I had a conversation with an FTNT SE today about 6.2.4 problems. The major issues seem to boil down to below three issues:
1. DoS policy issue: It's still an known issue with 6.2.4 and not resolved, which is in the release notes.
2. IPS engine keeps crashing. A new engine is planned to be released soon. Then this would be resolved.
3. WAD memory leak issue is still not 100% resolved.
6.2.5 will fix these issues and come out relatively shortly although he couldn't tell me any target date. He recommended to wait for 6.2.5. But likely 6.0.10 comes out before 6.2.5.
By the way, FMG/FAZ 6.2.4 was to just fix vulnerabilities. They wanted to release it ASAP without waiting for bug fixes. Then 6.2.5 came out right after that with bug fixes. It was just coincidental they came out one after another.
Everything works ok after upgrade 300D cluster to 6.2.4?
I want to upgrade 300D and 60E cluster this weekend.
Yesterday just upgraded FG-60F standalone, today i discovered problem with partially stopping traffic (some VPN connections was down and problem reachable DNS serwers). I don't know the issue, after rebooting Fortigate problem was fixed.
As i noticed before was one issue with 60F today, but exactly i don't known the reason - probably ISP problem. Now just looking for (on 60F model i use: SSLVPN, dynamic routing like BGP or OSPF, few VPN tunnels, SDWAN, multiple secure profiles, VIP, NAT).
This weekend i will upgrade another 60F, cluster of 60E models, 30E, FG-60E and FWF-60E and maybe FG-300E.
If everything will be ok on next week many other models...