Re: Does every Fortigate-User profit on Fortisandbox-AV-pattern?
There are differences, of course.
(disclaimer: as far as I have understood...)
1- FSA Cloud
Positive results are added to the regular, worldwide FortiGuard AV database, and thus eventually distributed to your FGT. To minimize delay, enable "push updates".
2- FSA on premise
Positive results lead to the creation of an AV signature update which is offered immediately on your local network. Devices have to subscribe to these updates. Optionally, the updates are added to the regular, worldwide FortiGuard AV database.
Fortigates in your network may actively submit files to the local FSA, or just participate in the FSA updates. This way, only the main firewalls and FortiMail submit files (to conserve FSA resources) but all Fortinet devices profit from the findings.
3- neither FSA Cloud subscription nor on premise
You get the regular FortiGuard AV updates, i.e., the switch is not effective.
Ede " Kernel panic: Aiee, killing interrupt handler!"