|
In FortiOS 6.4, the node process is used for
- Report management (which includes Security Fabric (csf) / Fortiview / Security Rating).
- WebSockets.
- Maintaining the CLI console widget when accessing the Fortigate via HTTP/HTTPS.
In FortiOS 7.0 onwards, the node process is also responsible for:
- processing all incoming HTTP/HTTPS to serve static files (prior to 7.0 the process HTTPSD served static files).
On 7.0. the 3 main node.js scripts on a FortiGate are for:
- Report runner (Security Rating).
- CLI console.
- SSL VLN QR code generation.
The security rating result submission is by default enabled on the FortiGate.
This feature enables the submission of security rating results to FortiGuard servers for data collection purposes and continuous learning.
The feature is memory intensive and could lead to high memory usage observed on the node process.
A high memory usage of the node process can be seen for example with commands:
diag sys top-mem
diag sys top 1 20 1
Example output from the 'diag sys top' command:
Version: FortiGate-400E v6.4.7,build1911,210825 (GA)
Run Time: 43 days, 22 hours and 40 minutes
0U, 0N, 1S, 99I, 0WA, 0HI, 0SI, 0ST; 7852T, 2818F
node 197 S 0.0 31.1 <----- 31 % memory usage of the node process.
To disable the security rating functionality, execute the following command:
config system global
set security-rating-result-submission disable
end
In some cases, it might be required to also disable the scheduled rating:
config system global
set security-rating-result-submission disable
set security-rating-run-on-schedule disable
end
|
