Description | This article describes the solution when the virtual-patch option is not visible in the local-in policy. |
Scope | FortiGate 7.2.4 and above, FortiOS 7.4.2. |
Solution |
Referring to the administration guide, virtual patching is the method of mitigating vulnerability exploits using FortiGate's IPS signature to block known vulnerabilities.
Reference: Optimize virtual patching on the local-in interface 7.4.2.
diagnose autoupdate versions | grep FMWRP
The extended IPS must be enabled for more vulnerabilities to be covered: config ips global set database extended end
config firewall local-in-policy set
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.