Fortinet publikuje nową wersję oprogramowania dla FortiAnalyzer, w wersji 6.0.3 dodano kilka nowych Event Handlerów, służących do wykrywania złośliwych plików, aplikacji o wysokim ryzyku, czy wykrywanie złośliwego miejsca docelowego lub wykrywanie podejrzanych plików. Poza tym producent załatał wiele dziur i błędów w działaniu aplikacji o czym możemy przeczytać w release notes udostępnionych przez Fortinet. Zachęcamy do lektury jak i do aktualizacji urządzeń!
Rozwiązane problemy:
Bug ID Description
508209 In Historical FortiView from FAZ, some drill-down tabs take a long time to load due to slow response from FAZ.
511604 Accessing the Learning Report from the FortiGate GUI returns multiple errors and uses high CPU and memory on FortiAnalyzer.
504967 OFTPD unresponsive and constantly crashes with error: signal 11 seg fault – unable to receive logs.
501181 Log forward to syslog stops with original_ip settings (with long log length 1700+).
507674 'fmgd’ crashes multiple times with signal 11 error.
506431 IOC reports created from predefined datasets shows incorrect data.
496713 If using IE or Edge, nothing is displayed on GUI just after logging in thru IPv6.
506196 Non-FortiGate ADOM (except FortiCarrier ADOM) doesn’t save 'any’ logic filter for custom created event handler.
505186 Fortiview > top cloud applications sentbyte/rcvdbyte is always 0 for videos played.
516205 LogFWD filter does not work properly when dealing with message with multiple logs.
499056 In Log View, select text doesn’t work on Chrome browser.
506992 FortiView shows the country flag icon even when dstcountry is set to Reserved for IPv6 address.
509328 Top SSID NOC widget has sent and received legends reversed.
507295 syncsched uses high CPU on FAZ-HA Master.
505251 Event handler does not detect a character at position 256 into the message field.
509107 Log view returns 403 forbidden error for remote admin users referencing RADIUS server with spaces in the names.
508102 Log forwarding from FAZ no longer includes timezone offset, causing issues for SIEM and other products.
477935 FAZ HA status to display all members’ IP from the same interface type.
Znane problemy do rozwiązania:
Bug ID Description
517724 Dashboard widget „System Resources” shows wrong output for time period.
517559 Scheduled reports do not run. Report Calendar shows report status as pending.
500413 Mail server test fails from GUI if the name has a space.
421340 Many messages in event log: Device login failed for restapi request due to empty user name.
468450 LDAP query unable to retrieve userPrincipalName for users.
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie
