Description
This article describes how to identify the current FortiGuard packages version that being used by all the managed devices.
Example:
The AntiVirus engine version, IPS engine version, ISDB version and etc.
Scope
FortiManager 7.2 & FortiGate.
Solution
1) In order for FortiManager to obtain and store the managed device's package version information like FortiGate, it is mandatory for FortiGate to point to FortiManager for the update request with server-type 'update'.
For the configuration guide, refer to the following article:
2) Log into FortiManager GUI -> FortiGuard -> Package Management -> Service Status, select All 'ADOMs' and select By Package button.
Example as follows:
3) To see more granular information such as per package per version per device, it is possible to 'double-click' on the column Installed Devices on that target package information which will lead to another page to list out all the currently running versions for that target package with all the corresponding devices.
For example here, look at the AV Engine package 06004000AVEN02800 which all of the current running AntiVirus Engine versions will be listed.
With all the listed version information as a reference, it is possible to plan to upgrade accordingly to the target version to fix certain CVEs or vulnerabilities on the vulnerable AntiVirus engine.
For example, CVE-2022-26122 will require the AntiVirus engine to be upgraded to version 6.00169 or above.
