31 stycznia 2019

Autoupdate

Diagnose autoupdate downgrade

Firmware – FortiOS: 5.0 5.2 5.4 5.6 6.0
This command allows users to enable or disable the downgrading of the FortiGuard Antivirus definition from the FortiGuard Distribution Network (FDN). If this is disabled, you can only upgrade the FortiGuard Antivirus definition.

Syntax
diagnose autoupdate downgrade — Downgrade status (enable/disable). {5.0}

Example
Command
diagnose autoupdate downgrade enable

Output
Update downgrade enabled

Command
diagnose autoupdate downgrade disable

Output
Update downgrade disabled


Diagnose autoupdate status

Firmware – FortiOS: 5.0 5.2 5.4 5.6 6.0
This command allows the user to verify the status of automatic updates on the FortiGate.

Syntax
diagnose autoupdate status

Example
Command
diagnose autoupdate status

Output

FDN availability: available at Thu Jun 12 01:02:10 2014
Push update: disable
Scheduled update: enable
Update daily: 1:02
Virus definitions update: enable
IPS definitions update: enable
Push address override: disable
Web proxy tunneling: disable

Command
diagnose autoupdate status

Output

FDN availability: available at Tue Jan 31 08:05:09 2017
Push update: disable
Scheduled update: enable
Update every: 2 hours at 5 minutes after the hour
Virus definitions update: enable
IPS definitions update: enable
Push address override: disable
Web proxy tunneling: disable

Description
FDN availability: Specify availability status and last access time (access time corresponds to the scheduled update settings). Possible values are: available/unavailable.
Push update: Specify whether push update method is enabled or disabled. Possible values are: enable/disable.
Scheduled update: Specify whether scheduled update is enabled or disabled. Possible values are: enable/disable.
Update every: If scheduled update is enabled, specify the time defined to launch the update.
Virus definitions update: Specify whether the virus definitions update is enabled or disabled. Possible values are: enable/disable.
IPS definitions updates: Specify whether the IPS definitions update is enabled or disabled. Possible values are: enable/disable.
Server override: Specify whether the use of another FDS server is enabled or disabled. Possible values are: enable/disable. If enabled a new line is displayed showing the FDS IP address defined in the configuration.
Push address override: If push update is enabled, specify whether the FortiGate override address feature is enabled or disabled. Possible values are: enable/disable. If enabled, a new line is displayed showing the FDS IP address and the TCP port (a.b.c.d:port) defined in the configuration.
Web proxy tunneling: Specify whether FortiGate device is using a proxy to retrieve AV and IPS definitions updates. Possible values are: enable/disable. If enabled, additional lines are displayed showing the proxy settings.


Diagnose autoupdate versions

Firmware – FortiOS: 5.0 5.2 5.4 5.6 6.0
This command allows users to check the actual versions of packages (databases and engines) currently running on the FortiGate.

Syntax
diagnose autoupdate versions — Update object versions. {5.0}

Example
Command Run
diagnose autoupdate versions

Output

  • AV Engine:
    Version: 5.00146
    Contract Expiry Date: Sat Sep 13 00:00:00 2014
    Last Updated using manual update on Tue May 21 18:01:00 2013
    Last Update Attempt: n/a
    Result: Updates Installed
  • Virus Definitions
    Version: 16.00560
    Contract Expiry Date: Sat Sep 13 00:00:00 2014
    Last Updated using manual update on Fri Oct 19 08:31:00 2012
    Last Update Attempt: n/a
    Result: Updates Installed
  • Extended set
    Version: 1.00000
    Contract Expiry Date: Sat Sep 13 00:00:00 2014
    Last Updated using manual update on Wed Oct 17 15:46:00 2012
    Last Update Attempt: n/a
    Result: Updates Installed