DescriptionThis article explains how to manually update FortiADC security service and signature definition for a FortiADC unitScope
Solution1) Log in to the Customer Service & Support web portal here, and select the 'Download' option, followed by 'FortiGuard Service Updates'.
2) Select 'FortiADC' menu for WAF signature file list for respective firmware version.
3) Select 'IP Reputation Updates' menu to download FortiADC IP Reputation definition package.
4) Save WAF and IP Reputation update definition package file at your local storage.
Manual update signature package via web UI:
1) Login to FortiADC via web UI
2) Browser to below path
Go to: System -> Settings -> FortiGuard -> Update Schedule
-Click [Update]
-Click 'Browse' button
-Select signature file
-Open respective signature file
-Click upload button to start upload and update process
3) Verify WAF and IP Reputation signature status
Go to: System -> Settings -> FortiGuard -> FortiGuard Services
Manual update signature package via CLI:
1) Login to FortiADC via SSH
2) Upload WAF and IP Reputation signature files to a TFTP server
3) Commands
# exec restore reputation-black-list tftp <string> <ip>
# exec restore waf-signature tftp <string> <ip>
4) Example:
# exec restore waf-signature tftp /addb.00001.00020.pkg 10.127.1.38
Connect to tftp server 10.127.1.38 ...
Please wait...
Get waf signature from tftp server OK.
5) Verify WAF and IP reputation status
# get sys status
|
WAF Signature DB: 00001.00020 (Expire: 2020-7-6)
|
IP Reputation DB: 00004.00515 (Expire: 2020-7-6)
|
Geography IP DB: 00002.00036
|
Geography Regions: 00002.00024 (CN)
|