Fortinet black logo

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Known issues

The following issues have been identified in version 7.0.7. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

Multitenancy

Bug ID

Description

745854 Super administrators convert to site administrators after enabling multitenancy.

777642

Global site does not list FortiCloud license- and account-related logs.

816600 Non-default site database does not update EMS serial number after new license upload.

820803

License distribution modal shows incorrect information.

Dashboard

Bug ID

Description

781654 EMS does not remove dashboard outbreak alerts when endpoint disconnects.

817485

Drilldown on macOS vulnerability includes unrelated vulnerabilities.

Endpoint management

Bug ID

Description

691790

EMS should not allow downloading requested diagnostic result for FortiClient (Linux).

760816 Group assignment rules based on IP addresses do not work when using split tunnel.
770364 EMS does not disable third party features for non-Windows endpoints.

785186

EMS does not remove user from policy after deleting the domain.

786738

Anti-Ransomware Events tab is visible after disabling the feature in Feature Select.

792447

EMS fails to show zero trust network access (ZTNA) feature in endpoint details enabled/disabled features section.

792652

EMS cannot delete domain.

803887

GUI does not show assigned installer for fresh domain machine during deployment.

808266 Dashboard widget has incorrect results for endpoints with Windows operating systems.
819196 The multipart identifiers cs.software_id and cs.is_missing cannot be bound.

831359

Forensics Analysis Download Report option opens the report instead of downloading it.

834228

EMS reports endpoint vulnerability when Vulnerability Scan is not installed on the endpoint.

Endpoint policy and profile

Bug ID

Description

466124 User cannot change <nat_alive_freq> value.

766445

EMS enables or disables profile feature for all policies that use the defined profile.

826013

Setting Vulnerability Scan patch status to Not does not work.

826940 EMS does not save <temp_whitelist_timeout> in an endpoint profile.

833819

Backing up configuration files on FortiClient Cloud results in import errors.

License

Bug ID

Description

823690 EMS includes Removable Media Access feature when using ZTNA user-based license.

827875

Non-default site's License information page shows irrelevant license information.

828944

EMS does not show A new license has been detected... if synced with FortiCloud account.

Install and upgrade

Bug ID

Description

820546 EMS disables New EMS Version is available for deployment EMS alert after upgrade.
829631 Administrator cannot disable Delete Timeout option.

Zero Trust tagging

Bug ID

Description

712522

FortiGate does not receive some endpoint tags from EMS after upgrading.

765375 User in Active Directory Group Zero Trust Network Access rule does not identify domains.
810778 FortiClient tag information is not shared equally to connected FortiGate Fabric devices.

815736

EMS fails to apply NOT for On-Fabric Status rule while creating a new tag.

832328

EMS tags endpoint with threat ID rule after clearing firewall events.

Deployment and installers

Bug ID

Description

666289

EMS does not report correct deployment package state.

714496

FortiClient Cloud upgrade keeps installer on instance and causes disk to have no space.

773672 Disabling installer ID in FortiClient installer does not take effect.

764999

EMS does not list FortiClient versions in official installer list if FortiGuard distribution server (FDS) blocks EMS from downloading said versions.

783690

The system does not prompt for reboot after user login.

824936

EMS fails to deploy FortiClient when manually created FortiClient installer is updated.

System Settings

Bug ID

Description

753951

EMS does not recognize disabling Use FortiManager for client software/signature updates > Failover.

784554 EMS displays error while importing ACME certificate.

794841

Email alerts are not triggered when the number of available licenses is less than 10% of the total.

807340

EMS tries to connect to FortiGuard Anycast server on port 8000.

828490

Permission Denied : Your permissions might have been updated error message displays for all admin roles.

Chromebook

Bug ID

Description

777957 EMS assigns the wrong profile.

Administration

Bug ID

Description

678899

Persisting LDAP configuration in multitenancy global/default/non-default administration users.

Performance

Bug ID

Description

731097 Updating or disabling policy assigned to large number of AD endpoints takes long time to process.
759729 Possible slow httpd file handle leak.

HA

Bug ID

Description

809344 High availability (HA) does not start if starting without the database.
809396 EMS on HA backup generates a generic error.

Configuration

Bug ID

Description

745913 SMTP configuration fails authentication.

Endpoint control

Bug ID

Description

776626

FortiClient may fail to get Web Filter custom message when EMS runs in high availability mode.

813439

FortiClient registered with EMS IP address does not deregister from EMS when Enforce invitation-only registration for is set to ALL.

813531 EMS does not push profile to endpoints if they connect to EMS after enabling the feature under EMS System Settings.

822914

EMS does not have a mechanism to keep the client aware of the new license expiration date.

827200

EMS displays some devices as having no user.

833717

EMS shows endpoints as offline, while endpoints show their own statuses as online.

GUI

Bug ID

Description

717433

Patching a vulnerability for a specific endpoint patches it on others.

731074

Importing the same JSON file for zero trust tagging twice introduces duplicate tags.

767469 EMS marks many endpoints as not installed after upgrading.

774880

You can import the same Zero Trust tagging rules multiple times by clicking the Import button multiple times.

793313

Detailed deployment states list does not fit in window.

811774

EMS with Remote Access-only license shows unrelated feature options on GUI.

816151

Toggle for Use FortiManager for client software/signature updates appears disabled after enabling the feature.

819205

License widget shows Forensic license as NaN used of X when no license is in use.

Malware Protection and Sandbox

Bug ID

Description

793926 FortiShield blocks spoolsv.exe on Citrix virtual machine servers.

License

Bug ID

Description

823458 EMS with Endpoint Protection Platform (EPP)-only license and ZTNA feature enabled reports EPP license as consumed but fails to quarantine endpoint.

Remote access

Bug ID

Description

830899 FortiClient becomes unlicensed while connected to SSL VPN.

Avatar and social login information

Bug ID

Description

830117 EMS fails to update email address from personal information form in FortiClient.

Endpoint security

Bug ID

Description

783287 Let's Encrypt ACME certificate request fails due to port 80 on autotest system.

FortiGuard outbreak alert

Bug ID

Description

813928 EMS retrieves the EOAP signature from FDS but does not show it on the GUI.

Workaround: Restart fcems services to display all FortiGuard outbreak detection rules on the GUI.

819025 With multiple sites, EMS fails to display FortiGuard outbreak detection rules downloaded from FDS.

Onboarding

Bug ID

Description

819203 Authorized user group name should be full path.
820060 EMS displays same device list with the same login and registration LDAP user on verified user and unverified user tables.
822126 Delete SAML configuration message shows incorrect active users.

FortiClient Cloud API

Bug ID

Description

585763 User cannot log in to FortiClient Cloud if they are using the same browser for login to on-premise EMS.

Workaround: In FortiClient Cloud 7.0.6 and 7.0.7, you can clear the browser client cache or use a different browser.

832144

User cannot call APIs in FortiClient Cloud.

Workaround: In FortiClient Cloud 7.0.6 and 7.0.7, you can clear the browser client cache or use a different browser.

Known issues

The following issues have been identified in version 7.0.7. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

Multitenancy

Bug ID

Description

745854 Super administrators convert to site administrators after enabling multitenancy.

777642

Global site does not list FortiCloud license- and account-related logs.

816600 Non-default site database does not update EMS serial number after new license upload.

820803

License distribution modal shows incorrect information.

Dashboard

Bug ID

Description

781654 EMS does not remove dashboard outbreak alerts when endpoint disconnects.

817485

Drilldown on macOS vulnerability includes unrelated vulnerabilities.

Endpoint management

Bug ID

Description

691790

EMS should not allow downloading requested diagnostic result for FortiClient (Linux).

760816 Group assignment rules based on IP addresses do not work when using split tunnel.
770364 EMS does not disable third party features for non-Windows endpoints.

785186

EMS does not remove user from policy after deleting the domain.

786738

Anti-Ransomware Events tab is visible after disabling the feature in Feature Select.

792447

EMS fails to show zero trust network access (ZTNA) feature in endpoint details enabled/disabled features section.

792652

EMS cannot delete domain.

803887

GUI does not show assigned installer for fresh domain machine during deployment.

808266 Dashboard widget has incorrect results for endpoints with Windows operating systems.
819196 The multipart identifiers cs.software_id and cs.is_missing cannot be bound.

831359

Forensics Analysis Download Report option opens the report instead of downloading it.

834228

EMS reports endpoint vulnerability when Vulnerability Scan is not installed on the endpoint.

Endpoint policy and profile

Bug ID

Description

466124 User cannot change <nat_alive_freq> value.

766445

EMS enables or disables profile feature for all policies that use the defined profile.

826013

Setting Vulnerability Scan patch status to Not does not work.

826940 EMS does not save <temp_whitelist_timeout> in an endpoint profile.

833819

Backing up configuration files on FortiClient Cloud results in import errors.

License

Bug ID

Description

823690 EMS includes Removable Media Access feature when using ZTNA user-based license.

827875

Non-default site's License information page shows irrelevant license information.

828944

EMS does not show A new license has been detected... if synced with FortiCloud account.

Install and upgrade

Bug ID

Description

820546 EMS disables New EMS Version is available for deployment EMS alert after upgrade.
829631 Administrator cannot disable Delete Timeout option.

Zero Trust tagging

Bug ID

Description

712522

FortiGate does not receive some endpoint tags from EMS after upgrading.

765375 User in Active Directory Group Zero Trust Network Access rule does not identify domains.
810778 FortiClient tag information is not shared equally to connected FortiGate Fabric devices.

815736

EMS fails to apply NOT for On-Fabric Status rule while creating a new tag.

832328

EMS tags endpoint with threat ID rule after clearing firewall events.

Deployment and installers

Bug ID

Description

666289

EMS does not report correct deployment package state.

714496

FortiClient Cloud upgrade keeps installer on instance and causes disk to have no space.

773672 Disabling installer ID in FortiClient installer does not take effect.

764999

EMS does not list FortiClient versions in official installer list if FortiGuard distribution server (FDS) blocks EMS from downloading said versions.

783690

The system does not prompt for reboot after user login.

824936

EMS fails to deploy FortiClient when manually created FortiClient installer is updated.

System Settings

Bug ID

Description

753951

EMS does not recognize disabling Use FortiManager for client software/signature updates > Failover.

784554 EMS displays error while importing ACME certificate.

794841

Email alerts are not triggered when the number of available licenses is less than 10% of the total.

807340

EMS tries to connect to FortiGuard Anycast server on port 8000.

828490

Permission Denied : Your permissions might have been updated error message displays for all admin roles.

Chromebook

Bug ID

Description

777957 EMS assigns the wrong profile.

Administration

Bug ID

Description

678899

Persisting LDAP configuration in multitenancy global/default/non-default administration users.

Performance

Bug ID

Description

731097 Updating or disabling policy assigned to large number of AD endpoints takes long time to process.
759729 Possible slow httpd file handle leak.

HA

Bug ID

Description

809344 High availability (HA) does not start if starting without the database.
809396 EMS on HA backup generates a generic error.

Configuration

Bug ID

Description

745913 SMTP configuration fails authentication.

Endpoint control

Bug ID

Description

776626

FortiClient may fail to get Web Filter custom message when EMS runs in high availability mode.

813439

FortiClient registered with EMS IP address does not deregister from EMS when Enforce invitation-only registration for is set to ALL.

813531 EMS does not push profile to endpoints if they connect to EMS after enabling the feature under EMS System Settings.

822914

EMS does not have a mechanism to keep the client aware of the new license expiration date.

827200

EMS displays some devices as having no user.

833717

EMS shows endpoints as offline, while endpoints show their own statuses as online.

GUI

Bug ID

Description

717433

Patching a vulnerability for a specific endpoint patches it on others.

731074

Importing the same JSON file for zero trust tagging twice introduces duplicate tags.

767469 EMS marks many endpoints as not installed after upgrading.

774880

You can import the same Zero Trust tagging rules multiple times by clicking the Import button multiple times.

793313

Detailed deployment states list does not fit in window.

811774

EMS with Remote Access-only license shows unrelated feature options on GUI.

816151

Toggle for Use FortiManager for client software/signature updates appears disabled after enabling the feature.

819205

License widget shows Forensic license as NaN used of X when no license is in use.

Malware Protection and Sandbox

Bug ID

Description

793926 FortiShield blocks spoolsv.exe on Citrix virtual machine servers.

License

Bug ID

Description

823458 EMS with Endpoint Protection Platform (EPP)-only license and ZTNA feature enabled reports EPP license as consumed but fails to quarantine endpoint.

Remote access

Bug ID

Description

830899 FortiClient becomes unlicensed while connected to SSL VPN.

Avatar and social login information

Bug ID

Description

830117 EMS fails to update email address from personal information form in FortiClient.

Endpoint security

Bug ID

Description

783287 Let's Encrypt ACME certificate request fails due to port 80 on autotest system.

FortiGuard outbreak alert

Bug ID

Description

813928 EMS retrieves the EOAP signature from FDS but does not show it on the GUI.

Workaround: Restart fcems services to display all FortiGuard outbreak detection rules on the GUI.

819025 With multiple sites, EMS fails to display FortiGuard outbreak detection rules downloaded from FDS.

Onboarding

Bug ID

Description

819203 Authorized user group name should be full path.
820060 EMS displays same device list with the same login and registration LDAP user on verified user and unverified user tables.
822126 Delete SAML configuration message shows incorrect active users.

FortiClient Cloud API

Bug ID

Description

585763 User cannot log in to FortiClient Cloud if they are using the same browser for login to on-premise EMS.

Workaround: In FortiClient Cloud 7.0.6 and 7.0.7, you can clear the browser client cache or use a different browser.

832144

User cannot call APIs in FortiClient Cloud.

Workaround: In FortiClient Cloud 7.0.6 and 7.0.7, you can clear the browser client cache or use a different browser.