Fortinet black logo

Special Notices

Special Notices

This section highlights some of the operational changes that administrators should be aware of in FortiAnalyzer version 6.0.4.

FortiManager features disabled when FortiAnalyzer HA enabled

If you have FortiManager features enabled on FortiAnalyzer units, and then enable HA for the FortiAnalyzer units, FortiManager features are automatically disabled. FortiManager features are not supported when FortiAnalyzer HA is enabled.

Updated Widgets for Fortinet Security Fabric

After upgrading FortiAnalyzer from 5.6 to 6.0, the NOC Security Fabric widgets, Security Fabric Score Summary and Historical Security Fabric Scores, no longer show any data. These two widgets have been replaced by the following widgets: Security Fabric Rating Report and Security Fabric Scores in FortiAnalyzer 6.0. The two new widgets only support FortiOS 6.0 devices.

Hyper-V FortiAnalyzer-VM running on an AMD CPU

A Hyper-V FAZ-VM running on a PC with an AMD CPU may experience a kernel panic. Fortinet recommends running VMs on an Intel-based PC.

SSLv3 on FortiAnalyzer-VM64-AWS

Due to known vulnerabilities in the SSLv3 protocol, FortiAnalyzer-VM64-AWS only enables TLSv1 by default. All other models enable both TLSv1 and SSLv3. If you wish to disable SSLv3 support, please run:

config system global

set ssl-protocol t1sv1

end

Pre-processing logic of ebtime

Logs with the following conditions met are considered usable for the calculation of estimated browsing time:

Traffic logs with logid of 13 or 2, when logid == 13, hostname must not be empty. The service field should be either HTTP, 80/TCP or 443/TCP.

If all above conditions are met, then devid, vdom, and user (srcip if user is empty) are combined as a key to identify a user. For time estimation, the current value of duration is calculated against history session start and end time, only un-overlapped part are used as the ebtime of the current log.

Special Notices

This section highlights some of the operational changes that administrators should be aware of in FortiAnalyzer version 6.0.4.

FortiManager features disabled when FortiAnalyzer HA enabled

If you have FortiManager features enabled on FortiAnalyzer units, and then enable HA for the FortiAnalyzer units, FortiManager features are automatically disabled. FortiManager features are not supported when FortiAnalyzer HA is enabled.

Updated Widgets for Fortinet Security Fabric

After upgrading FortiAnalyzer from 5.6 to 6.0, the NOC Security Fabric widgets, Security Fabric Score Summary and Historical Security Fabric Scores, no longer show any data. These two widgets have been replaced by the following widgets: Security Fabric Rating Report and Security Fabric Scores in FortiAnalyzer 6.0. The two new widgets only support FortiOS 6.0 devices.

Hyper-V FortiAnalyzer-VM running on an AMD CPU

A Hyper-V FAZ-VM running on a PC with an AMD CPU may experience a kernel panic. Fortinet recommends running VMs on an Intel-based PC.

SSLv3 on FortiAnalyzer-VM64-AWS

Due to known vulnerabilities in the SSLv3 protocol, FortiAnalyzer-VM64-AWS only enables TLSv1 by default. All other models enable both TLSv1 and SSLv3. If you wish to disable SSLv3 support, please run:

config system global

set ssl-protocol t1sv1

end

Pre-processing logic of ebtime

Logs with the following conditions met are considered usable for the calculation of estimated browsing time:

Traffic logs with logid of 13 or 2, when logid == 13, hostname must not be empty. The service field should be either HTTP, 80/TCP or 443/TCP.

If all above conditions are met, then devid, vdom, and user (srcip if user is empty) are combined as a key to identify a user. For time estimation, the current value of duration is calculated against history session start and end time, only un-overlapped part are used as the ebtime of the current log.