Index
The following index provides a list of all new features added to FortiOS 7.0. The index allows you to quickly identify the version where the feature first became available in FortiOS.
Select a version number to navigate in the index to the new features available for that patch:
7.0.0
GUI
Security Fabric
-
Show detailed user information about clients connected over a VPN through EMS
-
Improve communication performance between EMS and FortiGate with WebSockets
-
Simplify EMS pairing with Security Fabric so one approval is needed for all devices
-
Enhance Security Fabric configuration for FortiSandbox Cloud
Network
System
-
Allow administrators to define password policy with minimum character change
-
Layer 3 unicast standalone configuration synchronization between peers
Policy and Objects
-
Establish device identity and trust context with FortiClient EMS
-
Allow multiple virtual wire pairs in a virtual wire pair policy
Security Profiles
-
Configure threat feed and outbreak prevention without AV engine scan
-
Stream-based antivirus scan in proxy mode for FTP, SFTP, and SCP
-
FortiGuard web filter categories to block child sexual abuse and terrorism
-
Define multiple certificates in an SSL profile in replace mode
VPN
User and Authentication
Secure Access
-
Captive portal authentication when bridged via software switch
-
Station mode on FortiAP radios to initiate tests against other APs
-
Automatic provisioning of FortiSwitch firmware upon authorization
-
GUI support for viewing and configuring shared FortiSwitch ports
-
Cloud icon indicates that the FortiSwitch unit is managed over layer 3
Log and Report
Cloud
-
Obtain FortiCare-generated license and certificates for GCP PAYG instances
-
Synchronize wildcard FQDN resolved addresses to autoscale peers
7.0.1
GUI
Security Fabric
Network
-
Speed tests run from the hub to the spokes in dial-up IPsec tunnels 7.0.1
-
Interface based QoS on individual child tunnels based on speed test results 7.0.1
-
ECMP support for the longest match in SD-WAN rule matching 7.0.1
-
Override quality comparisons in SD-WAN longest match rule matching 7.0.1
-
Specify an SD-WAN zone in static routes and SD-WAN rules 7.0.1
-
Enable or disable updating policy routes when link health monitor fails 7.0.1
System
Policy and Objects
-
ZTNA TCP forwarding access proxy without encryption example 7.0.1
-
Simplify NAT46 and NAT64 policy and routing configurations 7.0.1
-
Allow VIPs to be enabled or disabled in central NAT mode 7.0.1
Security Profiles
VPN
User and Authentication
-
Use a browser as an external user-agent for SAML authentication in an SSL VPN connection 7.0.1
-
Add configurable FSSO timeout when connection to collector agent fails 7.0.1
Secure Access
-
Backward compatibility with FortiAP models that uses weaker ciphers 7.0.1
-
Captive portal authentication in service assurance management (SAM) mode 7.0.1
-
Ability to re-order FortiSwitch units in the Topology view 7.0.1
Log and Report
Cloud
-
SD-WAN transit routing with Google Network Connectivity Center 7.0.1
-
FGSP session sync on FortiGate-VMs on Azure with autoscaling enabled 7.0.1
-
Support MIME multipart bootstrapping on KVM with config drive 7.0.1
7.0.2
GUI
Security Fabric
Network
-
Passive health-check measurement by internet service and application 7.0.2
-
Add GPS coordinates to REST API monitor output for FortiExtender and LTE modems 7.0.2
System
-
Enabling individual ciphers in the SSH administrative access protocol 7.0.2
-
Extend dedicated management CPU feature to 1U and desktop models 7.0.2
Policy and Objects
Security Profiles
User and Authentication
Secure Access
-
Allow users to select individual security profiles in bridged SSID 7.0.2
-
Wireless client MAC authentication and MPSK returned through RADIUS 7.0.2
-
FQDN for FortiPresence server IP address in FortiAP profiles 7.0.2
-
IGMP-snooping querier and per-VLAN IGMP-snooping proxy configuration 7.0.2
-
Using the backhaul IP when the FortiGate access controller is behind NAT 7.0.2
Log and Report
Cloud
-
Subscription-based VDOM license for FortiGate-VM S-series 7.0.2
-
FortiFlex token and bootstrap configuration file fields in custom OVF template 7.0.2
7.0.4
GUI
-
Automatically enable FortiCloud single sign-on after product registration 7.0.4
-
Loading artifacts from a CDN for improved GUI performance 7.0.4
Security Fabric
-
Replace FSSO-based FortiNAC tag connector with REST API 7.0.4
-
Display EMS ZTNA and endpoint tags in user widgets and Asset Identity Center 7.0.4
Network
-
Enhanced BGP next hop updates and ADVPN shortcut override 7.0.4
-
Accept multiple conditions in BGP conditional advertisements 7.0.4
-
Allow only supported FEC implementations on 10G, 25G, 40G, and 100G interfaces 7.0.4
System
Policy and Objects
VPN
User and Authentication
Secure Access
-
DAARP to consider full channel bandwidth in channel selection 7.0.4
-
Support advertising vendor specific element in beacon frames 7.0.4
-
Support multiple DARRP profiles and per profile optimize schedule 7.0.4
-
GUI support for Wireless client MAC authentication and MPSK returned through RADIUS 7.0.4
-
GUI enhancements to distinguish UTM capable FortiAP models 7.0.4
-
One-time automatic upgrade to the latest FortiSwitch firmware 7.0.4
-
Support hardware vendor matching in dynamic port policies 7.0.4
Log and Report
Cloud
7.0.5
Secure Access
7.0.6
Network
- Support CORS protocol in explicit web proxy when using session-based, cookie-enabled, and captive portal-enabled SAML authentication 7.0.6
- Support 802.1X on virtual switch for certain NP6 platforms 7.0.6
- SNMP OIDs for port block allocations IP pool statistics 7.0.6
- Support cross-VRF local-in and local-out traffic for local services 7.0.6
- BFD for multihop path for BGP 7.0.6
System
- Introduce maturity firmware levels 7.0.6
- Applying the session synchronization filter only between FGSP peers in an FGCP over FGSP topology 7.0.6
Policy and Objects
Security Profiles
- Support full extended IPS database for CP9 models and slim extended database for other physical models 7.0.6
- Allow the YouTube channel override action to take precedence 7.0.6
User and Authentication
Cloud
7.0.8
Security Fabric
System
Secure Access
Cloud
- Support Graviton c7g and c6gn instance types on AWS 7.0.8
- Support Ampere A1 Compute instances on OCI 7.0.8
- Add TPM support for FortiGate-VM 7.0.8
7.0.11
Security Fabric
Security Profiles
7.0.12
System
- Enhance BIOS-level signature and file integrity checking 7.0.12
- Real-time file system integrity checking 7.0.12