I have noticed in the log after hearing a couple of complaints from the vendor that automatic firmware and updates were not coming in. At first I thought it was my iPrism content filtering doing it, but I whitelisted there. Then after looking in the AV section of the log in FortiGate, I see where the multiple internal IPs were being blocked by the AV. MUZAK is the name of the vendor, and handles our hospitality properties lobby music system. They are utilizing FTP. I am currently not using FortiGate's web content filtering, but I also cannot seem to find where I can possibly whitelist this one IP. Any thoughts? I'm sure its simple, and I am making it out to be harder than it probably is.
If there is no out-to-in policy related to the service, the updates sessions must be initiated by the internal devices and likely using the default outgoing policy. I'm assuming the ventor's server IPs are relatively static, or at least they have FQDNs. Then separate a policy from those internal devices to the server IPs to see if that make the updates work. Once you know the new policy is used, you can apply proper protection profiles like AV, webfilter, or not to apply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.