Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Summer 2024 badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Forums
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiBridge
- FortiAuthenticator
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDDoS
- FortiDAST
- FortiDB
- FortiDNS
- FortiDevSec
- FortiDeceptor
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGuard
- FortiGate Cloud
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecorder
- FortiRecon
- FortiSandbox
- FortiScan
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiToken
- FortiTester
- FortiWAN
- FortiVoice
- FortiWeb
- FortiWebCloud
- RMA Information and Announcements
- Wireless Controller
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Noob to Fortinet - Firmware version to use for new...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Noob to Fortinet - Firmware version to use for new out of box devices
After many years of deploying and supporting Cisco PIX/ASA, I'm moving to FortiGate. Simple (hopefully) question - a 40F I recently purchase came with 6.4.x installed, I installed the upgrade to 6.4.12. I see that 6.4 is EOES. In general, what is the community doing with brand new deploys, assuming no interoperability with other releases on other devices is needed? are you deploying the latest and greatest, or taking a conservative approach and deploying an older release. That is, right now, 7.2 vs 7.0? My installs are basic internet traffic out, VPN in. No advanced configurations. Related question - I see that there is always a recommended upgrade path (6.4.12 -> 7.0.11 -> 7.2.4), but you can also do a direct update to 7.2.4 as well. For a *brand new out of box* device, is it safe to do a direct update as opposed to following the upgrade path? I would think so, but .......?? Thanks!
https://omegle.onl/ vshare
Labels:
- Labels:
-
Fortigate
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
7.0
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I cannot answer if attempting a direct upgrade from 6.4.12 to 7.2.4 will work or not. My guess is, it will not going through normal upgrade procedures...maybe if you were doing a format flash and install process via TFTP, but why go through all that headache when stepping through 7.0.11 adds another 3-5 minutes to the normal upgrading process.
That being said, you also asked about deploying latest and greatest vs being more conservative. Fortinet now declares their firmware releases as Feature or Mature. In a nutshell, Mature releases will have less problems overall while Feature releases will be more problematic, but offer newer features. Read through the release notes for the version you are wanting to implement to see if there might be anything that might impact your environment as every network is different. Unless there is a specific feature in 7.2 code that you need to take advantage of, my recommendation is to stick with a Mature release of 7.0 code, which right now is 7.0.11
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Direct upgrades are strongly not recommend. Alternatively you may consider to load the target firmware via TFTP and configure firewall from scratch.
FortiGate
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hello
In FortiGate Upgrade there are exactly ways how you can upgrade to 7.2.4.
The Fortigate tells you exactly what makes sense-
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
It is advised to stick to the upgrade path to make sure that there are no problems or unforeseen mistakes throughout the upgrade process. The upgrade path is set up to make sure that all required firmware and software updates are made in the proper sequence and that any dependencies or compatibility problems are fixed before going on to the following version.
Following the upgrade path is crucial if you want to keep your system stable, safe, and fully functional. The performance, security, and stability of your network may be impacted by a number of problems if you skip upgrades or don't follow the upgrade process carefully.
BR
Rakesh
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
It is always recommended updating to the latest branch of software version if your device model is supported, as it would include the recent bug fixes from the previous branches. We would advise you to have a look at the release notes of specific version you are interested to upgrade to make sure you are aware about known issues & issues fixed for the same.
About the direct upgrade, we don't encourage direct upgrades at all. It is always recommended to follow the upgrade path to avoid breaking production config as syntax can change between releases and following the path means it gets handled correctly at each step. A new unit on factory default should be ok to upgrade straight to latest as far as I know but you could always just do a reset on the new firmware to be sure if you like.
Regards,
Manosh
Announcements
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
Related Posts
- Fortiproxy Cluster loses Sync approx. every... 36 Views
- BGP with AWS transit gateway 208 Views
- Fortinet Products 101 Views
- FG based HA - dual internet... 280 Views
- Curious about Web Portal for SSLVPN 260 Views
Labels
-
Fortigate
7,448 -
FortiClient
1,469 -
5.2
801 -
5.4
639 -
FortiManager
637 -
FortiAnalyzer
484 -
6.0
416 -
FortiSwitch
387 -
FortiAP
386 -
5.6
362 -
FortiClient EMS
312 -
FortiMail
287 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
181 -
FortiNAC
134 -
SSL-VPN
129 -
6.4
128 -
IPsec
124 -
FortiGuard
121 -
FortiGateCloud
97 -
FortiCloud Products
93 -
FortiSIEM
92 -
FortiToken
80 -
Customer Service
72 -
Wireless Controller
68 -
SD-WAN
65 -
4.0MR3
64 -
FortiProxy
53 -
FortiEDR
47 -
Fortivoice
46 -
FortiADC
46 -
FortiDNS
43 -
FortiAuthenticator
43 -
Firewall policy
40 -
FortiSandbox
38 -
VLAN
38 -
FortiExtender
37 -
FortiGate v5.4
36 -
FortiSwitch v6.4
32 -
High Availability
32 -
DNS
28 -
BGP
27 -
LDAP
27 -
FortiConnect
26 -
ZTNA
26 -
FortiGate v5.2
24 -
FortiWAN
24 -
FortiConverter
23 -
SAML
22 -
Interface
22 -
Authentication
21 -
Routing
21 -
Certificate
21 -
FortiSwitch v6.2
20 -
FortiLink
19 -
NAT
19 -
FortiPortal
18 -
VDOM
18 -
RADIUS
16 -
Logging
16 -
FortiMonitor
16 -
Virtual IP
16 -
Web profile
16 -
FortiGate v5.0
15 -
SSL SSH inspection
15 -
Fortigate Cloud
14 -
FortiDDoS
14 -
Application control
14 -
Traffic shaping
13 -
FortiManager v5.0
12 -
FortiCASB
12 -
SSO
12 -
IP address management - IPAM
11 -
FortiRecorder
10 -
SSID
10 -
Static route
10 -
4.0MR2
9 -
FortiGate v4.0 MR3
9 -
FortiAnalyzer v5.0
9 -
FortiSOAR
9 -
FortiWeb v5.0
9 -
SNMP
9 -
RMA Information and Announcements
9 -
OSPF
9 -
FortiAP profile
9 -
WAN optimization
9 -
FortiManager v4.0
8 -
FortiBridge
8 -
Admin
8 -
Security profile
8 -
Proxy policy
8 -
Web application firewall profile
8 -
4.0
7 -
FortiCache
7 -
Automation
7 -
trunk
6 -
IPS signature
6 -
Antivirus profile
6 -
Traffic shaping policy
6 -
System settings
6 -
FortiCarrier
5 -
FortiDirector
5 -
DNS Filter
5 -
Packet capture
5 -
FortiTester
5 -
Users
5 -
Port policy
5 -
Intrusion prevention
5 -
Fortinet Engage Partner Program
5 -
3.6
4 -
FortiDeceptor
4 -
FortiScan
4 -
Explicit proxy
4 -
FortiPAM
4 -
Traffic shaping profile
4 -
Application signature
4 -
DLP sensor
4 -
DoS policy
4 -
Web rating
4 -
FortiInsight
3 -
FortiDB
3 -
FortiCWP
3 -
FortiToken Cloud
3 -
FortiHypervisor
3 -
NAC policy
3 -
Authentication rule and scheme
3 -
DLP Dictionary
3 -
DLP profile
3 -
Email filter profile
3 -
Fabric connector
3 -
File filter
3 -
Multicast routing
3 -
FortiAI
2 -
FortiNDR
2 -
Internet Service Database
2 -
Netflow
2 -
Protocol option
2 -
Replacement messages
2 -
Schedule
2 -
Service
2 -
VoIP profile
2 -
Zone
2 -
4.0MR1
1 -
FortiManager-VM
1 -
Kerberos
1 -
RIP
1 -
Subscription Renewal Policy
1 -
Video Filter
1 -
TACACS
1 -
SDN connector
1 -
Multicast policy
1
Top Kudoed Authors
| User | Count |
|---|---|
| 1238 | |
| 932 | |
| 674 | |
| 441 | |
| 176 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.