Hello
I've got 8 HA firewall pairs that I need to make sure the new IP scheme from Mimecast is updated in the ISDB. Can this be done via the FMG or do I need to go to each FortiGate HA pair?
Or does the FMG only point to the FortiGuard servers?
Thank you
Solved! Go to Solution.
Just got access to my FMG. You can also see all of the ISDB entries if you create a new policy in FMG, click the "Destination Internet Service" toggle and then click the "+" and then view the services in the resulting panel.
You should see the entries in FMG as well. Click the edit icon next to the object.
And yes FortiGuard updates the ISDB entries daily. You do not have to do anything.
ISDB is updated directly from FortiGuard. So if you reference an ISDB object either directly in your FortiGate policy or via a FortiManager policy package, it will use the latest version availble from FortiGuard. This assumes your FortiGates are getting FortiGuard updates of course...
Understood, Graham - thanks for responding.
To be more specific on my question, I know I am able to see all of the ISDB entries in the FortiGate, but to save me time by going to 8 Firewall's, can I just look somewhere at all the ISDB entries in FMG?
Or does the FMG not have the 17,000 plus entries and you can only see them in the FortiGate?
I'm not in front of a FMG instance at the moment but if your goal it to just browse the IDSB entries this info is available at fortiguard.com:
https://www.fortiguard.com/encyclopedia?type=isdb
Just got access to my FMG. You can also see all of the ISDB entries if you create a new policy in FMG, click the "Destination Internet Service" toggle and then click the "+" and then view the services in the resulting panel.
I actually had to go into the FortiGate (the root one) and view all of the entries for that service. I was tasked to drill down deep to make sure Mimecast new subnets were added to the ISDB.
I'd imagine FortiGuard works with all the different vendors on a regular basis? I mean there is nothing for us to do since we do not update the ISDB and it comes from the FortiGuard servers.
You should see the entries in FMG as well. Click the edit icon next to the object.
And yes FortiGuard updates the ISDB entries daily. You do not have to do anything.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.