Release Notes for FORTINET models including: FG-71F Forti Gate Firewall, FG-71F, Forti Gate Firewall, Gate Firewall, Firewall

FortiOS 7.4.3 Release Notes

FortiOS

FortiOS, 7.4.3, Release Notes

Fortinet Inc.

 User manual

Fortinet FortiGate 71F firewall (hardware) Komputer (FG-71F)

Fortinet FortiGate-71F Hardware plus 1 Year (FG-71F-BDL-809-12)

[PDF] FortiOS 7.4.3 Release Notes

Feb 7, 2024 · Fortinet recommends running a graceful firmware upgrade of a FortiGate 6000 or 7000 FGCP HA cluster by enabling uninterruptible-upgrade and ...

• Google Docs
• Google Drive
• Download [pdf]
• Download Optimized
• Document:
  • Text
  • References

File Info : application/pdf, 35 Pages, 604.86KB

Release Notes
FortiOS 7.4.3

FORTINET DOCUMENT LIBRARY https://docs.fortinet.com FORTINET VIDEO LIBRARY https://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com FORTINET TRAINING & CERTIFICATION PROGRAM https://www.fortinet.com/training-certification FORTINET TRAINING INSTITUTE https://training.fortinet.com FORTIGUARD LABS https://www.fortiguard.com END USER LICENSE AGREEMENT https://www.fortinet.com/doc/legal/EULA.pdf FEEDBACK Email: techdoc@fortinet.com
March 11, 2024 FortiOS 7.4.3 Release Notes 01-743-986078-20240311

TABLE OF CONTENTS

Change Log

5

Introduction and supported models

6

Supported models

6

FortiGate 6000 and 7000 support

6

Special notices

7

Hyperscale incompatibilities and limitations

7

FortiGate 6000 and 7000 incompatibilities and limitations

7

Remove OCVPN support

7

Remove WTP profiles for older FortiAP models

8

IP pools and VIPs are now considered local addresses

8

Remove support for SHA-1 certificate used for web management interface (GUI)

8

Number of configurable DDNS entries

8

FortiGate models with 2 GB RAM can be a Security Fabric root

9

Admin and super_admin administrators cannot log in after a prof_admin VDOM

administrator restores the VDOM configuration and reboots the FortiGate

9

SMB drive mapping with ZTNA access proxy

10

Remote access with write rights through FortiGate Cloud

10

FortiGuard Web Filtering Category v10 update

10

FortiAP-W2 models may experience bootup failure during automatic firmware and federated upgrade process if they are powered by a managed FortiSwitch's PoE port 11

CLI system permissions

11

Upgrade information

13

Fortinet Security Fabric upgrade

13

Downgrading to previous firmware versions

14

Firmware image checksums

15

FortiGate 6000 and 7000 upgrade information

15

IPS-based and voipd-based VoIP profiles

16

BIOS-level signature and file integrity checking during downgrade

17

Product integration and support

19

Virtualization environments

20

Language support

20

SSL VPN support

21

SSL VPN web mode

21

FortiExtender modem firmware compatibility

21

Resolved issues

24

Common Vulnerabilities and Exposures

24

Known issues

25

Anti Virus

25

Application Control

25

Firewall

25

FortiGate 6000 and 7000 platforms

25

FortiOS 7.4.3 Release Notes

3

Fortinet Inc.

GUI

26

HA

27

Hyperscale

27

Intrusion Prevention

28

IPsec VPN

28

Log & Report

28

Proxy

29

REST API

29

Routing

29

Security Fabric

29

SSL VPN

30

Switch Controller

30

System

30

Upgrade

31

User & Authentication

31

VM

32

Web Filter

32

WiFi Controller

32

ZTNA

33

Limitations

34

Citrix XenServer limitations

34

Open source XenServer limitations

34

FortiOS 7.4.3 Release Notes

4

Fortinet Inc.

Change Log

Date 2024-02-07 2024-02-12 2024-02-13
2024-02-20 2024-02-23 2024-02-26 2024-02-28
2024-03-04 2024-03-11

Change Description Initial release. Updated Resolved issues on page 24 and Known issues on page 25. Updated Known issues on page 25 and Remote access with write rights through FortiGate Cloud on page 10. Updated Known issues on page 25. Added BIOS-level signature and file integrity checking during downgrade on page 17. Updated Known issues on page 25. Added FortiAP-W2 models may experience bootup failure during automatic firmware and federated upgrade process if they are powered by a managed FortiSwitch's PoE port on page 11. Updated Known issues on page 25. Updated Known issues on page 25.

FortiOS 7.4.3 Release Notes

5

Fortinet Inc.

Introduction and supported models

This guide provides release information for FortiOS 7.4.3 build 2573. For FortiOS documentation, see the Fortinet Document Library.

Supported models

FortiOS 7.4.3 supports the following models.

FortiGate
FortiWiFi FortiGate Rugged FortiFirewall FortiGate VM

FG-40F, FG-40F-3G4G, FG-60E, FG-60E-DSL, FG-60E-DSLJ, FG-60E-POE, FG-60F, FG61E, FG-61F, FG-70F, FG-71F, FG-80E, FG-80E-POE, FG-80F, FG-80F-BP, FG-80F-POE, FG-81E, FG-81E-POE, FG-81F, FG-81F-POE, FG-90E, FG-91E, FG-100F, FG-101F, FG140E, FG-140E-POE, FG-200E, FG-200F, FG-201E, FG-201F, FG-300E, FG-301E, FG-400E, FG-400E-BP, FG-401E, FG-400F, FG-401F, FG-500E, FG-501E, FG-600E, FG601E, FG-600F, FG-601F, FG-800D, FG-900D, FG-900G, FG-901G, FG-1000D, FG-1000F, FG-1001F, FG-1100E, FG-1101E, FG-1800F, FG-1801F, FG-2000E, FG-2200E, FG-2201E, FG-2500E, FG-2600F, FG-2601F, FG-3000D, FG-3000F, FG-3001F, FG-3100D, FG-3200D, FG-3200F, FG-3201F, FG-3300E, FG-3301E, FG-3400E, FG-3401E, FG-3500F, FG-3501F, FG-3600E, FG-3601E, FG-3700D, FG-3700F, FG-3701F, FG-3960E, FG-3980E, FG-4200F, FG-4201F, FG-4400F, FG-4401F, FG-4800F, FG-4801F, FG-5001E, FG-5001E1, FG6000F, FG-7000E, FG-7000F
FWF-40F, FWF-40F-3G4G, FWF-60E, FWF-60E-DSL, FWF-60E-DSLJ, FWF-60F, FWF61E, FWF-61F, FWF-80F-2R, FWF-81F-2R, FWF-81F-2R-POE, FWF-81F-2R-3G4G-POE
FGR-60F, FGR-60F-3G4G, FGR-70F, FGR-70F-3G4G
FFW-1801F, FFW-2600F, FFW-3980E, FFW-4200F, FFW-4400F, FFW-4401F, FFW-VM64, FFW-VM64-KVM
FG-ARM64-AWS, FG-ARM64-AZURE, FG-ARM64-GCP, FG-ARM64-KVM, FG-ARM64OCI, FG-VM64, FG-VM64-ALI, FG-VM64-AWS, FG-VM64-AZURE, FG-VM64-GCP, FGVM64-HV, FG-VM64-IBM, FG-VM64-KVM, FG-VM64-OPC, FG-VM64-RAXONDEMAND, FG-VM64-XEN

FortiGate 6000 and 7000 support

FortiOS 7.4.3 supports the following FG-6000F, FG-7000E, and FG-7000F models:

FG-6000F FG-7000E FG-7000F

FG-6300F, FG-6301F, FG-6500F, FG-6501F FG-7030E, FG-7040E, FG-7060E FG-7081F, FG-7121F

FortiOS 7.4.3 Release Notes

6

Fortinet Inc.

Special notices

l Hyperscale incompatibilities and limitations on page 7 l FortiGate 6000 and 7000 incompatibilities and limitations on page 7 l Remove OCVPN support on page 7 l Remove WTP profiles for older FortiAP models on page 8 l IP pools and VIPs are now considered local addresses on page 8 l Remove support for SHA-1 certificate used for web management interface (GUI) on page 8 l Number of configurable DDNS entries on page 8 l FortiGate models with 2 GB RAM can be a Security Fabric root on page 9 l Admin and super_admin administrators cannot log in after a prof_admin VDOM administrator restores the VDOM
configuration and reboots the FortiGate on page 9 l SMB drive mapping with ZTNA access proxy on page 10 l Remote access with write rights through FortiGate Cloud on page 10 l FortiGuard Web Filtering Category v10 update on page 10 l FortiAP-W2 models may experience bootup failure during automatic firmware and federated upgrade process if
they are powered by a managed FortiSwitch's PoE port on page 11 l CLI system permissions on page 11

Hyperscale incompatibilities and limitations
See Hyperscale firewall incompatibilities and limitations in the Hyperscale Firewall Guide for a list of limitations and incompatibilities with FortiOS 7.4.3 features.

FortiGate 6000 and 7000 incompatibilities and limitations
See the following links for information about FortiGate 6000 and 7000 limitations and incompatibilities with FortiOS 7.4.3 features.
l FortiGate 6000 incompatibilities and limitations l FortiGate 7000E incompatibilities and limitations l FortiGate 7000F incompatibilities and limitations

Remove OCVPN support
The IPsec-based OCVPN service has been discontinued and licenses for it can no longer be purchased as of FortiOS 7.4.0. GUI, CLI, and license verification support for OCVPN has been removed from FortiOS. Upon upgrade, all IPsec

FortiOS 7.4.3 Release Notes

7

Fortinet Inc.

Special notices
phase 1 and phase 2 configurations, firewall policies, and routing configuration previously generated by the OCVPN service will remain. Alternative solutions for OCVPN are the Fabric Overlay Orchestrator in FortiOS 7.2.4 and later, and the SD-WAN overlay templates in FortiManager 7.2.0 and later.
Remove WTP profiles for older FortiAP models
Support for WTP profiles has been removed for FortiAP B, C, and D series models, and FortiAP-S models in FortiOS 7.4.0 and later. These models can no longer be managed or configured by the FortiGate wireless controller. When one of these models tries to discover the FortiGate, the FortiGate's event log includes a message that the FortiGate's wireless controller can not be managed because it is not supported.
IP pools and VIPs are now considered local addresses
In FortiOS 7.4.1 and later, all IP addresses used as IP pools and VIPs are now considered local IP addresses if responding to ARP requests on these external IP addresses is enabled (set arp-reply enable, by default). For these cases, the FortiGate is considered a destination for those IP addresses and can receive reply traffic at the application layer. Previously in FortiOS 7.4.0, this was not the case. For details on the history of the behavior changes for IP pools and VIPs, and for issues and their workarounds for the affected FortiOS versions, see Technical Tip: IP pool and virtual IP behavior changes in FortiOS 6.4, 7.0, 7.2, and 7.4.
Remove support for SHA-1 certificate used for web management interface (GUI)
In FortiOS 7.4.0 and later, users should use the built-in Fortinet_GUI_Server certificate or SHA-256 and higher certificates for the web management interface. For example: config system global
set admin-server-cert Fortinet_GUI_Server end
Number of configurable DDNS entries
Starting in FortiOS 7.4.0, the number of DDNS entries that can be configured is restricted by table size. The limits are 16, 32, and 64 entries for lentry-level, mid-range, and high-end FortiGate models respectively. After upgrading to FortiOS 7.4.0 or later, any already configured DDNS entries that exceed the limit for the FortiGate model in use will be deleted. For example, if a user has 20 DDNS entries before upgrading to 7.4.0 and is using a entrylevel FortiGate model, the last four DDNS entries will be deleted after upgrading.

FortiOS 7.4.3 Release Notes

8

Fortinet Inc.

Special notices
In such instances where the number of DDNS entries exceeds the supported limit for the FortiGate model in use, users have the option to upgrade their FortiGate model to one that supports a higher number of DDNS entries.
FortiGate models with 2 GB RAM can be a Security Fabric root
A Security Fabric topology is a tree topology consisting of a FortiGate root device and downstream devices within the mid-tier part of the tree or downstream (leaf) devices at the lowest point of the tree. As part of improvements to reducing memory usage on FortiGate models with 2 GB RAM, FortiOS 7.4.2 and later can authorize up to five devices when serving as a Fabric root. The affected models are the FortiGate 40F, 60E, 60F, 80E, and 90E series devices and their variants. To confirm if your FortiGate model has 2 GB RAM, enter diagnose hardware sysinfo conserve in the CLI and check that the total RAM value is below 2000 MB (1000 MB = 1 GB).
Admin and super_admin administrators cannot log in after a prof_ admin VDOM administrator restores the VDOM configuration and reboots the FortiGate
When a VDOM administrator using the prof_admin profile is used to restore a VDOM configuration and then reboot the FortiGate, an administrator using the super_admin profile (including the default admin administrator) cannot log in to the FortiGate. Therefore, in FortiOS 7.4.1, a prof_admin VDOM administrator should not be used to restore a VDOM configuration (FortiOS 7.4.2 and later are not affected).
Workarounds: 1. If a prof_admin VDOM administrator has already been used to restore a VDOM configuration, then do not reboot.
Instead, log in using a super_admin administrator (such as default admin), back up the full configuration, and restore the full configuration. After the full configuration restore and reboot, super_admin administrators will continue to have the ability to log into the FortiGate.
After this workaround is done, the FortiGate is still susceptible to the issue if the backup and restore is performed again by the prof_admin VDOM administrator. A FortiOS firmware upgrade with this issue resolved will be required to fully resolve this issue.
2. To recover super_admin access after having restored a VDOM configuration and performing a FortiGate reboot, power off the device and boot up the FortiGate from the backup partition using console access.

FortiOS 7.4.3 Release Notes

9

Fortinet Inc.

Special notices
SMB drive mapping with ZTNA access proxy
In FortiOS 7.4.1 and later, SMB drive mapping on a Windows PC made through a ZTNA access proxy becomes inaccessible after the PC reboots when access proxy with TCP forwarding is configured as FQDN. When configured with an IP for SMB traffic, same issue is not observed. One way to solve the issue is to enter the credentials into Windows Credential Manager in the form of domain\username. Another way to solve the issue is to leverage the KDC proxy to issue a TGT (Kerberos) ticket for the remote user. See ZTNA access proxy with KDC to access shared drives for more information. This way, there is no reply in Credential Manager anymore, and the user is authenticated against the DC.
Remote access with write rights through FortiGate Cloud
Remote access with read and write rights through FortiGate Cloud now requires a paid FortiGate Cloud subscription. The FortiGate can still be accessed in a read-only state with the free tier of FortiGate Cloud. Alternatively, you can access your FortiGate through its web interface. Please contact your Fortinet Sales/Partner for details on purchasing a FortiGate Cloud Service subscription license for your FortiGate device. For more information see the FortiGate Cloud feature comparison and FortiGate Cloud Administration guide FAQ.
FortiGuard Web Filtering Category v10 update
Fortinet has updated its web filtering categories to v10, which includes two new URL categories for AI chat and cryptocurrency websites. To use the new categories, customers must upgrade their Fortinet products to one of the versions below:
l FortiManager - Fixed in 6.0.12, 6.2.9, 6.4.7, 7.0.2, 7.2.0, 7.4.0. l FortiOS - Fixed in 7.2.7 and 7.4.1. l FortiClient - Fixed in Windows 7.2.3, macOS 7.2.3, Linux 7.2.3. l FortiClient EMS - Fixed in 7.2.1. l FortiMail - Fixed in 7.0.7, 7.2.5, 7.4.1. l FortiProxy - Fixed in 7.4.1. Please read the following CSB for more information to caveats on the usage in FortiManager and FortiOS: https://support.fortinet.com/Information/Bulletin.aspx

FortiOS 7.4.3 Release Notes

10

Fortinet Inc.

Special notices
FortiAP-W2 models may experience bootup failure during automatic firmware and federated upgrade process if they are powered by a managed FortiSwitch's PoE port
Disable automatic firmware upgrades and the federated upgrade feature if you have FortiAP-W2 devices that are exclusively powered by a PoE port from a FortiGate or FortiSwitch. The federated upgrade feature starts the upgrades of managed FortiSwitch and FortiAP devices start at approximately the same time. Some FortiAP-W2 devices take a longer time to upgrade than the FortiSwitch devices. When the FortiSwitch finishes upgrading, it reboots, and can disrupt the PoE power to the FortiAP devices. If a FortiAP device is still upgrading when the power is disrupted, it can cause the FortiAP device to experience a bootup failure. Both automatic firmware upgrade and manually triggering federated upgrade can cause this issue. For more information about federated upgrade and automatic firmware upgrades, see Upgrading all device firmware by following the upgrade path (federated update) and Enabling automatic firmware updates.
To disable automatic upgrade:
config system fortiguard set auto-firmware-upgrade disable
end

CLI system permissions

Starting in FortiOS 7.4.2, the usage of CLI diagnostic commands (cli-diagnose), previously named systemdiagnostics, is disabled by default, with the exception of super_admin profile users. Users can now exercise more granular control over the CLI commands. See CLI system permissions for more information.
When the user upgrades to FortiOS 7.4.2 or later, the following settings for CLI options will be applied, irrespective of whether system-diagnostics was enabled or disabled in FortiOS 7.4.1 or earlier.

CLI option cli-diagnose cli-get cli-show cli-exec cli-config

Status Disabled Enabled Enabled Enabled Enabled

To enable permission to run CLI diagnostic commands after upgrading:
config system accprofile edit <name> set cli-diagnose enable

FortiOS 7.4.3 Release Notes

11

Fortinet Inc.

Special notices
next end

Many diagnostic commands have privileged access. As a result, using them could unintentionally grant unexpected access or cause serious problems, so understanding the risks involved is crucial.

FortiOS 7.4.3 Release Notes

12

Fortinet Inc.

Upgrade information

Supported upgrade path information is available on the Fortinet Customer Service & Support site.
To view supported upgrade path information:
1. Go to https://support.fortinet.com. 2. From the Download menu, select Firmware Images. 3. Check that Select Product is FortiGate. 4. Click the Upgrade Path tab and select the following:
l Current Product l Current FortiOS Version l Upgrade To FortiOS Version 5. Click Go.

Fortinet Security Fabric upgrade

FortiOS 7.4.3 greatly increases the interoperability between other Fortinet products. This includes:

FortiAnalyzer FortiManager FortiExtender FortiSwitch OS (FortiLink support) FortiAP FortiAP-U FortiAP-W2 FortiClient* EMS FortiClient* Microsoft Windows FortiClient* Mac OS X FortiClient* Linux FortiClient* iOS FortiClient* Android FortiSandbox

l 7.4.2 l 7.4.2 l 7.4.0 and later l 6.4.6 build 0470 and later
l 7.2.2 and later l 6.2.5 and later l 7.2.2 and later l 7.0.3 build 0229 and later l 7.0.3 build 0193 and later
l 7.0.3 build 0131 and later l 7.0.3 build 0137 and later l 7.0.2 build 0036 and later l 7.0.2 build 0031 and later l 2.3.3 and later for post-transfer scanning l 4.2.0 and later for post-transfer and inline scanning

FortiOS 7.4.3 Release Notes

13

Fortinet Inc.

Upgrade information
* If you are using FortiClient only for IPsec VPN or SSL VPN, FortiClient version 6.0 and later are supported.
When upgrading your Security Fabric, devices that manage other devices should be upgraded first.
When using FortiClient with FortiAnalyzer, you should upgrade both to their latest versions. The versions between the two products should match. For example, if using FortiAnalyzer 7.4.0, use FortiClient 7.4.0.
Upgrade the firmware of each device in the following order. This maintains network connectivity without the need to use manual steps.
1. FortiAnalyzer 2. FortiManager 3. Managed FortiExtender devices 4. FortiGate devices 5. Managed FortiSwitch devices 6. Managed FortiAP devices 7. FortiClient EMS 8. FortiClient 9. FortiSandbox 10. FortiMail 11. FortiWeb 12. FortiNAC 13. FortiVoice 14. FortiDeceptor 15. FortiNDR 16. FortiTester 17. FortiMonitor 18. FortiPolicy
If Security Fabric is enabled, then all FortiGate devices must be upgraded to 7.4.3. When Security Fabric is enabled in FortiOS 7.4.3, all FortiGate devices must be running FortiOS 7.4.3.

Downgrading to previous firmware versions
Downgrading to previous firmware versions results in configuration loss on all models. Only the following settings are retained:
l operation mode l interface IP/management IP l static route table l DNS settings l admin user account

FortiOS 7.4.3 Release Notes

14

Fortinet Inc.

Upgrade information
l session helpers l system access profiles
Firmware image checksums
The MD5 checksums for all Fortinet software and firmware releases are available at the Customer Service & Support portal, https://support.fortinet.com. After logging in, go to Support > Firmware Image Checksums (in the Downloads section), enter the image file name including the extension, and click Get Checksum Code.
FortiGate 6000 and 7000 upgrade information
Upgrade FortiGate 6000 firmware from the management board GUI or CLI. Upgrade FortiGate 7000 firmware from the primary FIM GUI or CLI. The FortiGate 6000 management board and FPCs or the FortiGate 7000 FIMs and FPMs all run the same firmware image. Upgrading the firmware copies the firmware image to all components, which then install the new firmware and restart. A FortiGate 6000 or 7000 firmware upgrade can take a few minutes, the amount of time depending on the hardware and software configuration and whether DP or NP7 processor software is also upgraded. On a standalone FortiGate 6000 or 7000, or an HA cluster with uninterruptible-upgrade disabled, the firmware upgrade interrupts traffic because all components upgrade in one step. These firmware upgrades should be done during a quiet time because traffic can be interrupted for a few minutes during the upgrade process. Fortinet recommends running a graceful firmware upgrade of a FortiGate 6000 or 7000 FGCP HA cluster by enabling uninterruptible-upgrade and session-pickup. A graceful firmware upgrade only causes minimal traffic interruption.
Fortinet recommends that you review the services provided by your FortiGate 6000 or 7000 before a firmware upgrade and then again after the upgrade to make sure that these services continue to operate normally. For example, you might want to verify that you can successfully access an important server used by your organization before the upgrade and make sure that you can still reach the server after the upgrade and performance is comparable. You can also take a snapshot of key performance indicators (for example, number of sessions, CPU usage, and memory usage) before the upgrade and verify that you see comparable performance after the upgrade.
To perform a graceful upgrade of your FortiGate 6000 or 7000 to FortiOS 7.4.3:
1. Use the following command to set the upgrade-mode to uninterruptible to support HA graceful upgrade: config system ha set uninterruptible-upgrade enable end

FortiOS 7.4.3 Release Notes

15

Fortinet Inc.

Upgrade information
When upgrading from FortiOS 7.4.1 to a later version, use the following command to enable uninterruptible upgrade:
config system ha set upgrade-mode uninterruptible
end
2. Download the FortiOS 7.4.3 FG-6000F, FG-7000E, or FG-7000F firmware from https://support.fortinet.com. 3. Perform a normal upgrade of your HA cluster using the downloaded firmware image file. 4. When the upgrade is complete, verify that you have installed the correct firmware version.
For example, check the FortiGate dashboard or use the get system status command. 5. Confirm that all components are synchronized and operating normally.
For example, go to Monitor > Configuration Sync Monitor to view the status of all components, or use diagnose sys confsync status to confirm that all components are synchronized.
IPS-based and voipd-based VoIP profiles
In FortiOS 7.4.0 and later, the new IPS-based VoIP profile allows flow-based SIP to complement SIP ALG while working together. There are now two types of VoIP profiles that can be configured: config voip profile
edit <name> set feature-set {ips | voipd}
next end
A voipd-based VoIP profile is handled by the voipd daemon using SIP ALG inspection. This is renamed from proxy in previous FortiOS versions.
An ips-based VoIP profile is handled by the IPS daemon using flow-based SIP inspection. This is renamed from flow in previous FortiOS versions.
Both VoIP profile types can be configured at the same time on a firewall policy. For example: config firewall policy
edit 1 set voip-profile "voip_sip_alg" set ips-voip-filter "voip_sip_ips"
next end
Where:
l voip-profile can select a voip-profile with feature-set voipd. l ips-voip-filter can select a voip-profile with feature-set ips.
The VoIP profile selection within a firewall policy is restored to pre-7.0 behavior. The VoIP profile can be selected regardless of the inspection mode used in the firewall policy. The new ips-voip-filter setting allows users to select an IPS-based VoIP profile to apply flow-based SIP inspection, which can work concurrently with SIP ALG.
Upon upgrade, the feature-set setting of the voip profile determines whether the profile applied in the firewall policy is voip-profile or ips-voip-filter.

FortiOS 7.4.3 Release Notes

16

Fortinet Inc.

Upgrade information

Before upgrade
config voip profile edit "ips_voip_filter" set feature-set flow next edit "sip_alg_profile" set feature-set proxy next
end
config firewall policy edit 1 set voip-profile "ips_voip_filter" next edit 2 set voip-profile "sip_alg_profile" next
end

After upgrade
config voip profile edit "ips_voip_filter" set feature-set ips next edit "sip_alg_profile" set feature-set voipd next
end
config firewall policy edit 1 set ips-voip-filter "ips_voip_
filter" next edit 2 set voip-profile "sip_alg_profile" next
end

BIOS-level signature and file integrity checking during downgrade
When downgrading to a version of FortiOS prior to 6.4.13, 7.0.12, and 7.2.5 that does not support BIOS-level signature and file integrity check during bootup, the following steps should be taken if the BIOS version of the FortiGate matches the following versions:
l 6000100 or greater l 5000100 or greater
To downgrade or upgrade to or from a version that does not support BIOS-level signature and file integrity check during bootup:
1. If the current security level is 2, change the security level to 0. This issue does not affect security level 1 or below. 2. Downgrade to the desired FortiOS firmware version. 3. If upgrading back to 6.4.13, 7.0.12, 7.2.5, 7.4.0, or later, ensure that the security level is set to 0. 4. Upgrade to the desired FortiOS firmware version. 5. Change the security level back to 2.
To verify the BIOS version:
The BIOS version is displayed during bootup: Please stand by while rebooting the system. Restarting system FortiGate-1001F (13:13-05.16.2023) Ver:06000100

FortiOS 7.4.3 Release Notes

17

Fortinet Inc.

Upgrade information
To verify the security level:
# get system status Version: FortiGate-VM64 v7.4.2,build2571,231219 (GA.F) First GA patch build date: 230509 Security Level: 1
To change the security level:
1. Connect to the console port of the FortiGate. 2. Reboot the FortiGate (execute reboot) and enter the BIOS menu. 3. Press [I] to enter the System Information menu 4. Press [U] to enter the Set security level menu 5. Enter the required security level. 6. Continue to boot the device.

FortiOS 7.4.3 Release Notes

18

Fortinet Inc.

Product integration and support

The following table lists FortiOS 7.4.3 product integration and support information:

Web browsers Explicit web proxy browser FortiController Fortinet Single Sign-On (FSSO)
AV Engine IPS Engine

l Microsoft Edge 112 l Mozilla Firefox version 113 l Google Chrome version 113 Other browser versions have not been tested, but may fully function. Other web browsers may function correctly, but are not supported by Fortinet.
l Microsoft Edge 112 l Mozilla Firefox version 113 l Google Chrome version 113 Other browser versions have not been tested, but may fully function. Other web browsers may function correctly, but are not supported by Fortinet.
l 5.2.5 and later Supported models: FCTL-5103B, FCTL-5903C, FCTL-5913C
l 5.0 build 0314 and later (needed for FSSO agent support OU in group filters) l Windows Server 2022 Standard l Windows Server 2022 Datacenter l Windows Server 2019 Standard l Windows Server 2019 Datacenter l Windows Server 2019 Core l Windows Server 2016 Datacenter l Windows Server 2016 Standard l Windows Server 2016 Core l Windows Server 2012 Standard l Windows Server 2012 R2 Standard l Windows Server 2012 Core l Novell eDirectory 8.8
l 7.00021
l 7.00524

See also:
l Virtualization environments on page 20 l Language support on page 20 l SSL VPN support on page 21 l FortiExtender modem firmware compatibility on page 21

FortiOS 7.4.3 Release Notes

19

Fortinet Inc.

Product integration and support

Virtualization environments

The following table lists hypervisors and recommended versions.

Hypervisor Citrix Hypervisor Linux KVM
Microsoft Windows Server Windows Hyper-V Server Open source XenServer
VMware ESXi

Recommended versions l 8.2 Express Edition, CU1 l Ubuntu 22.04.3 LTS l Red Hat Enterprise Linux release 8.4 l SUSE Linux Enterprise Server 12 SP3 release 12.3 l Windows Server 2019 l Microsoft Hyper-V Server 2019 l Version 3.4.3 l Version 4.1 and later l Versions 6.5, 6.7, 7.0, and 8.0.

Language support

The following table lists language support information.

Language support

Language

GUI

English



Chinese (Simplified)



Chinese (Traditional)



French



Japanese



Korean



Portuguese (Brazil)



Spanish



FortiOS 7.4.3 Release Notes

20

Fortinet Inc.

Product integration and support

SSL VPN support

SSL VPN web mode

The following table lists the operating systems and web browsers supported by SSL VPN web mode.

Supported operating systems and web browsers

Operating System Microsoft Windows 7 SP1 (32-bit & 64-bit) Microsoft Windows 10 (64-bit)
Ubuntu 20.04 (64-bit) macOS Ventura 13.1
iOS
Android

Web Browser
Mozilla Firefox version 113 Google Chrome version 112
Microsoft Edge Mozilla Firefox version 113 Google Chrome version 112
Mozilla Firefox version 113 Google Chrome version 112
Apple Safari version 16 Mozilla Firefox version 103 Google Chrome version 111
Apple Safari Mozilla Firefox Google Chrome
Mozilla Firefox Google Chrome

Other operating systems and web browsers may function correctly, but are not supported by Fortinet.

FortiExtender modem firmware compatibility

The following table lists the modem firmware file name and version for each FortiExtender model and its compatible geographical region.

FortiExtender model FEX-101F-AM
FEX-101F-EA

Modem firmware image name
FEM_EM06A-22-1-1
FEM_EM06E-22-01-01
FEM_EM06E-22.2.2

Modem firmware file on Support site
FEM_EM06A-22.1.1-build0001.out
FEM_EM06E-22.1.1-build0001.out
FEM_EM06E-22.2.2-build0002.out

Geographical region
America
EU
EU

FortiOS 7.4.3 Release Notes

21

Fortinet Inc.

Product integration and support

FortiExtender model FEX-201E
FEX-201F-AM

Modem firmware image name FEM_06-19-0-0-AMEU FEM_06-19-1-0-AMEU FEM_06-22-1-1-AMEU FEM_06-22-1-2-AMEU
FEM_07A-22-1-0-AMERICA
FEM_07A-22-2-0-AMERICA

FEX-201F-EA

FEM_07E-22-0-0-WRLD FEM_07E-22-1-1-WRLD

FEX-202F-AM

FEM_07A-22-1-0-AMERICA FEM_07A-22-2-0-AMERICA

FEX-202F-EA
FEX-211E
FEV-211F_AM FEV-211F FEX-211F-AM FEX-212F FEX-311F

FEM_07E-22-1-1-WRLD
FEM_12-19-1-0-WRLD FEM_12-19-2-0-WRLD FEM_12-22-1-0-AMEU FEM_12-22-1-1-WRLD FEM_12_EM7511-22-1-2AMERICA FEM_12-22-1-0-AMEU FEM_12_EM7511-22-1-2AMERICA FEM_12-19-2-0-WRLD FEM_12-22-1-1-WRLD FEM_EM160-22-02-03 FEM_EM160-22-1-2

Modem firmware file on Support Geographical

site

region

FEM_06-19.0.0-build0000-AMEU.out America and EU

FEM_06-19.1.0-build0001-AMEU.out America and EU

FEM_06-22.1.1-build0001-AMEU.out America and EU

FEM_06-22.1.2-build0001-AMEU.out America and EU

FEM_07A-22.1.0-build0001AMERICA.out

America

FEM_07A-22.2.0-build0002AMERICA.out

America

FEM_07E-22.0.0-build0001WRLD.out

World

FEM_07E-22.1.1-build0001WRLD.out

World

FEM_07A-22.1.0-build0001AMERICA.out

America

FEM_07A-22.2.0-build0002AMERICA.out

America

FEM_07E-22.1.1-build0001WRLD.out

World

FEM_12-19.1.0-build0001-WRLD.out World

FEM_12-19.2.0-build0002-WRLD.out World

FEM_12-22.0.0-build0001-AMEU.out America and EU

FEM_12-22.1.1-build0001-WRLD.out World

FEM_12_EM7511-22.1.2-build0001AMERICA.out

America

FEM_12-22.1.0-build0001-AMEU.out World

FEM_12_EM7511-22.1.2-build0001AMERICA.out

America

FEM_12-19.2.0-build0002-WRLD.out World

FEM_12-22.1.1-build0001-WRLD.out World

FEM_EM160-22.2.3-build0001.out World

FEM_EM160-22.1.2-build0001.out World

FortiOS 7.4.3 Release Notes

22

Fortinet Inc.

Product integration and support

FortiExtender model
FEX-511F

Modem firmware image name FEM_RM502Q-21-2-2 FEM_RM502Q-22-03-03
FEM_RM502Q-22-04-04-AU
FEM_RM502Q-22-1-1 FEM_RM502Q-22-2-2

Modem firmware file on Support site
FEM_RM502Q-21.2.2-build0003.out
FEM_RM502Q-22.3.3-build0004.out
FEM_RM502Q-22.4.4-build0005_ AU.out
FEM_RM502Q-22.1.1-build0001.out
FEM_RM502Q-22.2.2-build0002.out

Geographical region World World
Australia
World World

The modem firmware can also be uploaded manually by downloading the file from the Fortinet Customer Service & Support site. The firmware file names are listed in the third column of the table.

To download the modem firmware:
1. Go to https://support.fortinet.com/Download/FirmwareImages.aspx. 2. From the Select Product dropdown, select FortiExtender. 3. Select the Download tab. 4. Click MODEM-Firmware. 5. Select the FortiExtender model and image name, then download the firmware file.

FortiOS 7.4.3 Release Notes

23

Fortinet Inc.

Resolved issues

The following issues have been fixed in version 7.4.3. To inquire about a particular bug, please contact Customer Service & Support.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID 989429
993323

CVE references
FortiOS 7.4.3 is no longer vulnerable to the following CVE Reference: l CVE-2024-21762
FortiOS 7.4.3 is no longer vulnerable to the following CVE Reference: l CVE-2024-23113

FortiOS 7.4.3 Release Notes

24

Fortinet Inc.

Known issues

The following issues have been identified in version 7.4.3. To inquire about a particular bug or report a bug, please contact Customer Service & Support.

Anti Virus

Bug ID 977634

Description FortiOS High Security Alert block page reference URL is incorrect.

Application Control

Bug ID 934197

Description Selected applications will disappear after searching or filtering for other applications in override.

Firewall
Bug ID 760292 959065
966466 981283

Description The date in the graph of Last 7 Days traffic statistics for the policy is incorrect. Once a traffic shaper is applied to a traffic shaping firewall policy, the counters should not clear when deleting or creating a traffic shaper. On an FG-3001F NP7 device, packet loss occurs even on local-in traffic. NAT64/46 HTTP virtual server does not work as expected in the policy.

FortiGate 6000 and 7000 platforms

Bug ID 781163

Description
FortiView Sources page is unable to display historical data from FortiAnalyzer due to Fail to retrieve FortiView data error.

FortiOS 7.4.3 Release Notes

25

Fortinet Inc.

Known issues
Bug ID 787604 790464
885205
887946 910883
911244 973407 978241

Description
Transceiver information in unavailable for FPM/FIM2 ports in the GUI.
Existing ARP entries are removed from all slots when an ARP query of a single slot does not respond.
IPv6 ECMP is not supported for the FortiGate 6000F and 7000E platforms. IPv6 ECMP is supported for the FortiGate 7000F platform.
UTM traffic is blocked by an FGSP configuration with asymmetric routing.
The FortiGate 6000s or 7000s in an FGSP cluster may load balance FTP data sessions to different FPCs or FPMs. This can cause delays while the affected FortiGate 6000 or 7000 re-installs the sessions on the correct FPC or FPM.
FortiGate 7000E IPv6 routes may not be synchronized correctly among FIMs and FPMs.
FIM installed NPU session causes the SSE to get stuck.
FortiGate does not honor worker port partition when SNATing connections using a fixed port range IP pool.

GUI
Bug ID 848660
853352 885427 925388 931486 961796
964386 966702 972887

Description Read-only administrator may encounter a Maximum number of monitored interfaces reached error when viewing an interface bandwidth widget for an interface that does not have the monitor bandwidth feature enabled. Workaround: super_admin users can enable the monitor bandwidth feature on the interface first, then the widget can work for read-only administrators. When viewing entries in slide-out pan of the Policy & Objects > Internet Service Database page, users cannot scroll down to the end if there are over 100K entries.
Suggest showing the SFP status information on the faceplate of FGR-60F/60F-3G4G devices.
After updating, the CMDB may not start up properly. This issue causes problems with both the GUI and CLI.
Unexpected behavior in httpsd when the user has a lot of FQDN addresses.
When administrator GUI access (HTTPS) is enabled on SD-WAN member interfaces, the GUI may not be accessible on the SD-WAN interface due to incorrect routing of the response packet. Workaround: access the GUI using another internal interface that is not part of an SD-WAN link.
GUI dashboards show all the IPv6 sessions on every VDOM.
List of security profiles it is not displayed correctly in the GUI.
The interface firewall object created automatically is not found by a firewall policy search with IP address.

FortiOS 7.4.3 Release Notes

26

Fortinet Inc.

Known issues Bug ID 974988
975403 979508
983422 989512

Description
FortiGate GUI should not show a license expired notification due to an expired device-level FortiManager Cloud license if it still has a valid account-level FortiManager Cloud license (function is not affected).
FortiGate removes the ? from custom replacement messages.
The Operation Technology category cannot be turned on or off from the GUI. The option to enable/disable the Operational Technology category on application control profiles when hovering the mouse over the category name is missing. Workaround: use the CLI to configure it.
A GTP profile cannot be applied to policy using the GUI. Workaround: use the CLI to apply the GTP profile.
When the number of users in the Firewall User monitor exceeds 2000, the search bar is no longer be displayed.

HA
Bug ID 971075 1000001

Description
The last interface belonging to the management VDOM (not root VDOM) is not displayed when accessing ha-mgmt-interface.
A secondary HA unit may go into conserve mode when joining an HA cluster if the FortiGate's configuration is large.

Hyperscale

Bug ID 817562 850252 896203
976972 977376 975264 981918

Description NPD/LPMD cannot differentiate the different VRFs, and considers all VRFs as 0. Restoring a specific VDOM configuration from the GUI does not restore the complete configuration. The parse error, NPD-0:NPD PARSE ADDR GRP gmail.com MEMBER ERR, appears after rebooting the system. New primary can get stuck on failover with HTTP CC sessions. FG-4201F has a 10% performance drop during a CPS test case with DoS policy. Hyperscale should not support threat feed addresses with the negate option. Hyperscale policy loses the cgn-log-server-grp setting with log mode per-mapping when the system reboots.

FortiOS 7.4.3 Release Notes

27

Fortinet Inc.

Known issues
Intrusion Prevention

Bug ID 782966

Description
IPS sensor GUI shows All Attributes in the filter table when IPS filters with default values are selected in the CLI.

IPsec VPN

Bug ID 866413
897871 944600
970703 1003830

Description
Traffic over GRE tunnel over IPsec tunnel, or traffic over IPsec tunnel with GRE encapsulation is not offloaded on NP7-based units.
GRE over IPsec does not work in transport mode.
CPU usage issues occurred when IPsec VPN traffic was received on the VLAN interface of an NP7 vlink.
FortiGate 6K and 7K models do not support IPsec VPN over vdom-link/npu-vlink.
IPsec VPN tunnel phase 2 instability after upgrading to 7.4.2 on the NP6xlite platform. Workaround: disable replay detection on the phase 2 interface on both sides of the IPsec VPN:
config vpn ipsec phase2-interface edit <name> set replay disable next
end

Log & Report

Bug ID 960661

Description
FortiAnalyzer report is not available to view for the secondary unit in the HA cluster. Workaround: view the report directly in FortiAnalyzer.

FortiOS 7.4.3 Release Notes

28

Fortinet Inc.

Known issues
Proxy
Bug ID 900546
910678
922093 933002 965966

Description
DNS proxy may resolve with an IPv4 address, even when pref-dns-result is set to IPv6, if the IPv4 response comes first and there is no DNS cache.
CPU usage issue in WAD caused by a high number of devices being detected by the device detection feature.
High CPU due to WAD process and disrupted HTTPS connections.
Memory usage issue in WAD caused by a rare error condition.
An error condition occurred in WAD due to heavy HTTP video traffic when using a video filter profile with deep inspection enabled.

REST API

Bug ID 964424

Description
REST API GET /ips/sensor/{name} adds extra space to locations, severity, protocol, os, and application field values.

Routing
Bug ID 903444 974921
984478 989840

Description The diagnose ip rtcache list command is no longer supported in the FortiOS 4.19 kernel. Configuring the Set weight on the route map to 0 in the GUI does not save this setting in the CLI configuration. The SD-WAN Rules GUI page keeps loading. Issue with PIM neighborship over an IPSec tunnel with NP offload.

Security Fabric

Bug ID 948322

Description
After deauthorizing a downstream FortiGate from the System > Firmware & Registration page, the page may appear to be stuck to loading.

FortiOS 7.4.3 Release Notes

29

Fortinet Inc.

Known issues
Bug ID
966740 968585 972921

Description Workaround: perform a full page refresh to allow the page to load again. Security rating Last Ran displays incorrect values. The automation stitch triggered by the FortiAnalyzer event handler does not work as expected. The comments are not working as expected in the threat feed list for the domain threat feed.

SSL VPN

Bug ID 951827

Description
SSL VPN client certificate verification failed after importing the VDOM user peer CA certificate into the global VDOM.

Switch Controller

Bug ID 955550
988335

Description
Unexpected behavior in cu_acd and fortilinkd is causing the CPU to handle the majority of the traffic instead of the NPU.
If a user's network has more than 20 MAC addresses in a NAC environment, it is possible for the CAPWAP to come down.

System
Bug ID 907622 910364 912383
921134 953692
956697

Description GUI is missing DDNS Domain text field box when creating a new DDNS entry.
CPU usage issue in miglogd caused by constant updates to the ZTNA tags.
FGR-70F and FGR-70F-3G4G failed to perform regular reboot process (using execute reboot command) with an SD card inserted.
GUI is inaccessible when using a SHA1 certificate as admin-server-cert.
SNMP stops working when a second server is added. The FortiGate stops answering SNMP requests to both servers.
On NP7 platforms, the FortiGate maybe reboot twice when upgrading to 7.4.2 or restoring a configuration after a factory reset or burn image. This issue does not impact FortiOS functionality.

FortiOS 7.4.3 Release Notes

30

Fortinet Inc.

Known issues
Bug ID 964465
968618 971404 971466 977231 921604

Description Administrator with read-write permission for WiFi and read permission for network configuration cannot create SSIDs. Workaround: give the administrator read-write permission for network configuration. After the upgrade to 7.4, the NP7 L2P is dropping packets at the L2TI module. Session expiration does not get updated for offloaded traffic between a specific host range. FGR 60F faces packet loss with a Cisco switch directly connected to it. An error condition occurred in fgfm caused by an out-of-band management configuration. On the FortiGate 601F, the ports (x7) have no cables attached but the link LEDs are green.

Upgrade
Bug ID 952828 977281
999324

Description
The automatic patch upgrade feature overlooks patch release with the Feature label. Consequentaly, a FortiGate running 7.4.2 GA does not automatically upgrade to 7.4.3 GA. Workaround: Manually upgrade to a 7.4 Feature patch on the System > Firmware & Registration page.
After the FortiGate in an HA environment is upgraded using the Fabric upgrade feature, the GUI might incorrectly show the status Downgrade to 7.2.X shortly, even though the upgrade has completed. This is only a display issue; the Fabric upgrade will not recur unless it is manually scheduled. Workaround: Confirm the Fabric upgrade status to make sure that it is not enabled:
config system federated-upgrade set status disabled
end
FortiGate Pay-As-You-Go or On-demand VM versions cannot upload firmware using the System > Firmware & Registration > File Upload page. Workaround: Use the Latest Firmware or All Upgrade page to upgrade the firmware.

User & Authentication

Bug ID 667150

Description
When a remote LDAP user with Two-factor Authentication enabled and Authentication type 'FortiToken' tries to access the internet through firewall authentication, the web page does not receive the FortiToken notification or proceed to authenticate the user.

FortiOS 7.4.3 Release Notes

31

Fortinet Inc.

Known issues
Bug ID
884462 967146 972391 975689 982573

Description Workaround: click the Continue button on the authentication page after approving the FortiToken on the mobile device. NTLM authentication does not work with Chrome. Upon expiration, the SSL certificate is removed from GUI but not from the CLI. RADIUS group is not properly displayed as used. Unable to print with custom guest user print template. Dashboard > Assets & Identities page shows devices and interfaces from all VDOMs.

VM
Bug ID 938382 967134 977110 978021

Description OpenStack Queens FortiGate VM HA heartbeat on broadcast is not working as expected. An interrupt distribution issue may cause the CPU load to not be balanced on the FG-VM cores. Interface disappears after enabling unicast-status on HA. VNI length is zero in the GENEVE header when in FTP passive mode.

Web Filter

Bug ID 634781

Description Unable to customize replacement message for FortiGuard category in web filter profile.

WiFi Controller

Bug ID 814541
869978 883938

Description
When there are extra large number of managed FortiAP devices (over 500) and large number of WiFi clients (over 5000), the Managed FortiAPs page and FortiAP Status widget can take a long time to load. This issue does not impact FortiAP operation.
CAPWAP tunnel traffic over tunnel SSID is dropped when offloading is enabled.
Flooded wireless STA traffic seen in L2 tunneled VLAN (FG-1800F).

FortiOS 7.4.3 Release Notes

32

Fortinet Inc.

Known issues
Bug ID 903922
949682 964757 972093 998578

Description
Physical and logical topology is slow to load when there are a lot of managed FortiAP (over 50). This issue does not impact FortiAP management and operation.
Intermittent traffic disruption observed in cw_acd caused by a rare error condition.
Clients randomly unable to connect to 802.1X SSID when FortiAP has a DTLS policy enabled.
RADIUS accounting data usage is different between the bridge and tunnel VAP.
On FortiGate devices running 7.4.2 or 7.4.3, managed FortiAP-W2 devices might randomly go offline. Workaround: Reboot the FortiAP-W2 device, or use version 7.4.1 or earlier on the FortiGate.

ZTNA
Bug ID 819987

Description SMB drive mapping made through a ZTNA access proxy is inaccessible after rebooting.

FortiOS 7.4.3 Release Notes

33

Fortinet Inc.

Limitations
Citrix XenServer limitations
The following limitations apply to Citrix XenServer installations: l XenTools installation is not supported. l FortiGate-VM can be imported or deployed in only the following three formats: l XVA (recommended) l VHD l OVF l The XVA format comes pre-configured with default configurations for VM name, virtual CPU, memory, and virtual NIC. Other formats will require manual configuration before the first power on process.
Open source XenServer limitations
When using Linux Ubuntu version 11.10, XenServer version 4.1.0, and libvir version 0.9.2, importing issues may arise when using the QCOW2 format and existing HDA issues.

FortiOS 7.4.3 Release Notes

34

Fortinet Inc.

www.fortinet.com
Copyright© 2024 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet's Chief Legal Officer, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet's internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.



References

• Gmail
• mailto:techdoc@fortinet.com
• Global Leader of Cybersecurity Solutions and Services | Fortinet
• Fortinet Blog - Broad, Integrated, Automated Cybersecurity 
• Fortinet Blog - Broad, Integrated, Automated Cybersecurity 
• Technical Tip: IP pool and virtual IP behavior cha... - Fortinet Community
• Fortinet Document Library | Home
• Fortinet Document Library | Home
• FortiGate / FortiOS 7.6
• Welcome
• Welcome
• Fortinet SSO
• Fortinet SSO
• Home | Training Institute
• Home | Training Institute
• Fortinet Video Library
• Fortinet Video Library
• FortiGuard Labs
• FortiGuard Labs
• Global Leader of Cybersecurity Solutions and Services | Fortinet
• How to get Certified for Cybersecurity | Fortinet

Related Documents

	FortiOS 6.4.3 Release Notes Official release notes for FortiOS version 6.4.3, detailing new features, enhancements, resolved issues, and known issues for Fortinet's network security operating system. Includes supported models and upgrade information.
	FortiOS 7.4.2 Release Notes - Fortinet Official release notes for FortiOS 7.4.2 by Fortinet, detailing new features, enhancements, resolved issues, and known issues for Fortinet's network security operating system.
	FortiOS 6.2.9 Release Notes This document provides release information for FortiOS version 6.2.9, detailing supported models, special notices, upgrade procedures, product integration, resolved issues, known issues, and limitations.
	FortiOS 7.4.0 Release Notes: New Features, Fixes, and Updates Explore the FortiOS 7.4.0 release notes from Fortinet, detailing new features, enhancements, resolved issues, known issues, and upgrade information for their network security operating system.
	Fortinet FortiGate Network Security Platform Top Selling Models Matrix A comprehensive matrix detailing the top-selling models of the Fortinet FortiGate Network Security Platform, including specifications for firewall throughput, IPsec VPN throughput, IPS throughput, NGFW throughput, threat protection throughput, firewall latency, concurrent sessions, new sessions per second, firewall policies, maximum tunnels, SSL VPN throughput, concurrent SSL VPN users, SSL inspection throughput, application control throughput, maximum FortiAPs, FortiSwitches, FortiTokens, and virtual domains.
	FortiOS 7.2.11 Release Notes Comprehensive release notes for Fortinet FortiOS 7.2.11, detailing new features, changes, resolved issues, known issues, and supported hardware models for network security.
	FortiOS 7.0.6 Release Notes - Fortinet Comprehensive release notes for Fortinet FortiOS 7.0.6, detailing new features, resolved issues, known issues, and upgrade procedures for FortiGate network security devices.
	Fortinet NGFW/Perimeter Firewalls Ordering Guide This ordering guide details Fortinet's Next-Generation Firewalls (NGFW) and Perimeter Firewalls, highlighting their advanced AI/ML capabilities, FortiGuard services, and the integrated Fortinet Security Fabric for comprehensive enterprise threat protection and policy control.