Thursday, June 19, 2008

Problems with IPS Engine

IPS Engine 1.092 is causing high CPU utilization on various models of Fortigate firewalls. As per Fortinet IPS Engine 1.096 should fix this issue and is due to be released via automatic update on Friday, June 27th.
Use the following command to determine which engine you are currently running

get system fortiguard-service status

You can use the following command to restart the IPS engine. This resolves the high CPU utilization temporarily without having to reboot the firewall.

diag test app ipsmonitor 99

Another command you can try is

diag test app ipsmonitor 5

This puts the IPS Engine into bypass mode. Issuing the same command again turns it back on.

1 comment:

Anonymous said...

executing this command

diag test application ipsmonitor 4

should happen?