FortiManager: Exporting & Importing FDS databases

obuno | | 2 min read
FortiManager: Exporting & Importing FDS databases

A very simple post today about a possible way to ease your FortiManager moves within your Fortinet Security Fabric.

Usually, when I'm setting up FMG, I'm always gathering a somewhat complete set of available FDS databases. These databases back's up services like Web Filtering, Outbreak Prevention along AntiVirus Query, GeoIP, File Query etc which you can add to your config this way (10+ GB RAM on your FMG is needed if you want to run these FDS services locally):

conig fmupdate service
    set query-antivirus enable
    set query-filequery enable
    set query-outbreak-prevention enable
    set query-webfilter enable
    set webfilter-https-traversal enable
end
config fmupdate web-spam fgd-setting
    ...
    set wf-cache 5000
    set wf-preload enable
end

Downloading these anew can be extremely time consuming. Indeed, FMG seems to gather small sized data chunks that are each concatenated up to the final local database file. Not very convenient when you've perhaps decided to "move" your FMG workload from that DC to this DC.

I can't honestly recall if this was already available within earlier version of FMG although since FMG v7.0.2 you're able to export/import these databases (I.E. exporting the Outbreak Preventation DB):

Hence, that is very welcome indeed. It means you can export your FDS databases and re-import them to a newly deployed instance of FMG for exemple.

I've tested it on the Outbreak Prevention database (2.1 GB in size) and everything went through, export/import without any issues.

While I'm at it, I also like to force the FMG/FAZ/FSA outbound pathes through an Explicit Proxy, this allows me to witness the amount of datas needed, the overall throughput and destinations.

config fmupdate av-ips web-proxy
    set address "x.x.x.x"
    set port 8080
    set status enable
end
config fmupdate web-spam web-proxy
    set address "x.x.x.x"
    set port 8080
    set status enable
end

Explicit Proxy which I'm usually running on my vWAN vDOM and which policies concerning Fortinet Appliances are set with no inspections.

Hence, good to know.
Cheers,
obruno =)

Picture Credits: Alien: Covenant - 20th Century Fox Film Corporation

Share:
Show Comments