Fortinet black logo

Administration Guide

Home FortiNDR 7.4.1 Administration Guide
7.4.1
7.4.6
7.4.5
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

New features and enhancements

New features and enhancements

The following is a summary of new features and enhancements in version 7.4.1. For details, see the FortiNDR 7.4.1 Administration Guide in the Document Library.

Internal External network identifier support

We have added Source Network and Destination Network columns to all NDR related tables.

The new Network columns allow you to filter the address based on the category of the IP, such as Internal, External (public addresses), Broadcast, Multicast address, Loopback, Reserved Address and Link-local Address. The filtering mechanism works for both IPv4 and IPv6 Addresses.

Download device inventory

A new Download button was added to the Device Inventory page. This allows you to download the most recent 5 million entries as a zipped file in a CSV format. Once you click the Download button, a window will pop up at the lower-right corner with the download status of the zip file. You can navigate away from the page while the download is still in progress. Once the download is complete, you will be prompted to close it.

MITRE Attack Widget

The MITRE attack widget maps network attacks and botnet under each MITRE attack tactics category. You can view data from different time frames (1 day, 1 week and 1 month) using the dropdown menu at the top-right corner of the page.

In the expanded view of this widget, a MITRE Attack matrix map will detail each specific MITRE attack tactic employed against the network.

Events API

We have added an new Events API to retrieve anomaly events. For more information, see the API guide in the FortiNDR Administration Guide.

Previous
Next

New features and enhancements

New features and enhancements

The following is a summary of new features and enhancements in version 7.4.1. For details, see the FortiNDR 7.4.1 Administration Guide in the Document Library.

Internal External network identifier support

We have added Source Network and Destination Network columns to all NDR related tables.

The new Network columns allow you to filter the address based on the category of the IP, such as Internal, External (public addresses), Broadcast, Multicast address, Loopback, Reserved Address and Link-local Address. The filtering mechanism works for both IPv4 and IPv6 Addresses.

Download device inventory

A new Download button was added to the Device Inventory page. This allows you to download the most recent 5 million entries as a zipped file in a CSV format. Once you click the Download button, a window will pop up at the lower-right corner with the download status of the zip file. You can navigate away from the page while the download is still in progress. Once the download is complete, you will be prompted to close it.

MITRE Attack Widget

The MITRE attack widget maps network attacks and botnet under each MITRE attack tactics category. You can view data from different time frames (1 day, 1 week and 1 month) using the dropdown menu at the top-right corner of the page.

In the expanded view of this widget, a MITRE Attack matrix map will detail each specific MITRE attack tactic employed against the network.

Events API

We have added an new Events API to retrieve anomaly events. For more information, see the API guide in the FortiNDR Administration Guide.

Previous
Next