Hi Everyone
We use App Control/Sensor to have fine-grain control over which Apps can leave through our Firewall, but we've recently discovered the Fortigates are blocking an app called "Microsoft.Authentication", This App is shown in the list on our Fortigates, but its not available on the FortiManager.
Any ideas on how to fix this? I've checked Fortiguard Tab -> Advanced, and all the services are showing as synchronized.
I'm assuming the FortiManager uses the same packages for the Policy editor, or is there another location I need to update?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
FMG should support ETDB version update in 5.2.4 (but no auto update, need a manual refresh)
I will test in the lab for your case and try to reproduce this
Thanks
Simon
Hi Simon
The Microsoft.Authentation has now appeared in FMG, vary bizarre.. I've not made any direct changes on the FMG.
I did commit a policy change to the FGT, then disabled the extended IPS signatures, but this has not been re-imported into the FMG, so I can't see this having any impact!
how many device in the ADOM? and possible other device has IPS DB updated?
None, its a dedicated ADOM for this pair of HA FGT.
and still below version no change?
IPS-DB: 5.00615(2015-02-24 00:09) IPS-ETDB: 6.00705(2015-10-06 00:37)
These have updated to
IPS-DB: 6.00707(2015-10-09 00:10) IPS-ETDB: 6.00706(2015-10-08 00:17)
i c, IPS DB new version will trigger an update to FMG side and then auto update FMG side IPS/APP list
I will double check for only ETDB has new version case (and IPS DB only stay on the old version #)
Thanks
Simon
We tried but still not yet reproduce
Steps taken:
FMG v5.2.4 B0738 + FGT v5.2.4 B0688
- FGT, Revert IPS regular and extended db to 5.00615
- FGT, set database extended. Microsoft.Authentication is not displayed.
- FMG, Add FGT, verify IPS version on FMG is 5.00615 extended. Microsoft.Authentication is not displayed.
- FGT, update IPS. (Now regular is 5.00615, extended is 6.00707). Microsoft.Authentication is displayed.
- FMG, Device Manager, right click the device, refresh. Verify IPS version on FMG is 6.00707 extended. Microsoft.Authentication is displayed.
Note: Microsoft.Authentication is introduced starting 6.00705.
Thanks
Simon
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.