Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Infotech22
Contributor

Created on ‎01-17-2024 12:24 AM

Upgrades of Firmware / Automation

Hello forum,

I would like to know how many of you are dealing with upgrades of firmware from Fortinet Devices.
We have a range of Fortinet equipment, FortiGates, FortiAZ, FortiSwitches, FortiAPs.
We have them on multiple locations.

How you guys are dealing with upgrades, where to look if the upgrade is suitable for us, what type of automation you use, etc..

It's really hard to catch up with everything since I'm not just a Fortinet guy. I'm System Admin so I have a lot of other task's and its getting overwhelmed.. 

 

Labels:
1852
0 Kudos
1 Solution
Jakob-AHHG
Contributor II

Created on ‎01-17-2024 01:27 AM

Hi @Infotech22 

We have 2 ways:

Manual (local or via FortiManager )

Automated via FortiManager.

 

We are on latest FMG (74.2), and there you find it under:
Device Manager: Firmware Templates:

FMG Firmware Templates.png
 
Create a Template, and assign desired FW versions to the products, either generic or specific:
 
FMG Firmware Templates Model details.png

You can then schedule the template run run as desired, or run it manually.

 

 

Jakob Peterhänsel,
IT System Admin,
Arp-Hansen Hotrel Group A/S, Copenhagen, DK

View solution in original post

Jakob Peterhänsel,IT System Admin,Arp-Hansen Hotrel Group A/S, Copenhagen, DK
1838
14 REPLIES 14
Infotech22
Contributor
In response to AEK

Created on ‎01-17-2024 02:07 AM

Hello @AEK,

At the moment we are on 7.0.12, and it's recommending for us to go to 7.0.13 which is also mature.

So in this example when 7.0.13 was new, it was not a good idea to immediately upgrade to that version unless I didn't need new feature from that version and only when then version becomes mature?

Thank you for the comment :)

638
0 Kudos
AEK
SuperUser
SuperUser
In response to Infotech22

Created on ‎01-17-2024 02:13 AM

Hello

Going from 7.0.12 to 7.0.13 is an update operation (patch, pug fix, security patch), and it doesn't contain any new feature. So actually it is recommended to update.

The new features are only in minor release and major release, e.g.: when you upgrade from 6.4.x to 7.0.x, or when you upgrade from 7.0.x to 7.2.x.

AEK
AEK
610
Infotech22
Contributor
In response to AEK

Created on ‎01-17-2024 02:15 AM

Thank you, now it's clear to me

549
0 Kudos
Jakob-AHHG
Contributor II
In response to Infotech22

Created on ‎01-17-2024 02:14 AM

Yep, that would be recommended.

Sometimes, though, test out new versions and see if issues have been fixed, that is not in the official releasenotes.
We have had a case open with FortiNet about IGMP (Multicast) on FS148F linked directly after a FS1048E. We could only get FW 7.2.1 to work. Have tried really many versions, and all from 7.0.x to 7.2.x and 7.4.0
The latest FW 7.4.2 fixed it, so when we need Multicast (TV's in hotelrooms), the edge switches is then pushed to 7.4.2 now.

We are a lot more 'conservative' on core switches and FG's.

Jakob Peterhänsel,
IT System Admin,
Arp-Hansen Hotrel Group A/S, Copenhagen, DK
Jakob Peterhänsel,IT System Admin,Arp-Hansen Hotrel Group A/S, Copenhagen, DK
549
Infotech22
Contributor
In response to Jakob-AHHG

Created on ‎01-17-2024 02:17 AM

Good to know this,
There are a lot of cases for problems with versions..

533
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.