And it looks mighty pretty :)
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Enjoy it and let us know your feedback!
Hi
I have installed it onto our 2000B and so far all looks to be ok apart from the fact that it rebuilding the database and is going to take days to do :(
Ian
Web: www.activatelearning.ac.uk
Twitter: twitter.com/activate_learn
Facebook: facebook.com/Activate-Learning
I moved my 100D's to it on 1/27. I like the change to the portal and the fact that Java is no longer needed.
Though I have had some memory issues and have had to rebuild the FW's once due to a complete failure. Database corrupted.
Still having the memory issue. I will start a separate post on that.
Hi, Ian, thanks for the update
in 5.4, we changed our raw log / SQL design and support per vdom log file and also quota is now ADOM based, so a rebuild of SQL db is needed.
Thanks
Simon
I've only seen it on the demo website. It looks and feels very pretty, but I would like to test it a bit more before making a definitive statement. :) I've downloaded the trial VM and tried to deploy it on VMware Player, but I can't make it ti appear on the network, for some reason. I cannot ping it or access the Web GUI. Mind you, I had no problems with the FortiManager 5.4.0 VM... I will keep trying though, I really, really want to test it. :)
NSE 7
All oppinions/statements written here are my own.
Hi
I upgraded from FAZ VM 5.2.4 to 5.4 and yes absolutly a sql-rebuild is needed. It makes sense to monitor the upgrade over the console to see what is going on. The sql-rebuild takes time and from this point of view plan a upgrade probably over night. From gui point of view I'm not impressed meaning the gui is not so flat as the 5.2.x one and you need more clicks to get there where you want but it seems to me that marketing is more important as useablility :(
We will see.......from scratch it seems to work nothing found at least which is not working out of scractch. What is completly new to FAZ and/or FMG is that the shell access is now protected (execute shell). Which was not the casef for 5.2.x. This means:
# config system admin setting
# set shell-access enable
Enter new password:
Confirm new password:
# end
# execute shell
Enter password:
Sh-4.3#
Be careful if you got to the shell you have more or less full root access on the FortiOS! You should really know what you are doing!!!!
hope this helps
have fun
Andrea
I've been hammering Fortinet for FG firmware problems so I owe it to you guys to say GREAT JOB WITH THIS! I had a FAZ100C and last year as part of a larger upgrade we licensed FAZVM also. I got the new firewall setup and simply pointed it at our 100C for the time being. When 5.4 came out I saw that 100C was no longer supported which is fine, because we had it for quite a while and the single drive on it makes it very slow anyway.
I loaded up the 5.4 VM, applied the license, setup a VLAN for the traffic between the FAZ and the FG500D that we use (which is still running 5.2.3).
No problems so far! The UI is beautiful. It immediately allowed me to see that all of the advertising sites I'm blocking is flooding my logs with chaff so I'm going to create a rule just for that to filter that crap out. I love the bubble charts and the summary view. It is actually like having a NOC view now which is great.
I entered my LAT and LONG and I'm dying to see something come across the Threat Map. Have not yet. Makes me thing that either I don't have my logs setup correctly (I see lots of "threats" in the traffic views) or perhaps this is the one issue with the 5.4 FAZ? Perhaps I need 5.4 on the FG for this to work? I setup all of my events and reports and those are much faster on the VM. Very nice. Makes sense as I'm running this on a Dell 2960 with RAID6 (8 drives) and dual Xeon procs. Many more IOPs for the VM to utilize.
Searching the traffic logs is much easier due to the responsiveness and the tools menu is great because it shows you the search query being used. This helps a visual person like me see and tweak the patterns used for different search queries.
Very, very nice. Have been waiting for this for a long time. Because I started essentially from scratch I didn't need to mess with the SQL log rebuilds. I'm keeping my old 100C running for a few weeks and then will take it offline after I have a few weeks of data to go back on via the new VM. I'm guessing that firmware updates via the VM is more stable because there is a more consistent architecture to test against? Let's hope. The move from FAZ 4.3 to 5.0 was not fun. 5.2 was good and 5.4 is way better.
Got my reports today as scheduled. Really like the new UI. I'm not getting any results on the threat map. At the very least, I would be interested to see it listing all of the WAN - LAN blocked traffic (even if not a threat, although an unsolicited SSH connection attempt obviously is). Do I just need to leave it open a long time or do I need to configure something that I'm missing? I have entered the LAT/LONG of my FG and that shows up where expected. I'm getting all of my other logs and data so IPS/IDS, DLP, AV are all flowing as alerts to the FAZ.
Thanks for any ideas.
One interesting aspect is that when running 5.4 on a FG500D, the threat map does work. On the FAZ it isn't for some reason. The other FG500D running 5.2.3 is connected to the FAZ. Do you need FG and FAZ to both be on 5.4 for Threatmap to work?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1731 | |
1099 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.