- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Defining FortiGate Services
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Defining FortiGate Services
Can anyone help me with the definitions of the services that run on the FortiGates? I think this would be highly helpful to those of us who are watching high memory or cpu utilization on a specific service but cannot correlate it to anything. Specifically I' m trying to figure out what the " scanunitd" service is/does.
Here' s a partial list of the services I have seen, some of them are obviously self-explanatory:
Self-Explanatory:
thttp.........................http daemon
ipsengine......................... ips engine
hasync......................... ha sync service
pop3......................... pop3 service
smtp ......................... smtp service
cli .........................cli service
hatalk ......................... ha talk service
httpsd .........................https daemon
sshd .........................ssh daemon
authd .........................authentication daemon
alertmail .........................mail alerts
urlfilter .........................url filter
bgpd .........................bgp routing daemon
ospfd .........................ospf routing daemon
zebos_laun .........................zebos routing daemon
ripd .........................rip routing daemon
updated .........................av/ip spam/web filter update service
snmpd .........................snmp daemon
ftpd .........................ftp daemon
imapd .........................imap daemon
newcli .........................creates new cli session (?)
chassis500 .........................chassis daemon
quard .........................quaranine daemon
nntpd .........................nntp daemon
telnetd .........................telnet daemon
ipsmonitor .........................ips monitor (?)
pimd .........................pim/multicast daemon
proxyd .........................proxy daemon
imd .........................IM daemon
Ambiguous:
scanunitd.........................?
miglogd.........................?
forticron.........................?
merged_dae.........................?
init.........................?
getty.........................?
imi.........................?
pdmd.........................?
nsm.........................?
cmbdsvr.........................?
Please take the list and add or make changes where you deem necessary, thanks guys and gals!
John
CISSP, FCNSP
Adv(thanks)ance
John CISSP, FCNSP Adv(thanks)ance
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Did anybody ever figure out what the processes definitions are?
-TJ
-TJ
Not applicable
Created on 09-23-2009 03:15 PM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
" scanunitd"This daemon is responsible for much of the functionality of the threat management system. 1. First level parsing of incoming data 2. Invokes anti-virus engine 3. Decompress/unpack files 4. Determines banned words matching 5. Determines file pattern matching 6. Determines quarantine matching 7. Virus checksum value checking 8. Invokes antispam engine Basically the glue for preparation of many of the inspection engines.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I believe getty is a throwback from Unix/Linux. Google it... Has to do with the CLI interface. (tty)
From Wikipedia:
getty short for " get teletype" , is a Unix program running on a host computer that manages physical or virtual terminals (tty). When it detects a connection, it prompts for a username and runs the ' login' program to authenticate the user. Originally, on traditional Unix systems, getty handled connections to serial terminals (often teletype machines) connected to a host computer. The ' tty' part of the name stands for teletype, but has come to mean any type of text terminal. One getty process serves one terminal. In some systems, for example Solaris, getty was replaced by ttymon. Personal computers running Unix-like operating systems, even if they do not provide any remote login services, may still use getty as a means of logging in on a local virtual console. Instead of the ' login' program getty may also be set up by the system administrator to run any other program, for example a PPP daemon to provide dial-up Internet access.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Bob - self proclaimed posting junkie!See my Fortigate related scripts
at: http://fortigate.camerabob.com
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
funny thread.
not so exhaustive as fuhrimans (thanks man):
miglogd.........................?is the log daemon.
forticron.........................?i guess that it does what its name implies: it' s in charge of all scheduled tasks
nsm.........................?i guess that it is related with ospf nsm stuff
regards
/ Abel
regards
/ Abel
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
• initXXXXXXXXXXX (its job is to start other processes) • zebos_launcher (zebos launcher daemon) • hp_api (hp api) • cmdbsvr (cmdb server - update processes / configuration) • uploadd (upload daemon) • adsl2plus (adsl2plus daemon) • sqldb (sqldb) • reportd (report daemon) • sql_logd (sql log daemon) • miglogd (log daemon) • chlbd (chassis loadbalance daemon) • haocd (content cluster HA over chassis daemon) • kmiglogd (kernel log daemon) • httpsd (https daemon) • pyfcgid (python config daemon) • sslvpnd (ssl vpn) • info_sslvpnd (ssl vpn info daemon) • smbcd (smb client daemon) • lcdapp (Control the LCD panel) • proxyd (proxy daemon) • imd (IM proxy daemon) • wad_launcher (wan acceleration proxy) • wad (explicit proxy, mapi rpc) • wad_diskd (wan acceleration disk daemon) • dlpfingerprint (dlp fingerprint daemon) • dlpfpcache (dlp fingerprint cache daemon) • scanunitd (scanunit daemon) • getty (wait for console/telnet connection) • mingetty tty1 (mingetty tty1 daemon) • mingetty tty2 (mingetty tty2 daemon) • iked (ike daemon) • nids_monitor_name (ips monitor daemon) • updated (update daemon <= to init some shared memory segment used by other executables) • merged_daemons (merge daemon - should be split in future. There is a mantics.) • fclicense (FC license daemon) • amc_monitor (AMC monitor daemon) • forticron (crl update daemon) • bypass_monitor (bypass monitor daemon) • chassis5000d (chassis 5000 daemon) • chassisd 192.168.127.254 (chassis daemon) • fdsmgmtd (fortiguard management daemon) • fds_msg (fds message daemon) • snmpd (snmp) • dhcpd (dhcp server) • dhcpcd (dhcp client) • dhcprd (dhcp relay) • hatalk (ha protocol module) • haysnc (ha synchronization module) • harelay (ha relay module for tcp) • pptpd (pptp) • l2tpd (l2tp) • ipldbd (ipldbd daemon) • vsd (virtual server daemon) • acd (aggregate controller daemon) • src-vis (source visibility daemon) • pppoed (pppoe daemon) • ddnscd (ddns client daemon) • urlfilter (URL filter daemon) • ntpd (ntp server daemon) • sshd (ssh daemon) • tftpd (tftp daemon) • telnetd (telnet daemon) • authd (authenticated daemon) • fssod (fsso daemon) • quard (quarantine daemon) • rtmon (ping server) • radvd (router adv daemon) • alertemail (alertemail daemon) • dnsproxy (dns proxy daemon) • sflowd (sflow protocol daemon) • nat64d (NAT64 daemon) • radiusd (radius daemon) • notifd (notification daemon = carrier only) • gtpgkd (gtp daemon = carrier only) • mass_mmsd (mass mms daemon, carrier only) • alarmd (alarm daemon) • pptpcd (pptp client daemon) • wpad_client (port access client daemon - atheros wifi) • wpad (port access entity daemon - prism54 wifi) • eap_proxy (epa proxy - wpa enterprise wifi) • modemd (modem daemon) • dialinsvr (dial-in server daemon) • cardmgr (pcmcia card manager daemon) • getty aux (getty aux daemon) • pppoatmd (ppp over atm daemon) • adsl_mon (adsl monitor daemon) • l2tpcd (l2tp client daemon) • httpclid (http client daemon) • sessionsync (session sync daemon) • fgfmd (fortigate/fortimanager communication daemon) • wccpd (wccp daemon) • garpd (vip gratuitous arp daemon) • cw_acd (capwap ac daemon) • wpad_ac (wpad ac daemon) • cw_wtpd (capwap wtp daemon) • cw_stad (capwap sta daemon) • fortilinkd (fortilinkd) • cu_acd (cu_acd) • swctrl_authd • vrrpd (vrrp daemon) • usbmuxd (usbmux daemon)
• fsd (forti-start daemon) • proxyacceptor (proxyacceptor daemon) • proxyworker (proxyworker daemons) • sslacceptor (sslacceptor daemon) • sslworker (sslworker daemons) • imd (imd daemons) • fcnacd (forticlient NAC daemon) • stpd_name (spanning tree protocol daemon) • wiredapd (wired ap 802.1x port based auth daemon) • confsynchbd (conf-sync heartbeat daemon) • confsyncd (conf-sync daemon) • poed (poe daemon) • cbp (cbp daemon) • nsm (routing FIB update) • imi (routing related) • bgpd (bgp) • ospfd (ospf) • ospf6d (ospfv3) • pim6d (pim multicast v6) • pimd (pim multicast) • pdmd (pim dense monde) • ripd (rip) • ripngd (ripv6) • netscan (netscan daemon) • dhcp6s (dhcp6 server) • dhcp6r (dhcp6 relay) • dhcp6c (dhcp6 client) • lted (usb lte daemon - start only if hardware has usb port and not run in vmware) • newcli (CLI commands execution - ssh, telnet) • vpd (vpn policy daemon - handle vpn traffic to know to which policy the traffic corresponds) • rlogd (reliable syslog daemon)
Related Posts
- Issues with activating proxy mode in... 82 Views
- Split Tunnel with SSL VPN and... 120 Views
- Hub-Spoke With Redundant Tunnels 103 Views
- Assistance Needed: Routing Issue with FortiGate... 385 Views
- Slowness towards the internal network connected... 185 Views
Labels
-
FortiGate
6,535 -
FortiClient
1,304 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
414 -
5.6
362 -
FortiSwitch
333 -
FortiAP
333 -
FortiClient EMS
263 -
6.2
251 -
FortiMail
242 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
150 -
6.4
128 -
FortiNAC
106 -
FortiGuard
102 -
FortiSIEM
88 -
FortiGateCloud
87 -
FortiCloud Products
84 -
IPsec
73 -
FortiToken
69 -
Customer Service
69 -
4.0MR3
64 -
SSL-VPN
60 -
Wireless Controller
58 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
SD-WAN
24 -
Firewall policy
23 -
FortiConnect
23 -
FortiWAN
22 -
FortiConverter
21 -
VLAN
20 -
High Availability
20 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
Routing
12 -
FortiAuthenticator
12 -
FortiCASB
12 -
Interface
11 -
Logging
11 -
FortiGate v5.0
10 -
LDAP
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
Virtual IP
9 -
NAT
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
SSID
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
SSL SSH inspection
6 -
Security profile
6 -
Authentication
6 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
Traffic shaping policy
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
Intrusion prevention
3 -
Automation
3 -
DoS policy
3 -
Port policy
3 -
FortiDB
3 -
FortiDeceptor
2 -
FortiInsight
2 -
NAC policy
2 -
VoIP profile
2 -
Antivirus profile
2 -
Web profile
2 -
Traffic shaping profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Fortinet Engage Partner Program
2 -
trunk
2 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
FortiPAM
1 -
Application signature
1 -
Multicast routing
1 -
Authentication rule and scheme
1 -
Zone
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.