Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ssteo
Staff
Staff

Created on ‎03-16-2023 05:44 AM

Article Id 249341

Technical Tip: How to block Windows update without UTM features

Description This article describes how to block Windows updates without UTM features.
Scope FortiOS.
Solution

Go to Policy & Objects -> Firewall Policy -> Create New.

 

The incoming interface is LAN while the outgoing interface is WAN.

Destination select Internet Service and filter by the word 'update' then choose 'Microsoft-Microsoft.Update' then the action is Deny.

 

Enable Log Violation Traffic so it is possible to view the log under the forward traffic log.

Select 'OK' to save the policy.

 

block Windows update.png

 

Remember to drag the firewall policy on top of allowing other traffics firewall policy.

 

From Log & Report -> Forward Traffic, it is possible to see that the firewall policy had blocked Windows updates.

 

log.png

 

13660
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.