FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Jonathan_Body_FTNT
Article Id 195036

Description
This article explains how to add non listed listed 3rd Party Anti-Virus and Firewall product to the FortiGate SSL VPN Host check.

Solution
To identify a 3rd Party AntiVirus/FireWall  GUID, it is possible to use a MicroSoft utility called wbemtest.exe in c:\windows\system32\wbem

1) Run wbemtest.exe from c:\windows\system32\wbem ; this will bring up the following Windows Management Instrumentation Tester console window :


jbody_FD31608_1.gif


More details on this utility can be found on the following Microsoft's TechNet web page :

http://technet.microsoft.com/en-us/library/cc180684.aspx



2) Type the following command line in the Namespace : ''root\securitycenter'' or  ''root\securitycenter2'' (please note this is the command line to be used in Vista SP2 or Windows 7) ; then click Connect

jbody_FD31608_2.gif



3) Click on  "enum classes"

jbody_FD31608_3.gif



4) In the SuperClass info don't type anything just click on ''OK''

jbody_FD31608_4.gif




5) This will bring up the ''Query Result''

jbody_FD31608_5.gif



6) Once here double click on '' AntiVirus\Firewall Product'' that you wish to check for its ''instanceGUID''

jbody_FD31608_6.gif


From this window you can check for other AV\FW products installed on the system , from here it is then possible to add a product based on the software's GUID, process or registry, to the FortiGate.


7) To add the product GUID to the SSL Host Check on the FortiGate, log on to the device as an Admin user and go to the following menu VPN>SSL (here below is also the default list of recognized 3rd party AV/FW products known to the FortiGate) and click on ''create new''

jbody_FD31608_Knova162.jpg



8) Once you have clicked on ''create new", add the product and GUID retrieved as indicated in step 6 and add the "name" of the software, the "type", the "GUID", the "version", and click on "add" and "Ok" to save the parameters.

jbody_FD31608_Knova160.jpg




Once the 3rd Party Anti-Virus and Firewall product has been added manually using this process the SSL VPN Host check can be performed correctly.

Related Articles

Technical Tip: Adding custom host check definitions for FortiGate SSL VPN host check feature

Technical Tip: FortiClient Host Checker Support for Windows Operating Systems including Windows Serv...

Contributors