Multicast logging is renamed multicast-mode logging.

A new version of the hyperscale firewall policy engine was added to FortiOS 7.4.3 and 7.6.0. This new version is intended to resolve issues that cause the limitations described in Hyperscale firewall policy engine limitations and mechanics. So these limitations may no longer apply. This new versions is relatively new and more testing needs to be done to determine if there are new limitations. The limitation of 15,000 policies per hyperscale VDOM has not been changed.

Changes to Hyperscale firewall policy engine limitations and mechanics. Moved the former section "CGN resource allocation firewall policy source and destination address limits" to Per hyperscale policy limits.

The number of firewall policies that can be added to a Hyperscale firewall VDOM is limited to 15,000. For more information, see About the 15,000 policy per hyperscale VDOM limit.

Hyperscale firewall VDOMs do not support the FortiOS Internet Service Database (ISDB), IP Reputation Database (IRDB), and IP Definitions Database (IPDB) features, see Hyperscale firewall 7.6.0 incompatibilities and limitations.

If your FortiGate has multiple NP7 processors, depending on whether or not you are enabling EIF in hyperscale firewall policies, you may want to use the nss-threads-option of the config system npu command to optimize performance, see nss-threads-option {4T-EIF | 4T-NOEIF | 2T}.

You should not operate DoS protection in monitor mode on a FortiGate licensed for hyperscale firewall, for more information in this limitation, see Hyperscale firewall 7.6.0 incompatibilities and limitations.

New section: Overload PBA resource quota limitation.