Changes in default behavior
Bug ID |
Description |
---|---|
907096 |
The IoT Detection service, which includes IoT Detection Definitions (APDB) and the IoT Query service (IOTH), is merged into the Attack Surface Security Rating service (FGSA). |
909045 |
Support enabling one-arm sniffer mode on mirrored ports (RSPAN or ESPAN) between a FortiSwitch port and a FortiGate VLAN interface. Prior to this change, one-arm sniffer mode could only be applied to physical interfaces. After this change, it can be applied to VLAN, VXLAN, and GRE interfaces. |
914302 |
When creating a new |
917647 |
Support five-digit build numbers for the IPS engine instead of the previous three-digit major/minor version number. When the FortiGate extracts the IPS engine binary, it will now be able to extract IPS engine versions in the five-digit object ID format. Displaying the engine version remains the same in the GUI and CLI, as it already displays the minor version in the five-digit format. |
921074 |
Reposition PSIRT related packages and functionality from the Security Rating entitlement into the Firmware entitlement. This allows more customers with the basic Firmware entitlement to have access to the latest PSIRT package updates, which can be run under Security Fabric > Security Rating > Security Posture checks. |
923718 |
Update SSL VPN default behavior and visibility in the GUI:
To enable SSL VPN web mode: config system global set sslvpn-web-mode enable end To enable VPN > SSL-VPN menus in the GUI: config system settings set gui-sslvpn enable end If SSL VPN web mode and tunnel mode were configured in a FortiOS version prior to upgrading to FortiOS 7.4.1 and later, then the VPN > SSL-VPN menus and SSL VPN web mode settings remain visible in the GUI. In FortiOS, alternative remote access solutions are IPsec VPN and ZTNA. |
930122 |
Automatic firmware upgrades are now enabled by default on entry-level FortiGates (lower than 100 series). Upgrades will be made to the next stable patch. However, if a FortiGate is part of a Fabric or managed by FortiManager, the |