Select availability features
FortiSASE includes several features with select availability, which are features that are released but are not available by default for all customers. Following is a table that describes some of these features and the associated conditions when they are enabled on existing FortiSASE instances.
Select availability feature | Description | Enabled for new instances | Can be enabled for existing instances* | Associated conditions when enabled |
---|---|---|---|---|
Network restrictions removed | Support for removing network restrictions for customer networks. | Yes | Yes | When enabling this feature, FortiSASE service may be unavailable for brief periods of time. Up to a two-hour scheduled maintenance window required to complete the process. |
Remove VPN user identification |
Support unique SSL VPN IP address ranges per FortiSASE security PoP within the overall 100.65.0.0/16 range. Remove source NAT (SNAT) for remote VPN user traffic destined for secure private access hubs. |
Yes | Yes |
When enabling this feature, data loss may be possible. Resetting your FortiSASE instance to default may be required. If reset, your instance requires manual reconfiguration and a scheduled maintenance period to re-onboard remote users. |
Supporting external identity provider (IdP) users | External IdP users can log into FortiSASE with their company-provided user credentials using a third-party SAML IdP | No | Yes, limited beta in FortiCloud | Involves a transition period from using FortiCloud IAM users to using external IdP users. |
* A customer can request enabling a select availability feature for an existing FortiSASE instance by creating a new ticket with FortiCare Support.