FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes the full name of each FortiGuard database abbreviation and subscriptions/services. These abbreviations can be seen while performing an update debug while executing a manual update (execute update-now) or in the General System Events with any log entries starting from 'Fortigate scheduled update...'.
The name of the database can be viewed in the output of the command 'diagnose autoupdate versions'.
Scope
FortiOS.
Solution
avdb
AV engine
etdb
Extended set
exdb
Extreme set
flen
IPS Attack Engine
apdb
Application Defintions
fmwpdb
FMWP Defintions
APDB
IoT Detect Definition
dnsbot
Botnet Domain Database
ffdb (or isdb)
Internet-service Full Database
cidb
Device and OS Identification
uwdb
URL Allow list
dldb
DLP Signatures
geoip
IP Geography DB
crdb
Certificate Bundle
mcdb
Malicious Certificate DB
macdb (madb in update debug)
MAC Address Database
afdb
AntiPhish Pattern DB
icdb
ICDB Database
casb
Inline CASB Database
sfas
Security Rating Data Package
MUDB
Malicious URL DB
FLDB
Flow Based VirusDB
MMDB
Mobile Malware DB
AVAI
AI/Machine Learning Malware DB
SPAM
AntiSpam
FMWR
Firmware & General Updates
PBDS
FortiGuard IOC
SOAR
FortiAnalyzer Security Automation
SOCA
SOCaaS
AFAC
FortiAnalyzer Cloud Subscription
SBCL
Sandbox Cloud Subscription
FCSS
FortiConverter Service Subscription
FMGC
FortiManager Cloud Subscription
FURL
FortiGuard URL, DNS & Video Filtering Service
ZHVO
FortiGuard Virus Outbreak Protection Service
Each FortiOS branch will introduce a new database to further harden the security of the firewall. In addition, there may be instances where the database abbreviation is not shown in the update debug or it did not appear to be updated at all. Therefore, to check each FortiGuard database version with the last time an update was attempted with the result in the CLI, execute the following command:
