Skip to main content
kelv1n
kelv1n
New Member
October 8, 2015
Question

Application Control - App missing from FM but is on Fortigate

  • October 8, 2015
  • 2 replies
  • 17049 views

Hi Everyone

 

We use App Control/Sensor to have fine-grain control over which Apps can leave through our Firewall, but we've recently discovered the Fortigates are blocking an app called "Microsoft.Authentication",  This App is shown in the list on our Fortigates, but its not available on the FortiManager. 

 

Any ideas on how to fix this? I've checked Fortiguard Tab -> Advanced, and all the services are showing as synchronized.  

 

I'm assuming the FortiManager uses the same packages for the Policy editor, or is there another location I need to update?

2 replies

scao_FTNT
Staff
scao_FTNT
Staff
October 8, 2015

FMG is on 5.2.4? FMG IPS list and APP list is retrieved from this ADOM managed FGT

 

can you provide your FGT "get system status" ?

 

Thanks

 

Simon

kelv1n
kelv1nAuthor
New Member
October 8, 2015

Hi Simon

Sure, details are as follows 

 

 
Connected
 
FMG-VM64 # get system status 
Platform Type                   : FMG-VM64
Platform Full Name              : FortiManager-VM64
Version                         : v5.2.4-build0738 150923 (GA)
Serial Number                   : FMG-VM0A14002276
BIOS version                    : 04000002
Hostname                        : FMG-VM64
Max Number of Admin Domains     : 20
Max Number of Device Groups     : 20
Admin Domain Configuration      : Enabled
HA Mode                         : Stand Alone
Branch Point                    : 738
Release Version Information     : GA
Current Time                    : Thu Oct 08 22:54:05 BST 2015
Daylight Time Saving            : Yes
Time Zone                       : (GMT) Greenwich Mean Time:Dublin, Edinburgh, Lisbon, London.
x86-64 Applications             : Yes
Disk Usage                      : Free 89.97GB, Total 157.48GB
File System                     : Ext4
License Status                  : Valid
 
FMG-VM64 #
scao_FTNT
Staff
scao_FTNT
Staff
October 8, 2015

thanks for the update, but I need FGT :), mainly for below info

 

Version: FortiGate-VM v5.2.0,build0691,150905 (Interim) Virus-DB: 28.00295(2015-09-25 11:13) Extended DB: 28.00295(2015-09-25 11:12) Extreme DB: 1.00000(2012-10-17 15:47) IPS-DB: 5.00613(2015-02-17 00:58) IPS-ETDB: 6.00700(2015-09-24 00:49)

 

by the way, if you try to do "Device Manager" device right click menu refresh for the FGT, can you see IPS/APP list updated on FMG side?

 

Thanks

 

Simon

 

 

 

kelv1n
kelv1nAuthor
New Member
October 9, 2015

Hi

Yep, its set to use extended.  I'd happily go back to the standard one if it would fix this issue.  Very suprised though the FM does not support the extended.

scao_FTNT
Staff
scao_FTNT
Staff
October 9, 2015

FMG should support ETDB version update in 5.2.4 (but no auto update, need a manual refresh)

 

I will test in the lab for your case and try to reproduce this

 

Thanks

 

Simon

kelv1n
kelv1nAuthor
New Member
October 9, 2015

Hi Simon

 

The Microsoft.Authentation has now appeared in FMG, vary bizarre.. I've not made any direct changes on the FMG.

 

I did commit a policy change to the FGT, then disabled the extended IPS signatures, but this has not been re-imported into the FMG, so I can't see this having any impact!

Terms & ConditionsCookie settingsAccessibility statement