Description
This article describes how to identify the current FortiGuard packages version that being used by all the managed devices.
Example:
The AntiVirus engine version, IPS engine version, ISDB version and etc.
Scope
FortiManager v7.2 and FortiGate.
Solution
- For FortiManager, to obtain and store the managed device's package version information like FortiGate, FortiGate must point to FortiManager for the update request with server-type 'update'. For the configuration guide, refer to the following article: Technical Tip: How to setup FortiGate to get updates from FortiManager.
- Log into FortiManager GUI -> FortiGuard -> Package Management -> Service Status, select All 'ADOMs' and select By Package button.
Example as follows:
- To see more granular information such as per package per version per device, it is possible to 'double-click' on the column Installed Devices on that target package information which will lead to another page to list out all the currently running versions for that target package with all the corresponding devices.
For example here, look at the AV Engine package 06004000AVEN02800 which all of the current running AntiVirus Engine versions will be listed.
With all the listed version information as a reference, it is possible to plan to upgrade accordingly to the target version to fix certain CVEs or vulnerabilities on the vulnerable AntiVirus engine.
For example, CVE-2022-26122 will require the AntiVirus engine to be upgraded to version 6.00169 or above:
The currently available version can be found on the FortiGuard website.
Related article:
Technical Tip: Common Internet Service Database Feature admin operations.
