FortiManager merges the downloaded packages into Run Database.
  3. FortiManager provides the query service.
Note

Downloads of IoT packages from FortiGuard to FortiManager are currently supported only when Anycast is enabled on FortiManager.

Several databases are used for IoT packages. Use the diagnose fmupdate fgd-dbver command to view the following databases for IoT packages:

  • iots: IoT single MAC database

    object ID: 00000000IOTS0000

    Contains IoT info with entry of a single MAC. Considered a delta object because each version contains parts of data, and FortiManager merges all valid data, which is the same as the URL query service.

  • iotr: IoT range MAC database

    object ID: 00000000IOTR0000

    Contains IoT info with entry of a MAC range. Considered a regular object, and FortiManager uses only the latest version.

  • iotm: IoT mapping database

    object ID: 00000000IOTR0000

    Regular object used to map the info data to strings in tag-length-value (TLV) format.

To configure IoT package download:
  1. Enable Anycast on FortiManager:

    config fmupdate fds-setting

    set fortiguard-anycast enable

    end

  2. Enable download of IoT packages:

    config fmupdate service

    set query-iot enable

    end

  3. Configure downloading of IoT packages:

    config fmupdate web-spam fgd-setting

    set iot-log nofilequery

    set iot-preload enable

    set restrict-iots-dbver <string>

    end

IoT packages

You can enable download of packages for the Internet of Things (IoT) service by using the CLI. Following is a summary of how FortiManager handles the IoT packages:

  1. FortiManager downloads packages from FortiGuard.
  2. FortiManager merges the downloaded packages into Run Database.
  3. FortiManager provides the query service.
Note

Downloads of IoT packages from FortiGuard to FortiManager are currently supported only when Anycast is enabled on FortiManager.

Several databases are used for IoT packages. Use the diagnose fmupdate fgd-dbver command to view the following databases for IoT packages:

  • iots: IoT single MAC database

    object ID: 00000000IOTS0000

    Contains IoT info with entry of a single MAC. Considered a delta object because each version contains parts of data, and FortiManager merges all valid data, which is the same as the URL query service.

  • iotr: IoT range MAC database

    object ID: 00000000IOTR0000

    Contains IoT info with entry of a MAC range. Considered a regular object, and FortiManager uses only the latest version.

  • iotm: IoT mapping database

    object ID: 00000000IOTR0000

    Regular object used to map the info data to strings in tag-length-value (TLV) format.

To configure IoT package download:
  1. Enable Anycast on FortiManager:

    config fmupdate fds-setting

    set fortiguard-anycast enable

    end

  2. Enable download of IoT packages:

    config fmupdate service

    set query-iot enable

    end

  3. Configure downloading of IoT packages:

    config fmupdate web-spam fgd-setting

    set iot-log nofilequery

    set iot-preload enable

    set restrict-iots-dbver <string>

    end