I'm planning to go to it on Friday on my HA pair of 1500D. We've been running 5.6.3 for about a year now, and apparently the recommended upgrade path is 5.6.3 -> 5.6.6 -> 5.6.7 which seems weird, but I guess I'll be doing a double-upgrade.
We also upgraded our 1500D cluster and 600D cluster to 5.6.7 last week, mostly because 1500D cluster with 5.6.5 and 5.6.6 had a memory leak bug which slowly ate up lots of memory, up to 90% (that after going to proxy-mode from flow-mode, before stayed around 80%). Memory usage has only slowly gone up so far, we'll see how it will be in a month's time.
Update for that "bcm.user" CPU usage. That specific 100E had also degraded network performance. In example traffic going through policies including IPS filtering sometimes were completely dropped. There was 3000ms spikes on the network.
I found something strange on our 1500D and 600D cluster: in the list of firewall rules I have added a column "Last Used" and this column doesn't update anymore with many rules, whereas with many others it is updated. And active sessions + data amount seems to be OK, although I haven't investigated the data amount. The date and time in those problematic rules shows exactly one time and date which is the time and date of firmware upgrade + 48 hours. Nothing too critical but in some cases the correct information or useful feature in debugging is gone. Probably until the next firmware upgrade or restart, who knows.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.