Fortinet black logo

Handbook (HTML)

Home FortiDB 5.1.14 Handbook (HTML)

What’s new

5.1.14
5.1.14
5.1.13
5.1.12
5.1.11
5.1.10
5.1.9
5.1.8
5.1.7
5.1.6
5.1.5
5.1.2
5.1.1
5.0.0
Copy Link
Copy Doc ID 73ac471a-9afd-11ea-8862-00505692583a:703110

What’s new

The following features are new or have changed since FortiDB 5.1. For upgrade information, see the release notes available with the firmware and Updating the firmware.

FortiDB 5.1.14
  • Fix OpenSSH vulnerability — This release fixes vulnerability in OpenSSH which is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed (CVE-2018-15473).
  • Fix tcpdump vulnerabilities — This release fixes tcpdump buffer overflow issue in the sliplink_print function (CVE-2017-11543). And fixes tcpdump protocol parsers buffer overflow issue in util-print.c:bittok2str_internal (CVE-2017-13011).
  • Fix RC4 algorithm vulnerability — This release fixes known RC4 algorithm vulnerability which allows remote attackers to conduct plain text-recovery attacks using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue (CVE-2015-2808).
  • Upgrade Tomcat server to 7.0.94 — This release applies Apache vulnerabilities fixes for Tomcat server before version 7.0.94. https://tomcat.apache.org/security-7.html#Apache_Tomcat_7.x_vulnerabilities
FortiDB 5.1.11
  • Patch release only.
FortiDB 5.1.10
  • Disk partitioning requirement — If upgrading from a version older than 5.1.8, you MUST repartition the hard disk to ensure FortiDB works properly.
  • Support "Flashback" for oracle XML agent — Two metadata DAM alert policies have been added in Oracle XML agent mode to cover the flashback table and the flashback database.
  • Update SqbaseIQ for VA — Twelve (12) VA policies have been added for SybaseIQ.
  • MongoDB VA SSL connection support — Support for SSL connection has been added to MongoDB VA.
  • MongoDB VA YAML-type configuration file support — Support for YAML-type configuration file has been added to MongoDB VA.
FortiDB 5.1.9
  • Fix for glibc vulnerability — This release fixes a bug in the glibc open source library that made the product vulnerable to denial of service and other types of attacks (CVE-2015-7547).
  • Software support for FortiDB 1000BFortiDB 5.1.9 and higher software is not supported on model 1000B.
  • Software version support — This release is supported on hardware versions of the product only. (The glibc vulnerability (CVE-2015-7547) vulnerability does not affect the software versions of the product.)

FortiDB 5.1.8

  • Vulnerability assessment (VA) for MongoDB and Oracle 12c — FortiDB now supports VA for MongoDB version 2.6 and Oracle 12c.
  • DAM using the TCP/IP sniffer supports Microsoft SQL RPC variables and commands — FortiDB can now match DAM policies by parsing values generated by remote call procedure (RPC) operations generated by right-clicking in client-side database tools (for example, SQL Studio) and translating SQL commands beginning with 'rpc executesql' to standard SQL commands.
  • Reconnect when target is offline and send email notification — When a target is offline, FortiDB now makes up to 5 attempts to reconnect. FortiDB sends an email notification to an administrator if a connection fails.
  • Disk usage detection and reserve — FortiDB now reserves 1% of free disk space to help prevent system crashes.
FortiDB 5.1.7
  • Oracle 12c support for DAM — For Oracle 12c, FortiDB now supports Database Activity Monitoring (DAM) using both the TCP/IP packet sniffer and native, audit-based data collection methods.
  • Support for Oracle syslog data collection — Oracle syslog data collection is now available when you use sniffer-based data collection.

For more information, see Using the SYSLOG utility to collect audit data.

  • Fdbagent supports AIX and Linux 6 — For DAM, you can now use the Oracle XML file agent or DB2 agent to monitor databases installed on AIX 6 and Linux 6.
  • Monitor synonyms — You can now monitor synonyms (an alternative name for a database element such as a table, view, sequence, or procedure) on Oracle databases.
  • PostgreSQL support for DAM — DAM can now monitor PostgreSQL databases when you use sniffer-based data collection.
  • Configuration backup via CLI — You can now back up your FortiDB configuration using CLI commands, without backing up audit and other data.

For more information, see execute backup configurations.

  • Security enhancements — A number of security enhancements have been added to address current threats and SSL-related issues.
  • Support for Microsoft SQL RPC (remote procedure call) in native audit mode — FortiDB now supports RPC (remote procedure call) when it monitors a Microsoft SQL Server database using the native auditing featuring.
  • DB2 version 10.x support for both VA and DAM — DAM and VA now support newer versions of IBM DB2.
  • Troubleshooting enhancements — FortiDB now provides more CLI commands that retrieve diagnostic data.

For more information, see diagnose system coredump check and diagnose system coredump export.

FortiDB 5.1.6
  • HIPAA compliance reports — In addition to SOX and PCI reports, FortiDB now has pre-defined HIPAA (Health Insurance Portability and Accountability Act) reports to help customers meet regulatory requirements.

See PCI, SOX, and HIPAA reports .

  • SQL string detection in Alert policies — You can now specify a SQL string to detect in a Table and Column DAM alert policy. This is useful for detecting attacks that use SQL injection.

See Configuring a table and column policy.

  • Support for encrypted Oracle traffic for database activity monitoring (DAM) — FortiDB now can monitor encrypted Oracle traffic in sniffer mode.

See Monitoring encrypted Oracle traffic .

  • Exclude policies from vulnerability assessment (VA) scans — You can now exclude policies from VA scans of specific targets. This feature allows you to scan databases with different policy sets without creating new scans for each case.

See Adding or modifying assessments.

  • Sysbase IQ support for VA — FortiDB now supports SybaseIQ for VA. (Penetration test and DAM are not supported.)

See Adding (or modifying) a target connection.

  • Performance enhancement — FortiDB now has an internal alert policy pre-filter that speeds up alert data processing.
FortiDB 5.1.5
  • Tomcat upgrade — Tomcat (one of FortiDB’s internal components) has been upgraded to eliminate vulnerabilities found in the older version.
  • Mitigate vulnerability related to Bash (CVE-2014-6271)FortiDB used Bash to allow access to the shell in its debug builds. It has been replaced to eliminate the CVE-2014-6271 vulnerability.
FortiDB 5.1.4
  • Support for SQL Server 2014 VA — You can now scan the latest MS SQL server platform for vulnerabilities.
  • TCP/IP sniffer optimized for better performance and stability — Throughput and performance for the sniffer-based data collection method has been improved.
  • Enhanced diagnose modeFortiDB has a new command set that allows you to troubleshoot more efficiently. See Using the command line interface (CLI).
  • Security enhancements — Enhanced protection for Cross Frame Scripting (XSS), and cache control to prevent data from being saved by the browser.
FortiDB 5.1.3
  • Internal message queuing mechanism enhancement — The internal message queuing mechanism was upgraded. This improves the stability of data collection in high transaction volume environments.
  • Support for online context in helpFortiDB now supports online context in Help. This allows more comprehensive searches and more up to date information for end-users.
  • Support for partitions larger than 2TB in 3000D — The large partition size enables more efficient audit data storage in the 3000D appliances.
  • For information on adjusting the RAID level for the FortiDB 3000D and other models, see config system raid.
  • Email notification enhancement — This enhancement alleviates the problems associated with configuring reports in the notification section of the Monitor setup.
FortiDB 5.1.2
  • No design changes. Bug fixes only.
FortiDB 5.1.1
  • Support for FortiDB 1000D applianceFortiDB 1000D is a stronger, faster platform supporting up to 30 databases that replaces the -1000C.
  • tcpdumpFortiDB now includes tcpdump, a packet analyzer that you access using the command-line interface (CLI). The tcpdump provides a reliable way for FortiDB deployments that use the TCP/IP sniffer to collect traffic data for troubleshooting purposes.
Previous
Next

What’s new

The following features are new or have changed since FortiDB 5.1. For upgrade information, see the release notes available with the firmware and Updating the firmware.

FortiDB 5.1.14
  • Fix OpenSSH vulnerability — This release fixes vulnerability in OpenSSH which is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed (CVE-2018-15473).
  • Fix tcpdump vulnerabilities — This release fixes tcpdump buffer overflow issue in the sliplink_print function (CVE-2017-11543). And fixes tcpdump protocol parsers buffer overflow issue in util-print.c:bittok2str_internal (CVE-2017-13011).
  • Fix RC4 algorithm vulnerability — This release fixes known RC4 algorithm vulnerability which allows remote attackers to conduct plain text-recovery attacks using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue (CVE-2015-2808).
  • Upgrade Tomcat server to 7.0.94 — This release applies Apache vulnerabilities fixes for Tomcat server before version 7.0.94. https://tomcat.apache.org/security-7.html#Apache_Tomcat_7.x_vulnerabilities
FortiDB 5.1.11
  • Patch release only.
FortiDB 5.1.10
  • Disk partitioning requirement — If upgrading from a version older than 5.1.8, you MUST repartition the hard disk to ensure FortiDB works properly.
  • Support "Flashback" for oracle XML agent — Two metadata DAM alert policies have been added in Oracle XML agent mode to cover the flashback table and the flashback database.
  • Update SqbaseIQ for VA — Twelve (12) VA policies have been added for SybaseIQ.
  • MongoDB VA SSL connection support — Support for SSL connection has been added to MongoDB VA.
  • MongoDB VA YAML-type configuration file support — Support for YAML-type configuration file has been added to MongoDB VA.
FortiDB 5.1.9
  • Fix for glibc vulnerability — This release fixes a bug in the glibc open source library that made the product vulnerable to denial of service and other types of attacks (CVE-2015-7547).
  • Software support for FortiDB 1000BFortiDB 5.1.9 and higher software is not supported on model 1000B.
  • Software version support — This release is supported on hardware versions of the product only. (The glibc vulnerability (CVE-2015-7547) vulnerability does not affect the software versions of the product.)

FortiDB 5.1.8

  • Vulnerability assessment (VA) for MongoDB and Oracle 12c — FortiDB now supports VA for MongoDB version 2.6 and Oracle 12c.
  • DAM using the TCP/IP sniffer supports Microsoft SQL RPC variables and commands — FortiDB can now match DAM policies by parsing values generated by remote call procedure (RPC) operations generated by right-clicking in client-side database tools (for example, SQL Studio) and translating SQL commands beginning with 'rpc executesql' to standard SQL commands.
  • Reconnect when target is offline and send email notification — When a target is offline, FortiDB now makes up to 5 attempts to reconnect. FortiDB sends an email notification to an administrator if a connection fails.
  • Disk usage detection and reserve — FortiDB now reserves 1% of free disk space to help prevent system crashes.
FortiDB 5.1.7
  • Oracle 12c support for DAM — For Oracle 12c, FortiDB now supports Database Activity Monitoring (DAM) using both the TCP/IP packet sniffer and native, audit-based data collection methods.
  • Support for Oracle syslog data collection — Oracle syslog data collection is now available when you use sniffer-based data collection.

For more information, see Using the SYSLOG utility to collect audit data.

  • Fdbagent supports AIX and Linux 6 — For DAM, you can now use the Oracle XML file agent or DB2 agent to monitor databases installed on AIX 6 and Linux 6.
  • Monitor synonyms — You can now monitor synonyms (an alternative name for a database element such as a table, view, sequence, or procedure) on Oracle databases.
  • PostgreSQL support for DAM — DAM can now monitor PostgreSQL databases when you use sniffer-based data collection.
  • Configuration backup via CLI — You can now back up your FortiDB configuration using CLI commands, without backing up audit and other data.

For more information, see execute backup configurations.

  • Security enhancements — A number of security enhancements have been added to address current threats and SSL-related issues.
  • Support for Microsoft SQL RPC (remote procedure call) in native audit mode — FortiDB now supports RPC (remote procedure call) when it monitors a Microsoft SQL Server database using the native auditing featuring.
  • DB2 version 10.x support for both VA and DAM — DAM and VA now support newer versions of IBM DB2.
  • Troubleshooting enhancements — FortiDB now provides more CLI commands that retrieve diagnostic data.

For more information, see diagnose system coredump check and diagnose system coredump export.

FortiDB 5.1.6
  • HIPAA compliance reports — In addition to SOX and PCI reports, FortiDB now has pre-defined HIPAA (Health Insurance Portability and Accountability Act) reports to help customers meet regulatory requirements.

See PCI, SOX, and HIPAA reports .

  • SQL string detection in Alert policies — You can now specify a SQL string to detect in a Table and Column DAM alert policy. This is useful for detecting attacks that use SQL injection.

See Configuring a table and column policy.

  • Support for encrypted Oracle traffic for database activity monitoring (DAM) — FortiDB now can monitor encrypted Oracle traffic in sniffer mode.

See Monitoring encrypted Oracle traffic .

  • Exclude policies from vulnerability assessment (VA) scans — You can now exclude policies from VA scans of specific targets. This feature allows you to scan databases with different policy sets without creating new scans for each case.

See Adding or modifying assessments.

  • Sysbase IQ support for VA — FortiDB now supports SybaseIQ for VA. (Penetration test and DAM are not supported.)

See Adding (or modifying) a target connection.

  • Performance enhancement — FortiDB now has an internal alert policy pre-filter that speeds up alert data processing.
FortiDB 5.1.5
  • Tomcat upgrade — Tomcat (one of FortiDB’s internal components) has been upgraded to eliminate vulnerabilities found in the older version.
  • Mitigate vulnerability related to Bash (CVE-2014-6271)FortiDB used Bash to allow access to the shell in its debug builds. It has been replaced to eliminate the CVE-2014-6271 vulnerability.
FortiDB 5.1.4
  • Support for SQL Server 2014 VA — You can now scan the latest MS SQL server platform for vulnerabilities.
  • TCP/IP sniffer optimized for better performance and stability — Throughput and performance for the sniffer-based data collection method has been improved.
  • Enhanced diagnose modeFortiDB has a new command set that allows you to troubleshoot more efficiently. See Using the command line interface (CLI).
  • Security enhancements — Enhanced protection for Cross Frame Scripting (XSS), and cache control to prevent data from being saved by the browser.
FortiDB 5.1.3
  • Internal message queuing mechanism enhancement — The internal message queuing mechanism was upgraded. This improves the stability of data collection in high transaction volume environments.
  • Support for online context in helpFortiDB now supports online context in Help. This allows more comprehensive searches and more up to date information for end-users.
  • Support for partitions larger than 2TB in 3000D — The large partition size enables more efficient audit data storage in the 3000D appliances.
  • For information on adjusting the RAID level for the FortiDB 3000D and other models, see config system raid.
  • Email notification enhancement — This enhancement alleviates the problems associated with configuring reports in the notification section of the Monitor setup.
FortiDB 5.1.2
  • No design changes. Bug fixes only.
FortiDB 5.1.1
  • Support for FortiDB 1000D applianceFortiDB 1000D is a stronger, faster platform supporting up to 30 databases that replaces the -1000C.
  • tcpdumpFortiDB now includes tcpdump, a packet analyzer that you access using the command-line interface (CLI). The tcpdump provides a reliable way for FortiDB deployments that use the TCP/IP sniffer to collect traffic data for troubleshooting purposes.
Previous
Next