Fortinet black logo

Release Notes

Home FortiDDoS-F 6.1.4 Release Notes
6.1.4
7.0.0
6.6.3
6.6.1
6.6.0
6.5.1
6.5.0
6.4.2
6.4.1
6.4.0
6.3.3
6.3.2
6.3.1
6.2.3
6.2.2
6.2.1
6.2.0
6.1.5
6.1.4
6.1.3
6.1.2
6.1.1
6.1.0

What's new

What's new

There are no new features for 6.1.4

B/E-Series Functionality not included in this release:
  • Support for FortiDDoS-CM Central Manager
  • Security Fabric Integration with FortiOS Dashboard
  • GTP-U support
  • Distress ACL nor Auto-Distress ACL
  • Multi-tenant support (SPP or SPP Policy Group)
  • Fewer files included in Offline analysis file
  • SPP Backup/Restore
  • Attack Reports are Global only and are on-demand or on-schedule only. Report periods are Last 7 Days, Last Month or Last year only. (Removed per-SPP, per-SPP Policy, per-SPP Policy Group reports, on-Threshold reports and some time periods)
  • REST API changes and requires documentation
  • Log & Report > DDoS Attack Graphs
  • SPP Policy Groups
  • Log & Report > Diagnostics
  • SPP-to-SPP Switching Policies. However, Cloud DDoS signaling and signaling thresholds are available.
  • Restrict DNS Queries to specific subnets
  • System Recommendation Option for Actual or System Max Outbound Threshold (5.4.0)
  • Traffic Statistics Option for Peak or 95th Percentile Traffic (5.4.0)
  • Syslog RFC 5424 or Fortinet proprietary secure "OFTP" protocol (5.4.0)
  • Search for IP addresses within various ACLs (5.3.0)
  • DNS LQ Upload and LQ Table size changes
VM limits
  • VMs have limited SPPs depending on model.
  • VMs do not support Fail-Open option. Fail-Open support will be determined by the underlying server
  • TCP Port Thresholds are calculated to 65,535 but Thresholds/Ranges are created for ports 1-1023 with one range for ports above 1023.
  • TCP Port Graphs display traffic and drops for Ports 1-1023. Port 1024 displays peak traffic rate for any port from 1024-65,535 and total drops associated with any of those ports. Attack logs show full port range 1-65,535.
  • UDP Port Thresholds are calculated to 65,535 but Thresholds/Ranges are created for 1-10,239 only with one range above that.
  • UDP Port Graphs display traffic and drops for Ports 1-10,239. Port 10,240 displays peak traffic rate for any port from 10,240-65,535 and total drops associates with any of those ports. Attack logs show full port range 1-65,535 as well as reflected attack drops from ports 1-9,999.
  • ICMP Type/Code Thresholds are calculated from 0-65,535 but Threshold/Ranges are created for 0-10,239 only. Indexes from 10,240 to 65,535 are included in one range.
  • ICMP Type/Code graphs show indexes from 0/0 to 39/255 with all others showing in 40/0. Attack logs will show drops for Types/Codes for all Types/Codes from 0/0 to 255/255.
Previous
Next

What's new

There are no new features for 6.1.4

B/E-Series Functionality not included in this release:
  • Support for FortiDDoS-CM Central Manager
  • Security Fabric Integration with FortiOS Dashboard
  • GTP-U support
  • Distress ACL nor Auto-Distress ACL
  • Multi-tenant support (SPP or SPP Policy Group)
  • Fewer files included in Offline analysis file
  • SPP Backup/Restore
  • Attack Reports are Global only and are on-demand or on-schedule only. Report periods are Last 7 Days, Last Month or Last year only. (Removed per-SPP, per-SPP Policy, per-SPP Policy Group reports, on-Threshold reports and some time periods)
  • REST API changes and requires documentation
  • Log & Report > DDoS Attack Graphs
  • SPP Policy Groups
  • Log & Report > Diagnostics
  • SPP-to-SPP Switching Policies. However, Cloud DDoS signaling and signaling thresholds are available.
  • Restrict DNS Queries to specific subnets
  • System Recommendation Option for Actual or System Max Outbound Threshold (5.4.0)
  • Traffic Statistics Option for Peak or 95th Percentile Traffic (5.4.0)
  • Syslog RFC 5424 or Fortinet proprietary secure "OFTP" protocol (5.4.0)
  • Search for IP addresses within various ACLs (5.3.0)
  • DNS LQ Upload and LQ Table size changes
VM limits
  • VMs have limited SPPs depending on model.
  • VMs do not support Fail-Open option. Fail-Open support will be determined by the underlying server
  • TCP Port Thresholds are calculated to 65,535 but Thresholds/Ranges are created for ports 1-1023 with one range for ports above 1023.
  • TCP Port Graphs display traffic and drops for Ports 1-1023. Port 1024 displays peak traffic rate for any port from 1024-65,535 and total drops associated with any of those ports. Attack logs show full port range 1-65,535.
  • UDP Port Thresholds are calculated to 65,535 but Thresholds/Ranges are created for 1-10,239 only with one range above that.
  • UDP Port Graphs display traffic and drops for Ports 1-10,239. Port 10,240 displays peak traffic rate for any port from 10,240-65,535 and total drops associates with any of those ports. Attack logs show full port range 1-65,535 as well as reflected attack drops from ports 1-9,999.
  • ICMP Type/Code Thresholds are calculated from 0-65,535 but Threshold/Ranges are created for 0-10,239 only. Indexes from 10,240 to 65,535 are included in one range.
  • ICMP Type/Code graphs show indexes from 0/0 to 39/255 with all others showing in 40/0. Attack logs will show drops for Types/Codes for all Types/Codes from 0/0 to 255/255.
Previous
Next