Description |
This article describes that in a customer's environment where there are several models of Firewall FortiGate, the customer may observe the differences in the number of IPS signatures between those Firewalls, although having the same FortiOS, same IPS engine's version, database (extended), and both of them can connect to FortiGuard servers normally as well as still have enough space for storage.
For example: There are 16,149 IPS signatures on Firewall 601E.
But there are only 10,184 IPS signatures on Firewall 800D.
|
Scope | IPSengine, FortiOS. |
Solution |
The reason here is that the 800D device has CP8 SPU whereas 601E has CP9 SPU. A firewall with CP9 SPU will get the Full Extended Database (the largest IPS Database) ; thus it will have more IPS signatures than the others.
Currently, there are three (3) types of IPS Databases:
This also can be used to explain why some IPS signatures only are available in Full Extended Database (such as 'MS.Exchange.Server.CVE-2021-26858.Remote.Code.Execution'). The customer will need to upgrade the Firewall to a new model (which has CP9 SPU) to get the full list of IPS signatures. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.