|
In the new FortiOS version, ISDBs are categorized in three sizes based on hardware and data file size. The 'mini' database size is typically used by default in smaller hardware devices such as FortiGate 50E and 30E.
The following sizes are available:
- Mini: a small-sized ISDB with a very limited amount of available IP addresses.
- Standard: a medium-sized ISDB with most IP addresses available.
- Full: a large-sized ISDB with all IP addresses available (this ISDB is more likely to contain malicious IPs).
The following ISDB services are included in a mini database:
1245454_Fortinet-FortiGuard.Secure.DNS
65646_Google-Gmail
327793_Microsoft-Microsoft.Update
327837_Microsoft-Dynamics
327886_Microsoft-Intune
1245324_Fortinet-FortiGuard
1245325_Fortinet-FortiMail.Cloud
1245326_Fortinet-FortiCloud
1245432_Fortinet-FortiVoice.Cloud
1966183_Cisco-Webex
6422646_Zoom.us-Zoom.Meeting
327880_Microsoft-Office365.Published
12845290_Blockchain-Crypto.Mining.Pool
2818243_Tor-Exit.Node
2818238_Tor-Relay.Node
3014850_Proxy-Proxy.Server
12779753_VPN-Anonymizing.VPN.Server
3080383_Botnet-C&C.Server
The database type can be verified with the following command:
# diagnose autoupdate versions
Internet-service Mini Database Maps
---------
Version: 7.02930
Contract Expiry Date: n/a
Last Updated using scheduled update on Thu Dec 29 04:14:08 2022
Last Update Attempt: Thu Dec 29 08:13:27 2022
Result: No Updates
For more information, see the following article:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Verifying-which-Internet-Service-database-...
Alternative workaround:
Option 1 - FQDNs or wildcard FQDN
See Using wildcard FQDN addresses in firewall policies in the documentation.
Option 2 - Security Profiles
See Security Profiles in the documentation. The following articles are also relevant:
- Application control
- Web filter
|
