Description
This article describes how to fix an issue where the industrial database in FortiGate fails to update, and offers instructions on how to update the industrial database.
Scope
FortiGate.
Solution
At times, the industrial database does not update even after purchasing the industrial database license.
Check the issue is not caused by an invalid license with the following command. An example output is attached.
diagnose autoupdate versions
Industrial Attack Definitions
---------
Version: 6.00741
Contract Expiry Date: Wed Mar 22 2028 <--- Valid license.
Last Updated using manual update on Tue Dec 1 02:30:00 2015 <--- No update has been performed.
Last Update Attempt: n/a <--- No update has been performed.
Result: Updates Installed
To update the industrial database, an IPS security profile must be used in a policy.
To make IPS and application control signatures available in the GUI:
config ips global
set exclude-signatures none
end
See the documentation for more information about this configuration.
After applying the IPS signatures to the policy and confirming the contract is valid, run the following command:
execute update-now
Verify the database has been updated with the following command. An example output has been provided.
diagnose autoupdate versions
Industrial Attack Definitions
---------
Version: 23.00535
Contract Expiry Date: Wed Mar 22 2028
Last Updated using manual update on Tue Apr 18 09:03:21 2023 <--- The database has been updated.
Last Update Attempt: Tue Apr 18 10:55:10 2023 <--- The database has been updated.
Result: No Updates
