Skip to Content

How to use SNMP query the BIOS security level of FortiGate from 7.6.0

This article describes how to use SNMP to query FortiOS BIOS Security level.

Scope

FortiGate FortiOS 7.6.0.

Solution

In 7.6.0, there is an SNMP enhancement for support Bios Security Level. SNMP query will show the Security Level.

A change in Security Level will trigger the SNMP trap.

The new OID is 1.3.6.1.4.1.12356.101.4.1.38, it is in Read Only.

Example:

SNMPCommand - snmpwalk -v1 -c fortigate 10.56.240.96 1.3.6.1.4.1.12356.101.4.1.38
Result - iso.3.6.1.4.1.12356.101.4.1.38.0 = Gauge32: 2

FGT CLI output:

get sys status
Version: FortiGate-VM64-KVM v7.6.0,build3401,240724 (GA.F)
First GA patch build date: 240724
Security Level: 2 --> SNMP output same indicates Security Level is 2.
Firmware Signature: certified
Virus-DB: 1.00000(2018-04-09 18:07)
Extended DB: 1.00000(2018-04-09 18:07)
Extreme DB: 1.00000(2018-04-09 18:07)
AV AI/ML Model: 0.00000(2001-01-01 00:00)
IPS-DB: 6.00741(2015-12-01 02:30)
IPS-ETDB: 6.00741(2015-12-01 02:30)
APP-DB: 6.00741(2015-12-01 02:30)
Proxy-IPS-DB: 6.00741(2015-12-01 02:30)
Proxy-IPS-ETDB: 6.00741(2015-12-01 02:30)
Proxy-APP-DB: 6.00741(2015-12-01 02:30)
FMWP-DB: 24.00070(2024-07-05 17:45)
IPS Malicious URL Database: 1.00001(2015-01-01 01:01)
IoT-Detect: 0.00000(2022-08-17 17:31)
OT-Detect-DB: 0.00000(2001-01-01 00:00)
OT-Patch-DB: 0.00000(2001-01-01 00:00)
OT-Threat-DB: 6.00741(2015-12-01 02:30)
IPS-Engine: 7.01014(2024-07-02 21:57)
Serial-Number: FGVM02TM19005873
License Status: Valid
VM Resources: 1 CPU/2 allowed, 1994 MB RAM
Log hard disk: Available
Hostname: R2D2-kvm34
Private Encryption: Disable
Operation Mode: NAT
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 1 in NAT mode, 0 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 3401
Release Version Information: GA
FortiOS x86-64: Yes
System time: Mon Jul 29 17:51:46 2024
Last reboot reason: warm reboot

Limitation:

  • Old series before G only support SNMP Query, not support SNMP trap.
  • G series with physical hardware switch button support SNMP trap, need to manually press the button to trigger the trap