| Description | This article describes a situation where a FortiManager is deployed in an air-gapped network, and the user cannot view the latest IPS signatures. |
| Scope | For FortiManager deployments in air-gapped environments where direct access to FortiGuard servers is not available. |
| Solution |
The issue occurs due to the absence of the IPS Slim signature package required for viewing, which is not available for download from the support portal service updates. In such cases, the only method to resolve the issue is to export the IPS Slim signature package from a FortiManager connected to the FortiGuard and import it into the air-gapped FortiManager.
When accessing the IPS Signatures section Policy & Objects -> Security Profiles -> IPS Signatures on a FortiManager deployed in an air-gapped network, the user will notice that the IPS signatures are outdated even when the latest IPS signature package is imported into the FortiManager as shown below:
This is because the necessary IPS Slim Signature Meta Data package is not available for download from the Fortinet support portal as described in this document: Operating as an FDS in a closed network.
Below is a snippet of the required package on the FortiManager to display the IPS Signatures under Security Profiles:
To resolve the issue of missing IPS Slim signature packages in an air-gapped FortiManager, export the IPS Slim package from the FortiManager connected to FortiGuard and import it into the air-gapped FortiManager using the below guides: Exporting packages - FortiManager Administration Guide Importing packages - FortiManager Administration Guide
After the import operation is complete, the air-gapped FortiManager can successfully display the latest IPS signatures as shown below:
|
