Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ap
Staff
Staff

Created on ‎09-17-2023 09:04 PM Edited on ‎12-11-2024 07:40 AM By Moderator

Article Id 274113

Technical Tip: How to allow Windows update blocked by FortiGate

Description

It is possible that FortiGate might block Windows updates due to security profile inspection by an Antivirus profile, Web Filter profile, or Application control profile.

This article describes how to allow only Windows updates without making any changes to existing security profiles.
Scope FortiGate, Windows update.
Solution
  1. Create a firewall policy with 'Microsoft-Microsoft.Update' ISDB (Internet service database) as a destination in firewall policy without any security profile applied.
 
image.png

 

 

  1. Move it to the top above all firewall policies (or above the firewall policy that blocks Windows updates):
 

image.png

 

After configuring the firewall policy as above, retry Windows updates and it will be successful.
18187
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.