Update: I can confirm 6.4.9 appears to work well, even on 1500D units
with lots of functionality enabled (BGP, FortiWiFi, IPSec, FortiEMS,
RADIUS, LDAP, SDWAN, etc.). Be sure to carefully review upgrade notes
from 6.0 to 6.2 and 6.2 to 6.4. I do reca...
If you're looking for guidance regarding what firmware has been the most
trouble-free across the breadth of documented functionality, I know
6.4.6 is solid. We've moved most of our fleet to 6.4.9, so have about 4
weeks experience on this release and ...
If there are specific IPS signatures you are needing this info on (and
also override the default action as necessary), just go to Security
Profiles -> IPS Signatures and note the value in the "Action" column. If
you want to override the default, you ...
Don't forget to protect your SSLVPN service as well! These commands
assume you don't have any existing entries in your source-address allow
list, as we are inverting the action on this list from allow to deny:
config vpn ssl settings set source-addre...
You need to register and pay a few bucks to get a key, otherwise the
retrieved list is limited to 10000 entries, but it is
fantastic.https://api.abuseipdb.com/api/v2/blacklist?limit=100000&confidenceMinimum=90&plaintext&key=
Another:https://raw.githu...
