Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vkulik
Staff
Staff

Created on ‎03-04-2010 06:14 PM Edited on ‎06-11-2025 08:54 AM By Staff

Article Id 197336

Technical Tip: Firmware Upgrade order when upgrading multiple Fortinet devices

Description

 

This article describes generic recommendations on how to perform firmware updates of Fortinet products, explains the order in which to upgrade different devices, and provides a guide to determine the correct upgrade path.

After a product update, it is often necessary to upgrade other related devices to maintain compatibility.  

 

Scope

 

FortiGate.


Solution

 

If multiple different Fortinet devices are being used, then they should always be updated in the order: 
 
FortiAnalyzer -> FortiManager -> FortiGate devices -> Managed FortiExtender devices -> Managed FortiSwitch devices -> Managed FortiAP devices -> FortiClient EMS -> FortiClient -> FortiSandbox -> FortiMail -> FortiWeb -> FortiNAC -> FortiVoice -> FortiDeceptor ->  FortiAI ->  FortiTester ->  FortiMonitor -> FortiPolicy. 
 
As a rule of thumb, the FortiManager and the FortiAnalyzer must be at the same or higher version as the most updated managed device, otherwise, some functionality may not work correctly. 
 
When upgrading the Security Fabric, devices that manage other devices should be upgraded first. 

To plan upgrades effectively and ensure version compatibility between FortiGate (FortiOS) and other Fortinet Products, it is recommended to use the FortiOS Compatibility Tool.

 

Note: When using FortiClient with FortiAnalyzer, it is necessary to upgrade both to their latest versions. The versions of the two products should match. For example, if using FortiAnalyzer v7.2.0, use FortiClient v7.2.0. 
 
To view supported upgrade path information: 

 

  1. Go to https://support.fortinet.com. 
  2. From the Downloads menu, select Firmware Download. 
  3. Check that the Selected Product is FortiGate. 
  4. Select the Upgrade Paths tab and select the following: 
    Current Product. 
    Current FortiOS Version. 
    Upgrade To FortiOS Version. 
  5. Select Confirm. 

 

When upgrading from a very old build, no direct upgrade path may be available. In this case, the upgrade will have to be performed using a few intermediate steps to retain the configuration. 
 
Ensure that a backup is taken of the configuration file before each upgrade step. In the event of a problem during the upgrade, this will allow a rollback with the installation of the latest stable build and restoration of the configuration from the backup. 
 
When upgrading FortiAnalyzer, consider also a backup of logs before the upgrade in addition to a backup of the configuration file. The CLI guide in the FortiAnalyzer section of the Fortinet Technical Documentation website provides additional details regarding the backup of logs. 

 

Related article:

Technical Tip: Compatibility Matrix Guide

11807
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.