config system fortiguard update

Use this command to configure how FortiNDR will retrieve the most recent Fortiguard Neural Networks engine and database updates.

Syntax

set scheduled-update-day <day_int>

set scheduled-update-frequency {daily | every | weekly}

set scheduled-update-status {enable | disable}

set scheduled-update-time <time_str>

set override-server-status {enable | disable }

set override-include-default-servers {enable | disable }

set override-server-port <port_num>

set override-server-address-main <ovr_svr_1 ovr_svr_2 ...>

set override-server-address-alt <ovr_svr_1 ovr_svr_2 ...>

set tunneling-status {enable | disable}

set tunneling-address {web_proxy_address}

set tunneling-port {web_proxy_port}

set tunneling-username {proxy_user_name}

set tunneling-password {proxy_user_password}

end

Variable

Description

Default

scheduled-update-day <day_int>

Enter the day of the week at which FortiNDR will request updates where the range is from 0-6 and 0 means Sunday and 6 means Saturday.

0

scheduled-update-frequency {every | daily | weekly}

Enter the frequency at which FortiNDR will request updates. You also need to configure scheduled-update-day <day_int> and scheduled-update-time <time_str>.

every

scheduled-update-status {enable | disable}

Enable to perform updates according to the configured schedule.

disable

scheduled-update-time <time_str>

Enter the time of the day at which FortiNDR will request updates, in the format hh:mm, where hh means update on every (1-23) hours, mm means starting on minutes (0-59), and 60 means random minutes.

01:60

override-server-status

When enabled, this will force the FDS update to point to the override server address(es).

disable

override-server-include-default-servers

In the case when the override servers cannot be reached, this will attempt to try to connect to the default servers as a fallback

enable

override-server-port

Port of the override servers.

443

override-server-address-main

The address(es) of the override server(s) for the main FDS downloads (to override fai.fortinet.net).

The override addresses can be an IP address or a hostname. Multiple override server addresses can be entered if each one is separated by a space.

When using multiple override server addresses, the first one on the list will be attempted first, if it cannot be reached, then the updater will try the second address and so on.

Both the override-server-address-main and override-server-address-alt must be set at the same time.

0.0.0.0

override-server-address-alt

The address(es) of the override server(s) for the main FDS downloads (to override update.fortiguard.net).

The override addresses can be an IP address or a hostname. Multiple override server addresses can be entered if each one is separated by a space.

When using multiple override server addresses, the first one on the list will be attempted first, if it cannot be reached, then the updater will try the second address and so on.

Both the override-server-address-main and override-server-address-alt must be set at the same time.

0.0.0.0

tunneling-status {enable | disable}

Turn proxying FDS communication on and off.

disable

tunneling-address <web_proxy_address>

Set IP (ipv4/ipv6) of web proxy server that FortiNDR will be using to communicate with FDS servers.

0.0.0.0

tunneling-port <web_proxy_port>

Set port of web proxy server that FortiNDR will be using to communicate with FDS servers.

0

tunneling-username <proxy_user_name>

Set user name of web proxy server that FortiNDR will be using to communicate with FDS servers.

tunneling-password <proxy_user_password}>

Set user password of web proxy server that FortiNDR will be using to communicate with FDS servers

override-server-status	When enabled, will force the FDS update to point to the override server address(es)	disable
override-server-include-default-servers	In the case when the override servers cannot be reached, will attempt to try to connect to the default servers as a fallback	enable
override-server-port	Port of the override servers	443
override-server-address-main	The address(es) of the override server(s) for the main FDS downloads (to override fai.fortinet.net). The override addresses can be an IP address or a hostname. Multiple override server addresses can be entered if each one is separated by a space. When using multiple override server addresses, the first one on the list will be attempted first, if it cannot be reached, then the updater will try the second address etc. Note that both the override-server-address-main and override-server-address-alt must be set at the same time.	0.0.0.0
override-server-address-alt	The address(es) of the override server(s) for the main FDS downloads (to override update.fortiguard.net). The override addresses can be an IP address or a hostname. Multiple override server addresses can be entered if each one is separated by a space. When using multiple override server addresses, the first one on the list will be attempted first, if it cannot be reached, then the updater will try the second address etc. Note that both the override-server-address-main and override-server-address-alt must be set at the same time.	0.0.0.0