Description | This article describes how to upgrade the Antivirus Engine in a HA cluster. |
Scope | FortiGate, Fortiproxy |
Solution |
From CLI: Run this command to check the current version of the engine:
FGT_1#diagnose autoupdate versions | grep AV -A2 AV Engine --------- Version: 6.00164 --
From the GUI: go to System -> Fortiguard -> AV Definitions.
FGT_1 # get sys status | grep HA Current HA mode: a-p, primary From the CLI we can move to the secondary firewall via: exec ha manage 0 [username] FGT_2# get sys status | grep HA Current HA mode: a-p, secondary FGT_2#diagnose autoupdate versions | grep AV -A2 AV Engine --------- Version: 6.00164 --
Here both units in the cluster are on 6.00164.
2) Upgrading the AntiVirus engine on the primary FortiGate. Go to System -> FortiGuard -> Antivirus -> Upgrade Database -> Select file -> Upload the AV Engine and select 'OK'.
In this example, an upgrade is performed from version 164 to 169:
Once 'OK' is selected:
3) After the Antivirus engine is upgraded, it is possible to check the status of the Antivirus engine on both the firewalls in the cluster:
FGT_1#diagnose autoupdate versions | grep AV -A2 AV Engine --------- Version: 6.00169 --
Ideally upgrading the Active firewall with the Antivirus engine database should push it to the secondary as well, it is possible to check it from GUI or CLI:
FGT_1 # exec ha manage 0 [username] FGT_2 #diagnose autoupdate versions | grep AV -A2 AV Engine --------- Version: 6.00169 --
Related articles: Technical Tip: How to manually update the Virus Definition database or AntiVirus Engine Technical Tip: Upgrading IPS Engine on the primary FortiGate will also upgrade the backup FortiGate |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.