Fortinet white logo
Fortinet white logo

Administration Guide

What's new in FortiNAC 9.4

What's new in FortiNAC 9.4

New features
User Group Support with FortiAuthenticator RADIUS Integrations (715957, 713515)

Version 9.4.0 has made it easier to use FortiAuthenticator with FortiNAC for RADIUS integrations. Administrators will no longer be forced to change their FortiAuthenticator configuration when connecting to FortiNAC. New enhancements allow FortiNAC to receive user groups from FortiAuthenticator during the RADIUS authentication process.

For details, see "Fortinet-Group-Name" under RADIUS section of the Administration Guide.

https://docs.fortinet.com/document/fortinac/9.4.0/administration-guide/214558/radius

SMS Gateway (586499)

FortiNAC has the ability to send SMS messages to administrators, guests or users. Previous versions of FortiNAC only supported the Mail to SMS method; now, FortiNAC adds support for API/HTTPS-based SMS gateway integration. FortiNAC 9.4.0 has built-in integration with cloud-based SMS providers such as Twilio, and LDAP group mapping for sponsors.

In the GUI, see: Network > Service Connectors > Email/SMS

See information in the Administration Guide: https://docs.fortinet.com/document/fortinac/9.4.0/administration-guide/19358/email-sms

HSTS default enabling (838556)

HSTS for the Admin GUI is enabled by default in versions 9.4.5+, 7.2.4+, and 7.4.0+.

AV agent monitoring (759481)

Previous versions of FortiNAC only checked for Antivirus compliance within the Windows Defender AV product. v9.4.0 adds an option to choose "Security-Center" in the Windows AV category for up-to-date virus definitions, providing compliant protection for those Windows running end points.

Kerberos Support (699487)

v9.4.0 adds Kerberos support for admin and for user authentication on FortiNAC-CA, as well as admin authentication on FNAC-M.

Enhancements
RADIUS Logging and Dashboard (744581, 751403)

Version 9.4.0 has made it easier to authenticate large numbers of users with 802.1x. With concise information on the dashboard to see pass/fails of 802.1x/MAB authentication, v9.4.0 gives at-a-glance insight. Importantly, logs of failed authentications can be exported.

In the GUI, see: Network > RADIUS > Activity

For information in the administration guide, see: https://docs.fortinet.com/document/fortinac/9.4.0/administration-guide/270902/activity

Azure Document update (667439)

Updated and enhanced FortiNAC Azure deployment guide. See: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/3c52cb13-d573-11e9-8977-00505692583a/FortiNAC-8.6.0-Azure_Deployment_Guide.pdf

Device support
Huawei Wireless LAN Controllers AC 6605, 6005 and 6508 (592592, 566257)

FortiNAC v9.4.0 adds device support for Huawei AC-6005-8 Wireless Controller.

Palo Alto VPN (606729)

Added support for Palo Alto VPN.

Add User Organizational Unit OU LDAP mapping in User/Host Profile (699857)

Added User Organizational Unit "OU" LDAP mapping in User/Host profile. FortiNAC sends OU along with FortiGate Device Tag and User Group via FSSO communication with FortiGate.

UI
New dashboard widgets (615850)

The Recent Hosts widget displays newly discovered hosts by type.

The Top Host Activity widget displays the hosts with the most connection activity over a configurable period of time.

The Logical Network Access widget displays all Hosts that had access to each Logical Network over a configurable period of time.

The RADIUS widget displays success/failure information over specified time frames.

What's new in FortiNAC 9.4

What's new in FortiNAC 9.4

New features
User Group Support with FortiAuthenticator RADIUS Integrations (715957, 713515)

Version 9.4.0 has made it easier to use FortiAuthenticator with FortiNAC for RADIUS integrations. Administrators will no longer be forced to change their FortiAuthenticator configuration when connecting to FortiNAC. New enhancements allow FortiNAC to receive user groups from FortiAuthenticator during the RADIUS authentication process.

For details, see "Fortinet-Group-Name" under RADIUS section of the Administration Guide.

https://docs.fortinet.com/document/fortinac/9.4.0/administration-guide/214558/radius

SMS Gateway (586499)

FortiNAC has the ability to send SMS messages to administrators, guests or users. Previous versions of FortiNAC only supported the Mail to SMS method; now, FortiNAC adds support for API/HTTPS-based SMS gateway integration. FortiNAC 9.4.0 has built-in integration with cloud-based SMS providers such as Twilio, and LDAP group mapping for sponsors.

In the GUI, see: Network > Service Connectors > Email/SMS

See information in the Administration Guide: https://docs.fortinet.com/document/fortinac/9.4.0/administration-guide/19358/email-sms

HSTS default enabling (838556)

HSTS for the Admin GUI is enabled by default in versions 9.4.5+, 7.2.4+, and 7.4.0+.

AV agent monitoring (759481)

Previous versions of FortiNAC only checked for Antivirus compliance within the Windows Defender AV product. v9.4.0 adds an option to choose "Security-Center" in the Windows AV category for up-to-date virus definitions, providing compliant protection for those Windows running end points.

Kerberos Support (699487)

v9.4.0 adds Kerberos support for admin and for user authentication on FortiNAC-CA, as well as admin authentication on FNAC-M.

Enhancements
RADIUS Logging and Dashboard (744581, 751403)

Version 9.4.0 has made it easier to authenticate large numbers of users with 802.1x. With concise information on the dashboard to see pass/fails of 802.1x/MAB authentication, v9.4.0 gives at-a-glance insight. Importantly, logs of failed authentications can be exported.

In the GUI, see: Network > RADIUS > Activity

For information in the administration guide, see: https://docs.fortinet.com/document/fortinac/9.4.0/administration-guide/270902/activity

Azure Document update (667439)

Updated and enhanced FortiNAC Azure deployment guide. See: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/3c52cb13-d573-11e9-8977-00505692583a/FortiNAC-8.6.0-Azure_Deployment_Guide.pdf

Device support
Huawei Wireless LAN Controllers AC 6605, 6005 and 6508 (592592, 566257)

FortiNAC v9.4.0 adds device support for Huawei AC-6005-8 Wireless Controller.

Palo Alto VPN (606729)

Added support for Palo Alto VPN.

Add User Organizational Unit OU LDAP mapping in User/Host Profile (699857)

Added User Organizational Unit "OU" LDAP mapping in User/Host profile. FortiNAC sends OU along with FortiGate Device Tag and User Group via FSSO communication with FortiGate.

UI
New dashboard widgets (615850)

The Recent Hosts widget displays newly discovered hosts by type.

The Top Host Activity widget displays the hosts with the most connection activity over a configurable period of time.

The Logical Network Access widget displays all Hosts that had access to each Logical Network over a configurable period of time.

The RADIUS widget displays success/failure information over specified time frames.