Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
csharma85
Staff
Staff

Created on ‎05-27-2024 10:02 PM Edited on ‎05-27-2024 10:04 PM By Community Manager

Article Id 317605

Technical Tip: How to allow only Edge and Windows updates for a Windows machine

Description This article describes how to allow only Edge and Windows updates for a Windows machine
Scope FortiGate.
Solution

For Edge updates, create a firewall policy with the below destination:

 

msedge.api.cdp.microsoft.com

*.dl.delivery.mp.microsoft.com

edge.microsoft.com

 

EdgeUpdatesPolicy.JPG

 

For Windows updates, create an Application Control profile allowing Windows updates only and then use it in a firewall policy with deep inspection enabled.

 

ApplicationControlProfile.JPG

 

ApplicationControlPolicy.JPG

 

With the below sequence of policies, the Windows machine will have access to only Edge and Windows updates:

 

Policy.JPG
5983
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.