Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ap
Staff
Staff

Created on ‎09-17-2023 09:04 PM Edited on ‎12-31-2024 08:12 AM By Community Manager

Article Id 274113

Technical Tip: How to Block Windows update by FortiGate

Description

This article describes possible ways to block Windows updates.
Scope FortiGate, Windows updates.
Solution

Two Ways to Block MS Updates:

  1. ISDBCreate a denied firewall policy with 'Microsoft-Microsoft.Update' ISDB (Internet service database) as a destination in the firewall policy without any security profile applied.
 

image.png

 

 

Move it to the top above all firewall policies. After configuring the firewall policy as above, retry Windows updates and it will be blocked.

 

  1. Application controlCreate an Application control with block application signature MS.Windows.Update 
 

image.png

 

After Creating a Firewall policy and applying application control. After configuring the firewall policy, retry Windows updates and it will be dropped.

 

19825
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.