Upgrading FortiNAC from pre-8 versions to 8.x could break communication with agents running version 3.0 through 3.2. In agent versions 3.3 and greater, the communication protocol was changed from SSLv3 to TLS. This was done to address the POODLE vulnerability (CVE-2014-3566). As of Network Sentry 8.0.0, SSLv3 has been disabled completely.
Once upgraded, re-enable SSLv3 until agents are upgraded.
- Navigate to Settings > Persistent Agent > Transport Configuration
- Under TLS Service Configuration panel, SSLv3 can be added in the TLS Protocols field.
Download FortiNAC Upgrade Instructions and Considerations from the Fortinet Document Library for information regarding upgrade instructions and additional considerations, including features no longer supported.