- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- What's "FDNI"?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What's "FDNI"?
There a multiple references to "FDNI" acronym (seemingly, referring to FortiGuard Distribution Network servers), but I cannot find exact expansion. Once and for all, what's "FDNI"?
Labels:
- Labels:
-
FortiAnalyzer
-
FortiGate
-
FortiManager
19 REPLIES 19
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@AlexFerenX
In FortiManager Certification Study Guide NSE5 FMG you will find the information about this acronym.
When you want to try and get list of servers that FortiManager is taking updates:
# diagnose fmupdate view-servrelist fds
you will see the last line column named as "source" and it shows the source of the update.
There are a couple of options, including CLI, Default and FDNI
Basically, FDNI refers to public FDS (FortiGuard Distribution Network through Internet).
More info: Configure FortiManager as a local FDN ser... - Fortinet Community
Hope this clarifies it.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FDNI refers to public FDS (FortiGuard Distribution Network through Internet).
How is this related to FDNI object, eg. "00000000FDNI00000-00000.00000-0000000000" as observed using "diagnose test update info"?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@AlexFerenX
I am sending some example below:
############################################
# This part is fortigate trying to figure out what database version it has internally, and then compose request string to fortiguard
# For instance.
# 04000000AVDB00203 <-- this is for Active AV database. (Most common)
# 04000000AVDB00322 <-- this is for the ETDB High (In this particular model)
# 04000000AVDB00417 <-- this is for Extremd database (Available for this model 1000C)
upd_cfg_api.c[319] upd_cfg_extract_av_db_version-version=04000000AVDB00203-00001.00234-1308131219 upd_cfg_api.c[319] upd_cfg_extract_av_db_version-version=04000000AVDB00322-00001.00234-1308131214 upd_cfg_api.c[319] upd_cfg_extract_av_db_version-version=04000000AVDB00417-00001.00234-1308131213 upd_cfg_api.c[368] upd_cfg_extract_ids_db_version-version=04000000NIDS01001-00003.00295-1301301923 upd_cfg_api.c[368] upd_cfg_extract_ids_db_version-version=04000000FLDB00100-00021.00580-1402060813 upd_cfg_api.c[479] upd_cfg_extract_netscan_db_version-version=04000000VCME00300-00001.00204- 1403251915
upd_pkg.c[622] upd_pkg_create_update_req-Exclude object version 2
upd_pkg.c[159] pack_obj-Packing obj=Protocol=3.0|Command=Update|Firmware=FGT1KC-FW-4.00- 672|SerialNumber=FGT1KC3911800485|UpdateMethod=0|AcceptDelta=1|DataItem=04000000AVDB00203- 00001.00234-1308131219*04000000AVDB00322-00001.00234-1308131214*04000000FLDB00100-00021.00580- 1402060813*04000000NIDS01001-00003.00295-1301301923*00000000FCNI00000-00000.00000- 0000000000*04000000ASEN00400-00001.00001-0903172330*00000000FDNI00000-00000.00000- 0000000000*01000000FSCI00100-00000.00000-0000000000*04000000AVEN02000-00005.00147- 1306141507*04000000FLEN00800-00002.00166-1308231621*04000000ASEN00700-00001.00001- 0903172330*04000000VCME00300-00001.00204-1403251915
If you see "00000000FDNI00000-00000.00000-0000000000" that means that fortigate/fortimanager has still no FDNI objects installed into its database (no known FDNI servers)
############################################
# This part is the response from fortiguard.
# Usually, we only care about 200 and 204. 200 means there is update. 204 means there is none.
upd_pkg.c[262] get_fcpr_rsp_code-Unpacked obj: Protocol=3.0|Response=300|Firmware=FPT033-FW-5.3- 0053|SerialNumber=FDS-VM- INTERNAL01|Server=FDSG|Persistent=false|ResponseItem=04000000AVDB00203:200*04000000AVDB00322:200 *04000000FLDB00100:200*04000000NIDS01001:200*00000000FCNI00000:200*04000000ASEN00400:204*00000 000FDNI00000:200*04000000AVEN02000:204*04000000FLEN00800:200*04000000ASEN00700:204*04000000VC ME00300:200*01000000FSCI00100:200
# This part is the response from fortiguard.
# Usually, we only care about 200 and 204. 200 means there is update. 204 means there is none.
upd_pkg.c[262] get_fcpr_rsp_code-Unpacked obj: Protocol=3.0|Response=300|Firmware=FPT033-FW-5.3- 0053|SerialNumber=FDS-VM- INTERNAL01|Server=FDSG|Persistent=false|ResponseItem=04000000AVDB00203:200*04000000AVDB00322:200 *04000000FLDB00100:200*04000000NIDS01001:200*00000000FCNI00000:200*04000000ASEN00400:204*00000 000FDNI00000:200*04000000AVEN02000:204*04000000FLEN00800:200*04000000ASEN00700:204*04000000VC ME00300:200*01000000FSCI00100:200
2
Here FDNI has taken value 200 meaning that it has an update:
00000 000FDNI00000:200
So Not all numbers necessary need to have some human translation, but the most important part is described above.
Hope this clarifies your query.
Hope this clarifies your query.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please clarify - what's the content of "00000000FDNI00000" package? Are you implying that list of FDS servers, for example, listed under "Server List" using "get webfilter status" are populated from this package?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It is a connection indicator showing all FortiGuard servers and their connection status
Created on 04-19-2024 09:18 AM Edited on 04-19-2024 09:20 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So, this "package" has no content - it's only significance is ":200" and ":204" appended to its name?
If so, where/how does the Fortigate obtain the complete list of Internet FDS servers, for example, listed under "Server List" using "get webfilter status"?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Alex,
.200 and .204 are indicators of the connection status to FortiGuard servers around the world.
Fortigate connects to FortiGuard servers that are configured under config system fortiguard, and from there it gets a list of nearest servers and establishes a tcp connection with them. Of course, Fortiguard servers will push some data, including a list of internet servers. Server IP list should be included in that package.
Hope this answers your question.
Created on 04-23-2024 07:10 AM Edited on 04-23-2024 07:11 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
> Fortigate connects to FortiGuard servers that are configured under config system fortiguard
Wait.. No, “config system fortiguard” (other than SDNS & DDNS servers) does not specify FDNI servers!
Created on 04-23-2024 07:26 AM Edited on 04-23-2024 07:27 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@AlexFerenX
When you have configured a DNS server in a windows machine, normally you navigate to internet without any problems. This means that DNS servers will give you an answer for your query.
FortiGuard servers are doing the same. When you configure Fortiguard servers, normally you point to somewhere from where you will get some services.
One of those services is a list of servers that will provide you some rating values for specific websites.
This list of servers is maintained locally or remotely. If this list of rating servers (which was updated using FortiGuard servers) is remote, you will see FDNI entries in your logs.
FDNI is not some list that you specify somewhere, is a list of servers that FortiGuard will provide you and you will use this list to get responses for your rating services. This list is dynamic and not maintained by you, so you have no option where to specify it.
Thanks
Related Posts
- what "This can be a challenge... 293 Views
- Force the routing of a domain... 127 Views
- What impact this command "fnsysctl killall... 183 Views
- What are the options for user... 583 Views
Labels
-
FortiGate
6,554 -
FortiClient
1,307 -
5.2
801 -
5.4
639 -
FortiManager
565 -
6.0
416 -
FortiAnalyzer
415 -
5.6
362 -
FortiAP
336 -
FortiSwitch
334 -
FortiClient EMS
264 -
6.2
251 -
FortiMail
243 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
151 -
6.4
128 -
FortiNAC
106 -
FortiGuard
102 -
FortiSIEM
89 -
FortiGateCloud
87 -
FortiCloud Products
84 -
IPsec
73 -
FortiToken
71 -
Customer Service
69 -
4.0MR3
64 -
SSL-VPN
61 -
Wireless Controller
58 -
FortiProxy
44 -
FortiADC
43 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
32 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
Firewall policy
24 -
FortiConnect
24 -
SD-WAN
24 -
FortiWAN
22 -
VLAN
21 -
FortiConverter
21 -
High Availability
20 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiAuthenticator
15 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
FortiGate v5.0
12 -
Routing
12 -
Interface
12 -
FortiCASB
12 -
Logging
11 -
LDAP
10 -
Virtual IP
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
NAT
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
SSID
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
SSL SSH inspection
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
IP address management - IPAM
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
Security profile
6 -
Authentication
6 -
FortiBridge
6 -
Fortigate Cloud
6 -
Traffic shaping policy
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
Automation
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
Web profile
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiDB
3 -
Port policy
3 -
FortiDeceptor
2 -
FortiInsight
2 -
NAC policy
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
FortiPAM
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
Fortinet Engage Partner Program
2 -
TACACS
1 -
4.0MR1
1 -
Schedule
1 -
Users
1 -
SDN connector
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Application signature
1 -
Web rating
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
Multicast routing
1 -
Email filter profile
1 -
Zone
1 -
Internet Service Database
1 -
Explicit proxy
1 -
System settings
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.