FortiClient EMS 6.0.0
Kilka dni po aktualizacji FortiClienta producent serwuje nam dużą dawkę nowości wypuszczając nową wersję EMS’a, oznaczoną numerem 6.0.0.
Zmiany jakie wprowadzono to między innymi obsługa wszystkich platform FortiClienta z poziomu jednej konsoli włączając w to Chromebooki, bez konieczności instalacji dodatkowego EMS’a specjalnie dla tej grupy klientów.
Następną nowinką jest możliwość ustawienia reguł i zasad według których umożliwimy FortiClient EMS stworzenie dynamicznych grup i przydzielenie do nich klientów końcowych. Rzeczą o której warto wspomnieć to system centralnego zarządzania kwarantanną, podgląd działań podjętych przez FortiClienta, uzyskaliśmy możliwość cofnięcia kwarantanny i dodania go do whitelisty u klienta końcowego, w razie nieprawidłowego przeniesienia pliku do kwarantanny. Ostatnią rzeczą o której warto wspomnieć jest zarządzanie oprogramowaniem w którym administratorzy mogą śledzić to, jakiego oprogramowania używają klienci końcowi.
Rozwiązane problemy:
Dashboard
Bug ID Description
468209 Endpoint Alerts always all endpoints as unprotected.
474326 Enable sorting on some Dashboard widgets.
Endpoints (AD domains, workgroups)
Bug ID Description
448485 Change onnet/offnet status discovery for dual registration case.
454001 Installer persists after changing from a deployment to a non-deployment profile.
458135 Display FortiClient serial number.
458715 Last policy retrieval does not update.
462510 Need to have an option to clear events from EMS.
464921 IP gateway list is not assigned when endpoint dropped into the OU with it.
469202 Vulnerability scan summary not consistent with endpoint information on EMS 1.2.3.
469665 Search results are incorrect when ! is used in the OS filter for exclusion.
469729 Endpoints inherit installer settings from parent-OU when no deployment is configured on child OU.
470974 Scheduled AV scan shown in the EMS console as active, while in fact it’s disabled.
471270 Filter is not applied when scrolling down to load more when filtering only by version.
471387 Some nested OU/groups are hidden until a new group is added to the parent OU.
479958 Domain cannot be deleted from EMS. EMS doesn’t pull complete list of endpoints from DC.
480203 Endpoints go offnet despite onnet subnets explicitly specified.
480764 EMS 1.2.5 does not calculate onnet status correctly.
485718 No scroll option in menu Move to.
486278 LDAP query returned an error (code Success).
490179 An OU will load the entire domain users list when scrolling to the bottom of the list.
Endpoint profiles
Bug ID Description
438215 FortiClient EMS slow to load profile.
440139 After upgrading the EMS from 1.0.5 to 1.2.1 VPN settings are lost or don’t work as intended.
445380 Add option to show block message from FortiClient Bubble popup for HTTPS site.
460245 Split Block Malicious Websites into subcategories.
460889 FortiClient fail to get auto-updated to the latest version (improve show/hide of auto patch and deployment tab).
462503 Add option for renew FortiClient UID to EMS GUI.
462661 Fix Update part of System Settings in EMS profile.
463983 Make the sub-option visible.
468477 Allow customer to enable or disable auto update for existing installers.
468934 DPD related tags do not update.
469484 Use Windows Credentials should only be available if Show VPN before Logon is enabled.
469768 Reboot settings are missing for uninstaller.
470198 EMS GUI support proxy configurations for vulnerability scan.
471801 Add column to table for auto update status.
472666 „Prompt for Username” switch should be enabled by default.
473065 Profile fails to come into effect when exclusion list contains '\’.
473796 Error when editing default profile.
478092 Enabling „Auto Update” for installer will not update installer to the latest version already existing on EMS/
479483 Unable to save the profile when adding more than fourteen MAC addresses to 'Gateway MAC Addresses’.
485267 Support new web filtering categories (9X) in FortiClient and EMS.
Gateway IP lists
Bug ID Description
459052 Deployed FortiClient does not register to EMS.
469931 Gateway list can still be deleted when used by an installer
FortiClient deployment
Bug ID Description
415585 Redeployment from EMS will reboot servers as no users logged in.
466445 Digitally signing the software package created by EMS does not work.
467530 Initial configuration for Mac deployment created by EMS has error in notification server field.
Notifications and email
Bug ID Description
468475 Email alerts stopped working.
469959 Issues with setting test recipient.
471393 Email validation doesn’t allow capital letter before @.
Other
Bug ID Description
447016 Unable to add Domain User To Administration Tab of User Management in EMS 1.2.1.
461132 Cannot find the user 'NT AUTHORITY\SYSTEM'”.
465629 Database backup is very small.
468898 Disabled TLS 1.0 Support to be compliant with PCI-DSS 3.2.
472340 EMS database table 'group_container_ancestor’ does not purge old entries.
481372 Installation failed due to a big db size.
489311 Error Update Service Invalid object name 'information_schema.tables’.
453392 Rerun transaction on deadlock.
469755 Restore of large EMS backup shows file missing.
470013 Correct wording to Managed by EMS.
Znane problemy do rozwiązania:
Dashboard
Bug ID Description
489175 Allow sorting on Dashboard > FortiClient Status > Endpoint Telemetry & Fabric.
490203 Dashboard > FortiClient Status > Endpoint Compliance should only consider online endpoints.
Endpoints (AD domains, workgroups)
Bug ID Description
466871 Duplicate device in EMS if a host name has more than 15 chars.
468033 Automatic cleanup of Other Endpoints.
477791 EMS crashes after assigning a profile to a big domain/OU.
482727 EMS allows quarantine request from FortiGate to be undone before it reaches the client.
486783 Right-clicking a group’s menu should not have AV and Vulnerability Scan options when AV and Vulnerability Scan are disabled in the assigned profile.
487266 No scan status in endpoint summary page when AV scan is running or canceled.
492374 Imported CN or OU is disabled for management.
Endpoint profiles
Bug ID Description
480822 FortiClient unable to update definitions from FortiManager when sending vulnerability statistics.
487488 Provide a message when profile cannot be opened due to a missed signatures.
488624 Add IPsec VPN support for Allow non-administrators to use machine certificates.
490138 Quick scan misleading about supported features.
491597 Not Authorized icon tip should only show if Sandbox needs to be authorized to use.
491831 Add All files executed from mapped network drives to Sandbox submission options.
492161 New Web Filter option: allow websites when rating error occurs
FortiClient deployment
Bug ID Description
477067 Create FortiClient for Linux in the EMS
Notifications and email
Bug ID Description
489370 Email alerts are incomplete for malicious website events
Gateway IP list
Bug ID Description
490825 Link gateway IP list on software creation.
Other
Bug ID Description
414539 EMS should get renewal licenses information from FDS.
474317 Setting option names in EMS GUI are not clear.
479470 No log for certificate deployment.
484891 When account is disabled, it should not be shown on the LDAP user list.
487219 EMS user admin setting missed control for some features.
487411 The record on FortiGate did not match the EMS FortiClient IP address.
487886 Applications in host detail table and application table in EMS inventory section were not consistent.
491008 Throw error when sorting quarantine files by status.
491635 First Detected in Software Inventory should be local time.
492216 Edit LDAP user permission is not working.
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie
