FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
dbabic
Staff
Staff

Description


This article explains how to manually upgrade the IPS Engine on a FortiGate.


Solution

 

The IPS Engine can be upgraded manually as follows:

Login to the GUI and go to System -> FortiGuard -> IPS & Application Control
 
 
 
 
Select 'Upgrade Database', browse the new IPS Engine package and select 'apply'.
 
After upgrading the IPS Engine, restart it by using the CLI command:
# diagnose test application ipsmonitor 99
Note: Performing the activity of upgrading IPS engine will terminate all TCP sessions. 
 
From both GUI and CLI, it's possible to check IPS Engine version before and after upgrade.

CLI:
#  diag autoupdate versions | grep "IPS Attack" -A 6
Note: If when opening FortiGuard, there are no license information about Intrusion Prevention (IPS Engine version, IPS License, etc), enable Intrusion Prevention on System -> Feature Visibility -> Intrusion Prevention.
After this, go back to FortiGuard and all IPS related information should be available.