Fortinet black logo

Release Notes

Home FortiEDR/XDR 6.0.0 Release Notes
6.0.0
6.2.0
6.0.0
5.2.1
5.2.0
5.1.0
5.0.3
5.0.2
5.0.1
4.2.2
4.1.1
4.1.0

Upgrade information

Upgrade information

  • If you are running a FortiEDR version earlier than 5.2, Fortinet recommends that you upgrade to 5.2.0.3092 first before upgrading to 6.0.0. Central Manager versions earlier than 5.2.0.3092 cannot be upgraded to 6.0.1.0723 directly.

  • If you are running Central Manager Build 6.0.1.0155, you must upgrade it to 6.0.1.0723 first before you can upgrade to future 6.0 Central Manager versions.

  • Upgrading a macOS Collector to 6.0 can only be done via JAMF. Manual upgrade or upgrade via the FortiEDR Console are not supported.

The following section highlights operational changes that administrators should be aware of in FortiEDR 6.0.0.

User access changes

When upgrading to FortiEDR 6.0 from 5.2.0 or 5.0, be aware of the following behavior changes in user access management in the ADMINISTRATION > USERS page:

  • The user role is renamed Senior Analyst with additional access to the following pages or sections under ADMINISTRATION:

    • TOOLS > FILE SCAN

    • TOOLS > IOT

    • Tools > FORTIEDR CONNECT

    • IP SETS

  • Admin users no longer have access to custom scripts by default. You must manually select the Custom script checkbox when creating the Admin user or assigning groups for the Admin role in the LDAP AUTHENTICATION and SAML AUTHENTICATION sections.

    For existing Admin users created in 5.2.0 or 5.0, edit the user or LDAP and SAML group to enable the Custom script checkbox. Otherwise, the Admin user will not be able to see the Action Manager button in the Integrations page for uploading custom scripts.

  • For multi-tenancy environments, existing SAML and LDAP Admin users created in 5.2.0 or 5.0 with access to all organizations will only have access to the default organization after the upgrade to 6.0. If your multi-tenancy environment has SAML users only, contact Fortinet support to reconfigure the SAML users after the upgrade.

  • To grant an Admin user access to one or all organizations in multi-tenancy environments:

    • Local users

      1. Select Hoster View in the Organization dropdown list at the top left.

      2. Select the organization or All organizations in the Organization list.

      3. Select Admin in the Role list.

      See the FortiEDR Administration Guide for more details.

    • LDAP and SAML users

      1. In the Organization dropdown list at the top left, select the organization that you want to grant the user access or select Hoster View if you want to grant the user access to all organizations.

      2. Select Admin in the Role list for the group when you configure LDAP or SAML users.

User password changes

Following an upgrade of previous FortiEDR versions to 6.0, all existing users will need to provide a new password upon their first login, such that it will match the new default password policy. See Defining a password policy.

Previous
Next

Upgrade information

  • If you are running a FortiEDR version earlier than 5.2, Fortinet recommends that you upgrade to 5.2.0.3092 first before upgrading to 6.0.0. Central Manager versions earlier than 5.2.0.3092 cannot be upgraded to 6.0.1.0723 directly.

  • If you are running Central Manager Build 6.0.1.0155, you must upgrade it to 6.0.1.0723 first before you can upgrade to future 6.0 Central Manager versions.

  • Upgrading a macOS Collector to 6.0 can only be done via JAMF. Manual upgrade or upgrade via the FortiEDR Console are not supported.

The following section highlights operational changes that administrators should be aware of in FortiEDR 6.0.0.

User access changes

When upgrading to FortiEDR 6.0 from 5.2.0 or 5.0, be aware of the following behavior changes in user access management in the ADMINISTRATION > USERS page:

  • The user role is renamed Senior Analyst with additional access to the following pages or sections under ADMINISTRATION:

    • TOOLS > FILE SCAN

    • TOOLS > IOT

    • Tools > FORTIEDR CONNECT

    • IP SETS

  • Admin users no longer have access to custom scripts by default. You must manually select the Custom script checkbox when creating the Admin user or assigning groups for the Admin role in the LDAP AUTHENTICATION and SAML AUTHENTICATION sections.

    For existing Admin users created in 5.2.0 or 5.0, edit the user or LDAP and SAML group to enable the Custom script checkbox. Otherwise, the Admin user will not be able to see the Action Manager button in the Integrations page for uploading custom scripts.

  • For multi-tenancy environments, existing SAML and LDAP Admin users created in 5.2.0 or 5.0 with access to all organizations will only have access to the default organization after the upgrade to 6.0. If your multi-tenancy environment has SAML users only, contact Fortinet support to reconfigure the SAML users after the upgrade.

  • To grant an Admin user access to one or all organizations in multi-tenancy environments:

    • Local users

      1. Select Hoster View in the Organization dropdown list at the top left.

      2. Select the organization or All organizations in the Organization list.

      3. Select Admin in the Role list.

      See the FortiEDR Administration Guide for more details.

    • LDAP and SAML users

      1. In the Organization dropdown list at the top left, select the organization that you want to grant the user access or select Hoster View if you want to grant the user access to all organizations.

      2. Select Admin in the Role list for the group when you configure LDAP or SAML users.

User password changes

Following an upgrade of previous FortiEDR versions to 6.0, all existing users will need to provide a new password upon their first login, such that it will match the new default password policy. See Defining a password policy.

Previous
Next