This article describes one possible scenario when FortiGate is not updating security databases such as antivirus and Intrusion Prevention System (IPS) database.
Connection to FortiGuard is successful and there may not be error in debug of update daemon.
To check on the debug when FortiGate is updating to FortiGuard, run the following command:
# diag deb app update -1
diag deb en
fnsysctl killall updated
Noticed also if the following entry in the debug log, the update of the respective databases are disabled due to setting in FortiGate:
__update_upd_comp_by_settings-Disabling FLEN components.
1) Cross-check the firewall policy and ensure that a security profile such as antivirus and/or IPS is configured on at least 1 of the firewall policies.
2) Ensure that the policy that has been configured with the security profile is not in disabled state mode.
In conclusion, FortiGate obtains updates of security databases from FortiGuard only if the respective feature is used.
If no policy is configured with the respective security profile feature, FortiGate will not download the update as the components are not in use.
If the configured policy is in a disabled state, FortiGate will not download the update the respective database.