FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
dbabic
Staff
Staff
Article Id 190029

Description


This article explains how to manually upgrade the IPS Engine on a FortiGate.

 

Scope

 

FortiGate.


Solution

 

The IPS Engine can be upgraded manually as follows:
 
Log in to the Support Portal (support.fortinet.com) and then go to Support > Download > Service Updates.
Then select FortiGate under product and current Firmware version under OS version and then download the Attack definition .pkg file.
 
Untitled.gif

 

Login to the GUI and go to System -> FortiGuard -> IPS & Application Control  Select 'Upgrade Database', browse the new IPS Engine package and select 'apply'.

Untitled1.gif

 

 
After upgrading the IPS Engine, restart it by using the following CLI command:
 
diagnose test application ipsmonitor 99
 
Note:
Performing the activity of upgrading the IPS engine will terminate all TCP sessions. 
 
From both the GUI and CLI, it is possible to check IPS Engine version before and after an upgrade.

CLI:
 
diag autoupdate versions | grep "IPS Attack" -A 6
 
Note:
If when opening FortiGuard, there is no license information about Intrusion Prevention (IPS Engine version, IPS License, etc), enable Intrusion Prevention on System -> Feature Visibility -> Intrusion Prevention.
After this, go back to FortiGuard and all IPS related information should be available.
 
Note:
If the device has evaluation license or no valid license, updating the database is not allowed.

Related articles:
Technical Tip: How to manually upgrade the IPS Engine
Technical Tip: Cannot upload the IPS database manually from the GUI without internet connection to F...