Fortinet black logo

Release Notes

Home FortiSOAR Cloud 7.0.2 Release Notes

Special Notices

7.0.2
7.5.0
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.3.2
7.3.1
7.3.0
7.2.2
7.2.1
7.2.0
7.0.2
7.0.1
7.0.0
Copy Link
Copy Doc ID 880f5de3-1d0b-11ec-8c53-00505692583a:683254
Download PDF

Special Notices

This section highlights some of the operational changes that administrators should be aware of in FortiSOAR Cloud version 7.0.2.

FortiCloud Premium license

The FortiSOAR Cloud portal checks for the FortiCloud Premium license. If the FortiSOAR Cloud license is valid, but the FortiCloud Premium license is expired, a warning is displayed as shown in the following image:

Warning displayed when the FortiCloud Premium license is expired

To access the portal, renew the FortiCloud Premium license.

Client Certificate Authentication

From version 7.0.2 onwards, you can use client certificate based authentication to create connections between the distributed tenants or FSR agents and the secure message exchange. Prior to the 7.0.2 release, basic authentication using username and password was used to create connections between distributed tenants and secure message exchange. Going forward, you can configure the following types of authentications in FortiSOAR Cloud to connect distributed tenants or FSR agents and secure message exchange:

  • Basic Authentication with Peer Verification: Uses username and password to create connections between FSR agents or distributed tenants and secure message exchange, and also performs 'Certificate Verification'. This process will verify that the clients which are attempting to connect can be trusted by presenting a certificate that is signed by a CA and trusted by the server; thereby ensuring that only trusted clients can connect to the secure message exchange.
  • Client Certificate Authentication: Presents a certificate to the server which is signed by a trusted CA. It is recommended that you create the certificate with the common name as the name of your agent or tenant. This provides enhanced security as this gives the facility to connect only to trusted clients.

In case of FortiSOAR Cloud you always require that clients that want to connect to secure message exchange must present the client certificate to the secure message exchange for verification, i.e., the mutual TLS (mTLS) is always enabled. In case of FortiSOAR Cloud, client certificates for secure message exchange and FSR agents are added by default, so you do not require to explicitly add the certificates. Also, in case of FSR agents, you need to reconfigure FSR agents by downloading the installer; however, the installer will contain auto-generated certificates. For more information, see the Deploying FortiSOAR chapter in the "FortiSOAR Deployment Guide" and the FortiSOAR Admin CLI chapter in the "FortiSOAR Administration Guide".

Previous
Next

Special Notices

This section highlights some of the operational changes that administrators should be aware of in FortiSOAR Cloud version 7.0.2.

FortiCloud Premium license

The FortiSOAR Cloud portal checks for the FortiCloud Premium license. If the FortiSOAR Cloud license is valid, but the FortiCloud Premium license is expired, a warning is displayed as shown in the following image:

Warning displayed when the FortiCloud Premium license is expired

To access the portal, renew the FortiCloud Premium license.

Client Certificate Authentication

From version 7.0.2 onwards, you can use client certificate based authentication to create connections between the distributed tenants or FSR agents and the secure message exchange. Prior to the 7.0.2 release, basic authentication using username and password was used to create connections between distributed tenants and secure message exchange. Going forward, you can configure the following types of authentications in FortiSOAR Cloud to connect distributed tenants or FSR agents and secure message exchange:

  • Basic Authentication with Peer Verification: Uses username and password to create connections between FSR agents or distributed tenants and secure message exchange, and also performs 'Certificate Verification'. This process will verify that the clients which are attempting to connect can be trusted by presenting a certificate that is signed by a CA and trusted by the server; thereby ensuring that only trusted clients can connect to the secure message exchange.
  • Client Certificate Authentication: Presents a certificate to the server which is signed by a trusted CA. It is recommended that you create the certificate with the common name as the name of your agent or tenant. This provides enhanced security as this gives the facility to connect only to trusted clients.

In case of FortiSOAR Cloud you always require that clients that want to connect to secure message exchange must present the client certificate to the secure message exchange for verification, i.e., the mutual TLS (mTLS) is always enabled. In case of FortiSOAR Cloud, client certificates for secure message exchange and FSR agents are added by default, so you do not require to explicitly add the certificates. Also, in case of FSR agents, you need to reconfigure FSR agents by downloading the installer; however, the installer will contain auto-generated certificates. For more information, see the Deploying FortiSOAR chapter in the "FortiSOAR Deployment Guide" and the FortiSOAR Admin CLI chapter in the "FortiSOAR Administration Guide".

Previous
Next