This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.
Hi All,
Here are the new features in FAZ 6.0,
Hyper-V FortiAnalyzer-VM running on an AMD CPU
A Hyper-V FAZ-VM running on a PC with an AMD CPU may experience a kernel panic. Fortinet recommends running VMs on an Intel-based PC.
IPsec connection to FortiOS for logging
FortiAnalyzer 5.4.2 and later does not support an IPsec connection with FortiOS 5.0/5.2. However UDP or TCP + reliable are supported. Instead of IPsec, you can use the FortiOS reliable logging feature to encrypt logs and send them to FortiAnalyzer. You
can enable the reliable logging feature on FortiOS by using the configure log fortianalyzer setting command. You can also control the encryption method on FortiOS by using the set enc-algorithm default/high/low/disable command.
Datasets Related to Browse Time
If upgrading from an image prior to FAZ 5.4.2, cloned datasets that query for browse time may not be able to return any results after upgrade. FortiAnalyzer 5.4.2 contains enhancements to calculating the estimated browse time. Due to the changes, cloned datasets that query for browse time may not be able to return any results after upgrade.
System Configuration or VM License is Lost after Upgrade
When upgrading FortiAnalyzer from 5.4.0 or 5.4.1 to 5.4.x or 5.6.0, it is imperative to reboot the unit before installing the 5.4.x or 5.6.0 firmware image. Please see the FortiAnalyzer Upgrade Guide for details about upgrading. Otherwise,
FortiAnalyzer may lose system configuration or VM license after upgrade. There are two options to recover the FortiAnalyzer unit:
SSLv3 on FortiAnalyzer-VM64-AWS
Due to known vulnerabilities in the SSLv3 protocol, FortiAnalyzer-VM64-AWS only enables TLSv1 by default. All other models enable both TLSv1 and SSLv3. If you wish to disable SSLv3 support, please run:
config system global
set ssl-protocol t1sv1
end.
Pre-processing logic of ebtime
Logs with the following conditions met are considered usable for the calculation of estimated browsing time: Traffic logs with logid of 13 or 2, when logid == 13, hostname must not be empty. The service field should be either HTTP, 80/TCP or 443/TCP. If all above conditions are met, then devid, vdom, and user (srcip if user is empty) are combined as a key to identify a user. For time estimation, the current value of duration is calculated against history session start and end time, only un-overlapped part are used as the ebtime of the current log.
Port 8443 reserved
Port 8443 is reserved for https-logging from FortiClient EMS for Chromebooks.
Regards,
Prageeth Karunarathne.
Created on 04-05-2018 01:00 AM
functions. remote office/. branch office. FortiManager. Centralized device and. coverage control. FortiAnalyzer. Centralized Logging and Reporting. FortiGate. Do Essay physical or virtual. Please alter the display screen decision consequently. Please alter the display decision accordingly.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.