This setting will disable all signature and engine updates automatically downloaded from the FortiGuard Distribution Network.
FortiGate will no longer automatically update IPS or AV engines, as well as IPS, Application Control, AV, or other signatures.

Engines or signatures locally present on the device will be used for any further UTM inspection.
Disabling this feature can be useful, for example, when a specific engine or signature should be downgraded and remain installed on the old version.

Note:

Disabling these updates prevents automatic downloads from the FortiGuard Distribution Network (FDN), forcing the device to rely on locally installed versions. This is not recommended for production environments as it increases vulnerability to emerging threats. Use only for cases in which:

• Temporary testing or rollback (e.g., after a failed FortiGuard update, until the root cause is resolved).
• Air-gapped or offline deployments.
• Custom update schedules via manual intervention.

Use the following commands in the CLI to stop FortiGuard scheduled updates.

config system autoupdate schedule
    set status disable
end

Alternatively, disable it in the GUI: navigate to System -> FortiGuard ->FortiGuard Updates and disable it by unchecking 'scheduled updates'.

It confirms that the scheduled updates were disabled and will appear in the notification section.