Skip to main content
Zyndarius
Zyndarius
New Member
February 26, 2013
Question

how many times a day does fg update web filter module?

  • February 26, 2013
  • 4 replies
  • 8102 views
greetings I have this doubt, just how many times a day does a fg unit check with service.fortiguard.net the ratings an al that stuff of the web filter? thank you in advance for any answers.

    4 replies

    Dave_Hall
    Dave_Hall
    New Member
    February 26, 2013
    Hi Javier. Going to assume your fgt is on 4.0MR3 and have UTM/web filtering enabled somewhere in a firewall policy. The Fortigate will contact the FortiGuard service whenever there is a URL query that is not contained in the webfilter cache, assuming this cache is enabled and the unit has valid FortiGuard subscription. You can confirm/change these settings from System->Config->FortiGuard. (see attachment.) If you are experiencing issues with the FortiGuard service or content filtering not working, you can use the " get webfilter ?" command to troubleshoot the problem. The fgt device does need a valid working DNS to be able to connect/access the FortiGuard servers though. See also Fortinet KB FD30088 for more troubleshooting steps.
    Zyndarius
    ZyndariusAuthor
    New Member
    February 26, 2013
    Oh, I beg your pardon. Yes, the fortigate unit is with fortiOS v4 mr3 patch11, it is a fg620b with working and valid licenses. web filter cache is enabled with ttl of 3600. These are seconds right? So, if I do understand right, every 3600 seconds the webfilter cache expires and therefore the fg620b contacts services.fortiguard.net to renew this cache with all the ratings and categorizations right?
    Dave_Hall
    Dave_Hall
    New Member
    February 26, 2013
    I think the TTL for each individual entry in the cache. As items " expiry" they are " removed" from the cache. Here is an example of what the cache looks like...
    # get webfilter ftgd-statistics Rating Statistics: ===================== DNS failures : 21861 DNS lookups : 21862 Data send failures : 0 Data read failures : 0 Wrong package type : 0 Hash table miss : 0 Unknown server : 0 Incorrect CRC : 0 Proxy request failures : 0 Request timeout : 25844 Total requests : 1747368 Requests to FortiGuard servers : 431816 Server errored responses : 0 Relayed rating : 0 Invalid profile : 0 Allowed : 1545078 Blocked : 0 Logged : 89598 Errors : 22001 Cache Statistics: ===================== Maximum memory : 10504518 Memory usage : 10501291 Nodes : 71940 Leaves : 48889 Prefix nodes : 2410 Exact nodes : 46480 Requests : 1632583 Misses : 431816 Hits : 1200767 Prefix hits : 1101873 Exact hits : 98894 No cache directives : 0 Add after prefix : 1019004 Invalid DB put : 0 DB updates : 5266 Percent full : 100% Branches : 32% Leaves : 68% Prefix nodes : 5% Exact nodes : 95% Miss rate : 26% Hit rate : 74% Prefix hits : 92% Exact hits : 8% #
    Zyndarius
    ZyndariusAuthor
    New Member
    February 28, 2013
    Ok, thank you very much. By the way, is it possible to know how much time does the fortigate unit take to update with service.fortiguard.net?
    Terms & ConditionsAccessibility statement