Nowe wydanie FortiAnalyzer 7.2.3 zostało już opublikowane, a w nim ważne poprawki takie jak naprawione GUI dla przeglądarek Google Chrome i Microsoft Edge, działająca sekcja Incidents oraz rozwiązane problemy z wydajnością przy odbiorze zduplikowanych dzienników przez FortiAnalyzer. To i wiele więcej można przeczytać w naszym artykule poniżej.
Aktualnie wspierane modele:
| FortiAnalyzer | FAZ-150G, FAZ-300F, FAZ-300G, FAZ-400E, FAZ-800F, FAZ-800G, FAZ-1000F, FAZ-2000E,
FAZ-3000F, FAZ-3000G, FAZ-3500E, FAZ-3500F, FAZ-3500G, FAZ-3700F, and FAZ-3700G. |
| FortiAnalyzer VM | FAZ_DOCKER, FAZ_VM64, FAZ_VM64_ALI, FAZ_VM64_AWS, FAZ_VM64_AWSOnDemand, FAZ_VM64_Azure, FAZ_VM64_GCP, FAZ_VM64_IBM, FAZ_VM64_HV (including Hyper-V 2016, 2019), FAZ_VM64_KVM, FAZ_VM64_OPC, FAZ_VM64_XEN (for both Citrix and Open Source Xen), |
Rozwiązane problemy:
Device Manager
| Bug ID | Description |
|---|---|
| 728715 | FortiAnalyzer displays red logging status for VDOMs with low traffic rate. |
| 874375 | Numerous undesired VDOMs are displayed in Device Manager configuration, even after removing stills are visible. |
FortiSOC
| Bug ID | Description |
|---|---|
| 855996 | Incidents section does not display any information. |
FortiView
| Bug ID | Description |
|---|---|
| 810109 | The FortiAnalyzer sometimes fails to send the detected IOC logs to the FortiGate, resulting in the inability to trigger the compromised host automation scripts. |
| 888215 | Session graphic does not display values for pass traffic when the traffic is allowed. |
Log View
| Bug ID | Description |
|---|---|
| 704206 | When filtering with „Action” and „Source IP” under Traffic menu, the filter output may be incorrect with the combination of smart action with any other field. |
| 763852 | If a user uses „Filter Mode” and types „=”, FortiAnalyzerreturns equal character, „=”, twice. |
| 785559 | Filtering messages using the smart action field might not display the proper results. |
Others
| Bug ID | Description |
|---|---|
| 838182 | Logs are not being inserted into the secondary FortiAnalyzer. |
| 875222 | Duplicated logs received by FortiAnalyzer are handled in a way that decreases the FortiAnalyzer performance significantly. |
| 880438 | Log aggregation does not work properly with the following error message: „Aggregate log file failed”. |
| 919088 | GUI may not work properly in Google Chrome and Microsoft Edge version 114. |
Reports
| Bug ID | Description |
|---|---|
| 837826 | The event logs does not create any event logs whenever reports are being generated via „run report”. |
System Settings
| Bug ID | Description |
|---|---|
| 863118 | When Log Forwarding is enabled, „Device Filters” does not forward logs to a Syslog server. |
| 882195 | If HA attribute „hb-interface” is empty, upgrading directly from 7.0.5 may unset the HA configuration. |
| 903959 | Blank pages have been observed when switching tabs in System Settings. |
Znane problemy:
Device Manager
| Bug ID | Description |
|---|---|
| 830376 | FortiAnalyzer does not display the right firmware running on its managed devices. |
| 861979 | FortiAnalyzer generates „Invalid user/password for Security Fabric device in Device manager” even though the password is correct. |
| 882093 | Unexpected FortiNAC ADOM is added to FortiAnalyzer after the upgrade. |
Event Management
| Bug ID | Description |
|---|---|
| 890371 | The generic connector is keeps sending the failed to sent alert notification for the matched event handler endlessly. |
FortiView
| Bug ID | Description |
|---|---|
| 709285 | Threat Map under the FortiView is blank. |
Log View
| Bug ID | Description |
|---|---|
| 800675 | Read-Only profile for Log View, cannot search logs because filters are not working for ’empty’ value search in drill-down page. |
| 898489 | The logs from FortiGate devices are not visible in FortiAnalyzer when selecting a 1-hour time range. |
Others
| Bug ID | Description |
|---|---|
| 886876 | If there ia any existing LDAP server configuration in v7.0.5, configuration between the primary and secondary units might not get synchronized after upgrading.
Workaround: Delete the LDAP config from primary FortiAnalyzer, then wait for the HA to become fully synced, and then re-create the LDAP config on primary unit. |
Reports
| Bug ID | Description |
|---|---|
| 878067 | Legend field on table chart cannot be edited/saved. |
System Settings
| Bug ID | Description |
|---|---|
| 888374 | Admin user’s ADOM setting can not be synced to secondary when adom-access is set to specify. |
Notatki producenta: FortiAnalyzer 7.2.3
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie
