Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rick_muller
New Contributor

Benefits of Upgrading to 6.X

We are currently using version 5.6.11 on Fortigate 200E (data center) and Fortigate 80E (branch offices).  I am evaluating the benefits of upgrading FortiOS into 6.X.  Here are my questions:

 

1.)  What are the biggest benefits of upgrading from the 5.6.X versions into at least 6.2?

 

2.)  I am considering either 6.2.2, 6.2.3 or 6.4.  Of these versions, are there any which have been unstable or have displayed issues?  I would much rather be on a stable version which isn't necessarily the latest rather than one which may cause issues.

 

Any and all input is very much appreciated.

1 Solution
Toshi_Esumi
Esteemed Contributor II

The biggest benefit upgrading from 5.6 is to keep getting bug/vulnerability fixes. I think they already stopped implementing minor fixes to 5.6, while they need to mainin 6.0, 6.2, then now 6.4.

If you want to go to stable version, I would wait until 6.2.4 comes out. Currently planned at the end of May according to an SE. I tried 6.2.3 but decided not to go to due to some odd behaviors. You can find some problem reports with 6.2.3 on this forum.

On the other hand, we encountered a major problem related to SSL VPN w/ 6.0.9. It might work fine for you if you're not using SSL VPN.

View solution in original post

2 REPLIES 2
Toshi_Esumi
Esteemed Contributor II

The biggest benefit upgrading from 5.6 is to keep getting bug/vulnerability fixes. I think they already stopped implementing minor fixes to 5.6, while they need to mainin 6.0, 6.2, then now 6.4.

If you want to go to stable version, I would wait until 6.2.4 comes out. Currently planned at the end of May according to an SE. I tried 6.2.3 but decided not to go to due to some odd behaviors. You can find some problem reports with 6.2.3 on this forum.

On the other hand, we encountered a major problem related to SSL VPN w/ 6.0.9. It might work fine for you if you're not using SSL VPN.

James_G

6.2.x comes with a big performance boost in being able to select proxy or flow per policy, this was a 50% reduction in CPU for the same workload for me when comparing a purely proxy mode firewall.

 

6.2.x also supports new standards, TLS 1.3, WPA3 etc, so long term is an essential upgrade to continue full traffic inspection and best security.

 

I am running 6.2.3, stable but a few bugs, I have high hopes for 6.2.4 :)