DescriptionScheduling updates ensure that the virus and IPS definitions are downloaded to FortiGate on a regular basis.In some scenarios FortiGate is not able to receive regularly scheduled for AV or IPS updates.
Only a manual Update that function.
This article describes how to resolve this
SolutionUpdating AV and/or IPS definitions can cause a brief disruption in traffic that is currently being scanned while the FortiGate applies the new signature database.
Updates should be scheduled during off-peak hours when network usage is at a minimum to ensure that network activity will not be affected by downloading the definitions files.
When all policies on the configuration has no UTM (AV or IPS) enabled, Regular Scheduled for AV or IPS definitions will not work even it is configured.
This is only working if in there is only one policy with UTM (AV or IPS) enabled in the configuration.
Enable AV or IPS in one of the policies and then, regular schedule update will start working if it is configured.
Note:
- Check that the FortiGate has a valid contract.
- AV/IPS are updated using the port 443 while Web filtering/anti spam are contacted using either port 53 or port 8888.
Ensure that nothing is blocking traffic from the FortiGate on these ports.