Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    Home FortiAppSec Cloud User Guide

    What's New

    What's New

    25.1.a released March 27, 2025

    Bug Fixes

    This release fixes several bugs for improved stability and experience.

    25.1 released February 27, 2025

    WAF

    Enhanced Known Attacks

    Known Attacks has been enhanced with Extended Mode. This adds additional signatures to every Sensitivity Level but should be used with caution as it may result in higher false positive rates. For more information, please see Known Attacks.

    Bot Mitigation Exception Policies

    Exceptions (whitelisting) are now supported for Bot mitigation policies. Build granular exceptions based on elements such as client IPs, hostnames and URLs. For more information, please see Exception Policy.

    Cloud Deployment Granularity

    Application onboarding now allows choosing the Cloud platform and region during WAF onboarding. For more information, please refer to Onboarding WAF applications.

    View Server Health Check Status on Applications Page

    You can now view the status of all origin servers for an application under the Health Check column on the WAF > Applications page. For more information, please refer to WAF Applications.

    Log Format for Attack Logs

    Attack Logs now support the Template Name and Destination IP field when Log Format is set to Custom. For more information on Attack Log Server options, please refer to Log Settings.

    Splunk URL change

    The FortiAppSec Cloud Splunk Add-On has been updated with new URLs. For more information, please refer to Using WAF with Splunk.

    Region IP Update

    Additional scrubbing centers have deployed in the following regions. Please make sure to allow access to your application from the IP addresses listed below.

    • AWS ap-southeast-3: Asia Pacific (Jakarta)

      • 16.78.99.255

        2406:da19:4a2:1f01:4bfd:3d35:eeea:9960

      • 16.78.217.33

        2406:da19:4a2:1f02:f4ff:d71d:bc20:34fe

      • 16.78.170.51

        2406:da19:4a2:1f01:a2d8:6f29:242:b8d3

      • 43.218.33.190

        2406:da19:4a2:1f02:621a:ed16:4cea:df5d

      • 16.78.206.248

        2406:da19:4a2:1f01:4e37:3198:afa2:103f

      • 108.137.179.56

        2406:da19:4a2:1f02:e03c:7d81:aa91:7c29

    • Azure South Africa North (Johannesburg)

      • 4.221.199.162

      • 4.221.192.56

      • 4.221.113.144

      • 4.222.21.210

      • 4.222.18.196

      • 4.222.21.170

      • 10.40.1.10

      • 4.221.143.107

    Advanced Bot Protection

    Web Portal Improvements

    Several pages under Advanced Bot Protection > [Application name] > Traffic Insights have been enhanced with additional graphs and navigation elements. For more information on the updated pages, please see Dashboard, Transactions , Bot Monitor, and Exploration.

    Attack Query Enhancement

    The web portal now includes a page with historical charts and statistics for Attack Query insights. For more information, please refer to Attack Query.

    GSLB

    Support DNS CAA Record in GSLB

    GSLB now supports Certificate Authority Authorization (CAA) records, enabling administrators to specify authorized CAs for their domains. This ensures secure and compliant certificate issuance while maintaining GSLB’s high availability and performance. For more information, please refer to DNS service.

    24.4.p1 released on January 9, 2024

    Bug Fixes

    This release fixes several bugs for improved stability and experience.

    Previous
    Next

    What's New

    What's New

    25.1.a released March 27, 2025

    Bug Fixes

    This release fixes several bugs for improved stability and experience.

    25.1 released February 27, 2025

    WAF

    Enhanced Known Attacks

    Known Attacks has been enhanced with Extended Mode. This adds additional signatures to every Sensitivity Level but should be used with caution as it may result in higher false positive rates. For more information, please see Known Attacks.

    Bot Mitigation Exception Policies

    Exceptions (whitelisting) are now supported for Bot mitigation policies. Build granular exceptions based on elements such as client IPs, hostnames and URLs. For more information, please see Exception Policy.

    Cloud Deployment Granularity

    Application onboarding now allows choosing the Cloud platform and region during WAF onboarding. For more information, please refer to Onboarding WAF applications.

    View Server Health Check Status on Applications Page

    You can now view the status of all origin servers for an application under the Health Check column on the WAF > Applications page. For more information, please refer to WAF Applications.

    Log Format for Attack Logs

    Attack Logs now support the Template Name and Destination IP field when Log Format is set to Custom. For more information on Attack Log Server options, please refer to Log Settings.

    Splunk URL change

    The FortiAppSec Cloud Splunk Add-On has been updated with new URLs. For more information, please refer to Using WAF with Splunk.

    Region IP Update

    Additional scrubbing centers have deployed in the following regions. Please make sure to allow access to your application from the IP addresses listed below.

    • AWS ap-southeast-3: Asia Pacific (Jakarta)

      • 16.78.99.255

        2406:da19:4a2:1f01:4bfd:3d35:eeea:9960

      • 16.78.217.33

        2406:da19:4a2:1f02:f4ff:d71d:bc20:34fe

      • 16.78.170.51

        2406:da19:4a2:1f01:a2d8:6f29:242:b8d3

      • 43.218.33.190

        2406:da19:4a2:1f02:621a:ed16:4cea:df5d

      • 16.78.206.248

        2406:da19:4a2:1f01:4e37:3198:afa2:103f

      • 108.137.179.56

        2406:da19:4a2:1f02:e03c:7d81:aa91:7c29

    • Azure South Africa North (Johannesburg)

      • 4.221.199.162

      • 4.221.192.56

      • 4.221.113.144

      • 4.222.21.210

      • 4.222.18.196

      • 4.222.21.170

      • 10.40.1.10

      • 4.221.143.107

    Advanced Bot Protection

    Web Portal Improvements

    Several pages under Advanced Bot Protection > [Application name] > Traffic Insights have been enhanced with additional graphs and navigation elements. For more information on the updated pages, please see Dashboard, Transactions , Bot Monitor, and Exploration.

    Attack Query Enhancement

    The web portal now includes a page with historical charts and statistics for Attack Query insights. For more information, please refer to Attack Query.

    GSLB

    Support DNS CAA Record in GSLB

    GSLB now supports Certificate Authority Authorization (CAA) records, enabling administrators to specify authorized CAs for their domains. This ensures secure and compliant certificate issuance while maintaining GSLB’s high availability and performance. For more information, please refer to DNS service.

    24.4.p1 released on January 9, 2024

    Bug Fixes

    This release fixes several bugs for improved stability and experience.

    Previous
    Next