Fortinet opublikował nową aktualizację dla FortiClient EMS o oznaczeniu wersji 7.2.3. Update głównie skupia się na poprawkach i naprawie występujących dotychczas błędów związanych z zarządzaniem endpointami, regułami przydzielania do grup, synchronizacją z domeną Active Directory, możliwością zapisu polityk, problemów z licencjonowaniem. Więcej szczegółowych informacji dotyczących zmian w nowej aktualizacji produktu FortiClient EMS można znaleźć w artykule poniżej.
Rozwiązane problemy:
Dashboard
| Bug ID | Description |
|---|---|
| 946209 | Secured Endpoints Scan Status list is empty. |
| 963497 | Inaccurate number shows in Pending Software Updates. |
| 965386 | EMS duplicates license count for Verified Users. |
Endpoint management
| Bug ID | Description |
|---|---|
| 932447 | User cannot move endpoint to a different group. |
| 956486 | Group assignment rules do not work. |
| 957961 | Syncing is stuck at 1% with error: Sync Failed: Connector is offline – due to redis connection limit reached. |
| 959948 | Domain sync shows error: Failed to Re-propagate domain policies. |
| 960689 | Domain sync fails with error: Scan error on column index 1, name „device_guid”: converting NULL to string is unsupported. |
| 962024 | Domain sync with multiple domains with the same name fails. |
| 962187 | EMS should allow group assignment rule to run more frequently on schedule. |
Endpoint policy and profile
| Bug ID | Description |
|---|---|
| 922003 | Server error shows when saving changes to endpoint policy. |
| 960944 | Fully importing profiles via XML causes some profiles to not be able to be enabled and hidden. |
| 965731 | Changing endpoint policy priorities causes the groups of the policies to switch in FortiClient Cloud. |
| 969906 | EMS does not apply policies to endpoints based on priority. |
Fortinet Security Fabric devices
| Bug ID | Description |
|---|---|
| 963756 | EMS is not backwards compatible with FortiManager connectors. |
License
| Bug ID | Description |
|---|---|
| 868174 | EMS shows features for license that is not applied yet. |
Malware Protection and Sandbox
| Bug ID | Description |
|---|---|
| 849802 | Endpoint summary shows Antiransomware events but there are no events found in EMS. |
Multitenancy
| Bug ID | Description |
|---|---|
| 838272 | EMS multitenancy has site number limitation. |
Onboarding
| Bug ID | Description |
|---|---|
| 953051 | SAML authentication with Microsoft Entra ID (formerly known as Azure Active Directory) fails. |
Software Inventory
| Bug ID | Description |
|---|---|
| 928780 | Software Inventory shows old software versions still installed on machine. |
| 931421 | Database has a lot of duplicated software rows. |
| 968411 | EMS does not display Software Inventory. |
Deployment and installers
| Bug ID | Description |
|---|---|
| 883481 | EMS has problem creating installer package from Invitations. |
| 917921 | EMS cannot create FortiClient deployment package. |
| 931648 | Privilege Access Management is not disabled in the MSI or MST when it is disabled in the installer package. |
Zero Trust tagging
Endpoint control
Upgrade
| Bug ID | Description |
|---|---|
| 952677 | Upgrading high availability (HA) deployment from 7.0.7 to 7.0.9 takes more than five hours to complete. |
| 977534 | EMS is missing ZTNA destinations after upgrade from 7.0.8. |
Deployment and installers
| Bug ID | Description |
|---|---|
| 933644 | Installer created on EMS has wrong URL/disk path when HA is configured. |
GUI
| Bug ID | Description |
|---|---|
| 953989 | Endpoint policy sync bar does not update correctly. |
| 959083 | On Fabric Detection Rules is not visible on the GUI if the number of rules is more than 50. |
| 962069 | User cannot save GroupTag filter cannot in bookmarks. |
System Settings
| Bug ID | Description |
|---|---|
| 949058 | FortiClient Cloud cannot delete certificate for software package signature. |
| 949569 | EMS throws an error when uploading software signing certificate. |
Other
| Bug ID | Description |
|---|---|
| 931170 | EMS does not send firmware version to FortiAnalyzer. |
| 939987 | EMS shows excessive license expiration notifications. |
| 952016 | EMS sends forensics analysis status email twice. |
Znane problemy:
Dashboard
| Bug ID | Description |
|---|---|
| 902136 | Endpoint count is mismatched on EMS dashboard and endpoints details. |
| 918258 | FortiClient Cloud security risk counter widget number and endpoints list do not match. |
| 974187 | Number of endpoints under Out of Sync in EMS dashboard differs from number of out of sync endpoints under Endpoints pane. |
Endpoint management
| Bug ID | Description |
|---|---|
| 831108 | User cannot download PDF report of FortiClient Cloud Sandbox (PaaS) events on EMS. |
| 891064 | Google domain enumeration fails when there are over 200 000 users. |
| 934669 | Active Directory connector does not work: TLS 1.3 does not support tls-unique channel binding. |
Endpoint policy and profile
| Bug ID | Description |
|---|---|
| 868534 | Web Filter profile synced from FortiGate keeps disabled status links in the exception list. |
| 901233 | Websites that user imports under FortiManager-Web Rating Override category are listed as Simple via EMS. |
| 970027 | Application Firewall signature uses incorrect logo. |
| 976029 | EMS sends REVOKE when profile changes. |
License
| Bug ID | Description |
|---|---|
| 974538 | KAworker Panic RECEIVED: runtime error: slice bounds out of range [:-1]. |
Logs
| Bug ID | Description |
|---|---|
| 932785 | EMS log file sizes are large. |
| 956383 | FortiClient EMS does not rotate log files based on log settings from GUI. |
Fabric devices
| Bug ID | Description |
|---|---|
| 856868 | EMS cannot handle large amount of FortiGates connected. |
| 873831 | EMS does not send notification API to FortiGate to trigger it to retrieve new tags when EMS changes shared tag type. |
Zero Trust tagging
| Bug ID | Description |
|---|---|
| 947483 | Disabling AD zero trust network access (ZTNA) tag does not remove it from endpoint. |
Deployment and installers
| Bug ID | Description |
|---|---|
| 847870 | FortiClient Cloud does not include packaged installer when sending email invitation. |
| 964505 | Assignable installer GUI bugs lead to inconsistent database. |
| 967482 | FortiClient Cloud does not upgrade FortiClient 7.0.7 to 7.2.2 when installer name has space. |
| 968790 | GUI does not show any progress data on the progress indicator when deployment pushes out FortiClient. |
System Settings
| Bug ID | Description |
|---|---|
| 965257 | EMS email alerts do not work with Failed to send email alerts. Please check the SMTP server configuration error. |
Administration
| Bug ID | Description |
|---|---|
| 828490 | Permission Denied: Your permissions might have been updated error message displays for all admin roles. |
ZTNA connection rules
| Bug ID | Description |
|---|---|
| 967718 | EMS should improve mechanism to compare certificate expiry times in get cert status to tolerate different timezones.Note: When using the Workspace One mobile device management integration to deploy ZTNA certificates to iOS devices, even though the ZTNA certificate is successfully installed on the device, the installation status in the EMS endpoint summary page may remain in the PENDING state. The issue does not affect users using the ZTNA certificate to access a ZTNA HTTPS proxy. However, it can lead to increased resource usage on EMS when redeploying new ZTNA certificates. |
Configuration
| Bug ID | Description |
|---|---|
| 939358 | EMS uses the same port for FortiOS and Chromebook connectivity. |
Onboarding
| Bug ID | Description |
|---|---|
| 956918 | User verification with SAML and Azure authentication results in loop. |
Other
| Bug ID | Description |
|---|---|
| 872871 | CSV export file is missing fields. |
| 877303 | EMS sends duplicate email alerts for AD connector being offline. |
| 887172 | EMS fails to get update from FortiManager. |
Notatki producenta: FortiClient EMS 7.2.3
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie
