Recently I have upgraded FG-81F from v.7.4.0 to v.7.4.1. After upgrading the Automation logs that I have configured to send email alerts displays the UUID instead of the Threet Feed names. Is that a known bug or workaround available to resolve. Pasted below as quick reference for better understanding.
The differences can be noticed in "msg" that on v.7.4.0, it displays the names as FINANCE_URL but UUID in v.7.4.1.
In my opinion ingesting threat intelligence from multiple sources makes sense. Not to belittle the fine work that the Fortiguard team do every day but it does allow for extending the systems capabilities. Also as I mentioned in the video it can be used to update the fortigate with additional threat feeds, block lists or potentially even allowlist’s that you want to creat internally as part of internal policy or incident response. All that being said, I would continue to subscribe to Fortinets UTM services as well..
UTM services are in place. The Internet access in our organization is based on the whitelisting URLs by blocking all the categories. The external threatfeed is configured to allow ONLY the whitelisted URLs. This is synced to multiple locations instead of manually logging in to all the Fortinet devices and add the URLs manually. This is not an issue as I have being using this for several years now. The only issue that I currently see is the automation emails alerts sent with the UUID instead of the Threatfeeds name from v.7.4.1 and not earlier. So wanted to know if this is a known bug or a workaround available to resolve.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.