6.3.0 What's new
FortiDDoS-F 6.3.0 offers the following new features and enhancements:
DNS Profile enhancements
-
Added FQDN Allow/Blocklist file upload, manual entry, and regex entries.
-
FortiDDoS-F now supports DNS "0x20" mixed case FQDNs.
New DNS Header Anomaly
Incomplete DNS can now be used to block non-DNS traffic to Port 53.
DNSSEC enhancements
FortiDDoS-F has added DNSSEC inspection, anomaly and mitigation options.
UDP Service Ports monitor
User-entered UDP Service Ports over 9999 are now monitored for possible reflection floods.
New graphs and tables on FortiGate Security Fabric Dashboard
FortiDDoS-F now supports the following graphs and tables on FortiGate Security Fabric Dashboard: System Information, Data Path Resources, Aggregate Drops and Top Attacks.
SSL/TLS traffic inspection
FortiDDoS-F 1500F can now inspect SSL/TLS traffic for all HTTP Anomalies and Thresholds. Proper SSL Certificates are required.
Note: This is experimental in 6.3.0 and performance has not been confirmed.
LDAP, RADIUS, TACACS+ remote password authentication
LDAP, RADIUS, TACACS+ remote password authentication is now available with local username, profile and trusted hosts settings. This now supports GUI, CLI and Console logins.
TCP Profile enhancement
TCP Profile now adds Foreign Packet Threshold when Foreign Packet Validation is enabled.
New IP Reputation options
Added Phishing, Spam and TOR (exit nodes) Categories to IP Reputation options.
Debug enhancements
-
Debug file now has CUSTOMER folder which includes: Config, Attack logs, Thresholds, Protection Subnets list (event log in MySQL format to be improved in a later release). Do not use Offline Analysis file.
-
Additional debug logs are added for SNMP.
Packet Capture enhancements
Additional packet capture options are now available.
System time change in Event Log
An Event Log is now added when admin changes system time.
Out of Memory (OOM) conditions
Out of Memory (OOM) conditions are optionally set to pass traffic (bypass - default) or block packets. Please see documentation for conditions that may result in OOM drops.
New RRD troubleshooting and repair CLI commands
Additional RRD troubleshooting and repair CLI commands are now available.
execute create-spp-rrd spp_id 15 among others
check_stale_rrd_files
New User (admin) options
Additional menu items added to the User (admin) drop-down in the GUI:
-
System: Reboot / Shutdown
-
Configuration Backup / Restore
-
Change Password
GUI enhancements
-
Additional special characters are allowed for admin users:
a-Z -9_.-*@
. -
Data Port Speed and Duplex settings are shown on Network > Interface page.
-
Global ACL names are included in graphs.
-
Enabled/Disabled status of Global and SPP ACLs is displayed in ACL lists.
-
Variable column widths and text wrapping is added to Dashboard > Status > Top Attacks panel, for improved readability of attack events.
-
Link speed addition to Network GUI.
-
Bypass status icon and inline/bypass text is added to the Dashboard > Status > System Information panel.
-
Filter conditions for several parameter lists (ACLs, Network Ports, etc.) are improved.
-
Network > Interface list can be filtered by Link Status and Config Status (for Port-Pairs and Ports).
-
Improved GUI for System >SNMP > v1/v2/v3.
-
A spinning "loading" icon is shown when the system is building list pages, such as Attack Logs.
-
For most column based lists, clicking the settings () icon in the list header allows the user to customize the columns shown.
-
Dashboard > SPP adds a column for SPP Status (Enable/Disabled).