What's new for hyperscale firewall for FortiOS 7.4.2
This section lists the new hyperscale firewall features added to FortiOS 7.4.2.
-
Adjustments to how names for normal VDOMs and hyperscale firewall VDOM names are handled, see the second note in the section Creating hyperscale firewall VDOMs.
-
Hyperscale hardware logging includes the following improvements or new features (see Configuring hardware logging for details):
-
NetFlow V9 is now supported for hyperscale VDOM software session logging.
-
New
enforce-seq-orderhardware logging option to enable or disable sending hyperscale VDOM software session logs to NetFlow servers in order by sequence number. -
New
log-transportlog server option to allow hyperscale host hardware logging to support syslog over TCP. -
You can select the log processor or log module (hardware or host) from the GUI. see Configuring hardware logging.
-
-
You can add IPv4 or IPv6 IP Address Threat Feeds to hyperscale firewall policies as source or destination addresses, see Adding IP address threat feeds to hyperscale firewall policies.
-
You can change the PBA and SPA port selection modes, see pba-port-select-mode {random | direct} and spa-port-select-mode {random | direct} .
-
If your FortiGate has multiple NP7 processors, depending on whether or not you are enabling EIF in hyperscale firewall policies, you may want to use the
nss-threads-optionof theconfig system npucommand to optimize performance, see nss-threads-option {4T-EIF | 4T-NOEIF | 2T}.