There a multiple references to "FDNI" acronym (seemingly, referring to FortiGuard Distribution Network servers), but I cannot find exact expansion. Once and for all, what's "FDNI"?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
@AlexFerenX
In FortiManager Certification Study Guide NSE5 FMG you will find the information about this acronym.
When you want to try and get list of servers that FortiManager is taking updates:
# diagnose fmupdate view-servrelist fds
you will see the last line column named as "source" and it shows the source of the update.
There are a couple of options, including CLI, Default and FDNI
Basically, FDNI refers to public FDS (FortiGuard Distribution Network through Internet).
More info: Configure FortiManager as a local FDN ser... - Fortinet Community
Hope this clarifies it.
FDNI refers to public FDS (FortiGuard Distribution Network through Internet).
How is this related to FDNI object, eg. "00000000FDNI00000-00000.00000-0000000000" as observed using "diagnose test update info"?
@AlexFerenX
I am sending some example below:
############################################
# This part is fortigate trying to figure out what database version it has internally, and then compose request string to fortiguard
# For instance.
# 04000000AVDB00203 <-- this is for Active AV database. (Most common)
# 04000000AVDB00322 <-- this is for the ETDB High (In this particular model)
# 04000000AVDB00417 <-- this is for Extremd database (Available for this model 1000C)
upd_cfg_api.c[319] upd_cfg_extract_av_db_version-version=04000000AVDB00203-00001.00234-1308131219 upd_cfg_api.c[319] upd_cfg_extract_av_db_version-version=04000000AVDB00322-00001.00234-1308131214 upd_cfg_api.c[319] upd_cfg_extract_av_db_version-version=04000000AVDB00417-00001.00234-1308131213 upd_cfg_api.c[368] upd_cfg_extract_ids_db_version-version=04000000NIDS01001-00003.00295-1301301923 upd_cfg_api.c[368] upd_cfg_extract_ids_db_version-version=04000000FLDB00100-00021.00580-1402060813 upd_cfg_api.c[479] upd_cfg_extract_netscan_db_version-version=04000000VCME00300-00001.00204- 1403251915
upd_pkg.c[622] upd_pkg_create_update_req-Exclude object version 2
upd_pkg.c[159] pack_obj-Packing obj=Protocol=3.0|Command=Update|Firmware=FGT1KC-FW-4.00- 672|SerialNumber=FGT1KC3911800485|UpdateMethod=0|AcceptDelta=1|DataItem=04000000AVDB00203- 00001.00234-1308131219*04000000AVDB00322-00001.00234-1308131214*04000000FLDB00100-00021.00580- 1402060813*04000000NIDS01001-00003.00295-1301301923*00000000FCNI00000-00000.00000- 0000000000*04000000ASEN00400-00001.00001-0903172330*00000000FDNI00000-00000.00000- 0000000000*01000000FSCI00100-00000.00000-0000000000*04000000AVEN02000-00005.00147- 1306141507*04000000FLEN00800-00002.00166-1308231621*04000000ASEN00700-00001.00001- 0903172330*04000000VCME00300-00001.00204-1403251915
If you see "00000000FDNI00000-00000.00000-0000000000" that means that fortigate/fortimanager has still no FDNI objects installed into its database (no known FDNI servers)
Please clarify - what's the content of "00000000FDNI00000" package? Are you implying that list of FDS servers, for example, listed under "Server List" using "get webfilter status" are populated from this package?
It is a connection indicator showing all FortiGuard servers and their connection status
Created on 04-19-2024 09:18 AM Edited on 04-19-2024 09:20 AM
So, this "package" has no content - it's only significance is ":200" and ":204" appended to its name?
If so, where/how does the Fortigate obtain the complete list of Internet FDS servers, for example, listed under "Server List" using "get webfilter status"?
Hi Alex,
.200 and .204 are indicators of the connection status to FortiGuard servers around the world.
Fortigate connects to FortiGuard servers that are configured under config system fortiguard, and from there it gets a list of nearest servers and establishes a tcp connection with them. Of course, Fortiguard servers will push some data, including a list of internet servers. Server IP list should be included in that package.
Hope this answers your question.
Created on 04-23-2024 07:10 AM Edited on 04-23-2024 07:11 AM
> Fortigate connects to FortiGuard servers that are configured under config system fortiguard
Wait.. No, “config system fortiguard” (other than SDNS & DDNS servers) does not specify FDNI servers!
Created on 04-23-2024 07:26 AM Edited on 04-23-2024 07:27 AM
@AlexFerenX
When you have configured a DNS server in a windows machine, normally you navigate to internet without any problems. This means that DNS servers will give you an answer for your query.
FortiGuard servers are doing the same. When you configure Fortiguard servers, normally you point to somewhere from where you will get some services.
One of those services is a list of servers that will provide you some rating values for specific websites.
This list of servers is maintained locally or remotely. If this list of rating servers (which was updated using FortiGuard servers) is remote, you will see FDNI entries in your logs.
FDNI is not some list that you specify somewhere, is a list of servers that FortiGuard will provide you and you will use this list to get responses for your rating services. This list is dynamic and not maintained by you, so you have no option where to specify it.
Thanks
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1669 | |
1082 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.