Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiAIOps 1.1.1 Release Notes

    Home FortiManager 7.2.1 FortiAIOps 1.1.1 Release Notes
    7.2.1
    7.4.0
    7.2.1

    Recommendations and Limitations

    Recommendations and Limitations

    Recommendations

    Fortinet recommends the following versions and configurations to use with FortiAIOps.

    Product

    Recommendation
    FortiManager
    • This release of FortiAIOps requires FortiManager version 7.2.1/7.2.2.
    • The ADOM version supports FortiOS version 7.0.x and 7.2.x.
    • Configure and enable syslog.

    FortiAP/FortiAP-U
    • FortiAP (FAP) version 7.2.1 and FortiAP-U (FAP-U) version 6.2.4 are recommended.

    FortiSwitch
    • FortiSwitch OS version 7.2.1 and later is recommended.
    FortiOS
    • FortiOS version 7.2.1 and later is recommended to generate all events in FortiAIOps.

    FortiExtender

    • FortiExtender version 7.2.2 is recommended.
    FortiGate
    • [FortiGate/FortiAnalyzer] Configure the FortiManager IP address in the FortiGate syslog or FortiAnalyzer to send events to FortiAIOps.
    • Ensure that you enable the detection of interfering SSIDs in FortiGate to allow reporting of Throughput SLA - interference issues in FortiAIOps. To detect interfering SSIDs in FortiGate, configure the FortiAP profile to use Radio Resource Provisioning or a WIDS profile with AP scan enabled.
    • To receive SD-WAN congestion logs, ensure that the SD-WAN monitoring license is applied in FortiGate.
    • Configure the sla-fail and sla-pass log failure period, the recommended duration is 30 to 60 seconds.

    • Application Control must be enabled in firewall policy to check client traffic and identify WAN impacted clients.
    Limitations

    The following limitations apply to FortiAIOps.

    • The Time to Connect DNS is not supported.
    • For wired SLA, only Linux/Windows/MacBook devices are considered as end clients.
    • Backup and restore operations are not supported.
    • All Throughput SLAs are not supported in FortiAIOps, if the FortiOS/FortiAP/FortiAP-U deployed are below the recommended versions.
    • Currently FortiAIOps evaluates only some de-authentication reasons.
    • Configuring the set sla-fail-log-period to less than 30 seconds generates many SD-WAN logs. Also, this may overload FortiAIOps.
    • Currently FortiAIOps receives the channel utilization data excluding WiFi and non-WiFi interference utilization data.
    • Retry information is not available for these FortiAP models, FAP-43xF, FAP-U43xF, FAP-23xF.

    • Neighbor AP statistics displayed will not be accurate for APs with three radios, if the third radio is in monitor mode.

    Previous
    Next

    Recommendations and Limitations

    Recommendations and Limitations

    Recommendations

    Fortinet recommends the following versions and configurations to use with FortiAIOps.

    Product

    Recommendation
    FortiManager
    • This release of FortiAIOps requires FortiManager version 7.2.1/7.2.2.
    • The ADOM version supports FortiOS version 7.0.x and 7.2.x.
    • Configure and enable syslog.

    FortiAP/FortiAP-U
    • FortiAP (FAP) version 7.2.1 and FortiAP-U (FAP-U) version 6.2.4 are recommended.

    FortiSwitch
    • FortiSwitch OS version 7.2.1 and later is recommended.
    FortiOS
    • FortiOS version 7.2.1 and later is recommended to generate all events in FortiAIOps.

    FortiExtender

    • FortiExtender version 7.2.2 is recommended.
    FortiGate
    • [FortiGate/FortiAnalyzer] Configure the FortiManager IP address in the FortiGate syslog or FortiAnalyzer to send events to FortiAIOps.
    • Ensure that you enable the detection of interfering SSIDs in FortiGate to allow reporting of Throughput SLA - interference issues in FortiAIOps. To detect interfering SSIDs in FortiGate, configure the FortiAP profile to use Radio Resource Provisioning or a WIDS profile with AP scan enabled.
    • To receive SD-WAN congestion logs, ensure that the SD-WAN monitoring license is applied in FortiGate.
    • Configure the sla-fail and sla-pass log failure period, the recommended duration is 30 to 60 seconds.

    • Application Control must be enabled in firewall policy to check client traffic and identify WAN impacted clients.
    Limitations

    The following limitations apply to FortiAIOps.

    • The Time to Connect DNS is not supported.
    • For wired SLA, only Linux/Windows/MacBook devices are considered as end clients.
    • Backup and restore operations are not supported.
    • All Throughput SLAs are not supported in FortiAIOps, if the FortiOS/FortiAP/FortiAP-U deployed are below the recommended versions.
    • Currently FortiAIOps evaluates only some de-authentication reasons.
    • Configuring the set sla-fail-log-period to less than 30 seconds generates many SD-WAN logs. Also, this may overload FortiAIOps.
    • Currently FortiAIOps receives the channel utilization data excluding WiFi and non-WiFi interference utilization data.
    • Retry information is not available for these FortiAP models, FAP-43xF, FAP-U43xF, FAP-23xF.

    • Neighbor AP statistics displayed will not be accurate for APs with three radios, if the third radio is in monitor mode.

    Previous
    Next