Fortinet fortigate-100a Benutzerhandbuch
System maintenance
Enabling push updates
FortiGate-100A Administration Guide
01-28007-0068-20041203
123
There are no special tunneling requirements if you have configured an override server
address to connect to the FDN.
address to connect to the FDN.
Enabling push updates
The FDN can push updates to FortiGate units to provide the fastest possible response
to critical situations. You must register the FortiGate unit before it can receive push
updates. See
to critical situations. You must register the FortiGate unit before it can receive push
updates. See
When you configure a FortiGate unit to allow push updates, the FortiGate unit sends a
SETUP message to the FDN. The next time a new antivirus engine, new antivirus
definitions, new attack definitions or new attack engine are released, the FDN notifies
all FortiGate units that are configured for push updates that a new update is available.
Within 60 seconds of receiving a push notification, the FortiGate unit requests an
update from the FDN.
SETUP message to the FDN. The next time a new antivirus engine, new antivirus
definitions, new attack definitions or new attack engine are released, the FDN notifies
all FortiGate units that are configured for push updates that a new update is available.
Within 60 seconds of receiving a push notification, the FortiGate unit requests an
update from the FDN.
When the network configuration permits, configuring push updates is recommended in
addition to configuring scheduled updates. On average the FortiGate unit receives
new updates sooner through push updates than if the FortiGate unit receives only
scheduled updates. However, scheduled updates make sure that the FortiGate unit
receives the latest updates.
addition to configuring scheduled updates. On average the FortiGate unit receives
new updates sooner through push updates than if the FortiGate unit receives only
scheduled updates. However, scheduled updates make sure that the FortiGate unit
receives the latest updates.
Enabling push updates is not recommended as the only method for obtaining updates.
The FortiGate unit might not receive the push notification. Also, when the FortiGate
unit receives a push notification it makes only one attempt to connect to the FDN and
download updates.
The FortiGate unit might not receive the push notification. Also, when the FortiGate
unit receives a push notification it makes only one attempt to connect to the FDN and
download updates.
To enable push updates
1
Go to System > Maintenance > Update center.
2
Select Allow Push Update.
3
Select Apply.
Push updates when FortiGate IP addresses change
The SETUP message that the FortiGate unit sends when you enable push updates
includes the IP address of the FortiGate interface that the FDN connects to. If your
FortiGate unit is running in NAT/Route mode, the SETUP message includes the
FortiGate interface 2 IP address. If your FortiGate unit is running in Transparent
mode, the SETUP message includes the FortiGate management IP address. The
FDN must be able to connect to this IP address for your FortiGate unit to be able to
receive push update messages. If your FortiGate unit is behind a NAT device, see
includes the IP address of the FortiGate interface that the FDN connects to. If your
FortiGate unit is running in NAT/Route mode, the SETUP message includes the
FortiGate interface 2 IP address. If your FortiGate unit is running in Transparent
mode, the SETUP message includes the FortiGate management IP address. The
FDN must be able to connect to this IP address for your FortiGate unit to be able to
receive push update messages. If your FortiGate unit is behind a NAT device, see
Whenever the interface 2 IP address of the FortiGate unit changes, the FortiGate unit
sends a new SETUP message to notify the FDN of the address change. As long as
the FortiGate unit sends this SETUP message and the FDN receives it, the FDN can
maintain the most up-to-date interface 2 IP address for the FortiGate unit.
sends a new SETUP message to notify the FDN of the address change. As long as
the FortiGate unit sends this SETUP message and the FDN receives it, the FDN can
maintain the most up-to-date interface 2 IP address for the FortiGate unit.
Note: Push updates are not supported if the FortiGate unit must use a proxy server to connect
to the FDN. For more information, see
to the FDN. For more information, see
.