Fortinet Document Library

Version:

Version:

Version:


Table of Contents

Download PDF
Copy Link

What’s new in FortiAI 1.5.0

The following is a list of new features and enhancements in 1.5.0. For details, see the FortiAI Administration Guide in the Fortinet Document Library.

FortiGate Security Fabric pairing

FortiAI 1.5.0 allows integration with FortiGate Security Fabric with FortiOS 7.0. The benefits include:

  • FortiAI will appear in the physical and logical topology in the FortiGate Security Fabric.
  • If FortiAI detects any malware on the network, it can use the Security Fabric protocol to send information about the malware to the FortiGates on the network. This is useful for FortiAI Virtual Security Analyst (VSA) to notify users about the type of malware on network, such as ransomware, banking trojan, and so on.
  • Starting with FortiOS 7.0, you can add a FortiAI system information and malware widget in the FortiOS Dashboard.

  • In FortiAI, there is a Security Fabric Connector for you to connect to the root FortiGate in the Security Fabric.

Align file type support with different operating modes

Previously, different file types are supported in different operation modes, such as sniffer, ICAP, and integrated mode, along with manual and REST API upload.

This version supports the following file types for all modes, and for manual and REST API upload.

HTML, PDF, JS, VBS, VBA, ELF, HWP (Hancom), PE, MSOFFICE, DEX, PHP, XML, POWERSHELL, ZIP, TAR, XZ, GZIP, BZIP, BZIP2, RAR, LZH, LZW, ARJ, CAB, 7Z

This version supports the following protocols.

Operating mode

Supported protocols

Sniffer mode

HTTP, SMBv2, IMAP, POP3, SMTP, FTP

Integrated mode (with FortiGate)

HTTP, HTTPS (with SSL decryption), SMTP, POP3, IMAP, MAPI, FTP, CIFS

ICAP

HTTP, HTTPS

Event log support

This version creates event logs such as CPU and memory usage, admin log in and out, and so on. The event log is in Log & Report > Events.

SYSLOG support

This version supports up to two SYSLOG servers to support logging attack chain, virus, and event logs. You can set up SYSLOG servers in the GUI or CLI.

Additional file type support: PHP, XML, PowerShell

This version supports malware detection of PHP, XML, and PowerShell files.

VM certificates – change of common name

This version uses the serial number as the common name for FortiGuard and Security Fabric communication.

What’s new in FortiAI 1.5.0

The following is a list of new features and enhancements in 1.5.0. For details, see the FortiAI Administration Guide in the Fortinet Document Library.

FortiGate Security Fabric pairing

FortiAI 1.5.0 allows integration with FortiGate Security Fabric with FortiOS 7.0. The benefits include:

  • FortiAI will appear in the physical and logical topology in the FortiGate Security Fabric.
  • If FortiAI detects any malware on the network, it can use the Security Fabric protocol to send information about the malware to the FortiGates on the network. This is useful for FortiAI Virtual Security Analyst (VSA) to notify users about the type of malware on network, such as ransomware, banking trojan, and so on.
  • Starting with FortiOS 7.0, you can add a FortiAI system information and malware widget in the FortiOS Dashboard.

  • In FortiAI, there is a Security Fabric Connector for you to connect to the root FortiGate in the Security Fabric.

Align file type support with different operating modes

Previously, different file types are supported in different operation modes, such as sniffer, ICAP, and integrated mode, along with manual and REST API upload.

This version supports the following file types for all modes, and for manual and REST API upload.

HTML, PDF, JS, VBS, VBA, ELF, HWP (Hancom), PE, MSOFFICE, DEX, PHP, XML, POWERSHELL, ZIP, TAR, XZ, GZIP, BZIP, BZIP2, RAR, LZH, LZW, ARJ, CAB, 7Z

This version supports the following protocols.

Operating mode

Supported protocols

Sniffer mode

HTTP, SMBv2, IMAP, POP3, SMTP, FTP

Integrated mode (with FortiGate)

HTTP, HTTPS (with SSL decryption), SMTP, POP3, IMAP, MAPI, FTP, CIFS

ICAP

HTTP, HTTPS

Event log support

This version creates event logs such as CPU and memory usage, admin log in and out, and so on. The event log is in Log & Report > Events.

SYSLOG support

This version supports up to two SYSLOG servers to support logging attack chain, virus, and event logs. You can set up SYSLOG servers in the GUI or CLI.

Additional file type support: PHP, XML, PowerShell

This version supports malware detection of PHP, XML, and PowerShell files.

VM certificates – change of common name

This version uses the serial number as the common name for FortiGuard and Security Fabric communication.