Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.6.5
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiSOAR 7.6.5 Release Notes
    7.6.5
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.5.3
    7.5.2
    7.5.1
    7.5.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.3.3
    7.3.2
    7.3.1
    7.3.0
    7.2.2
    7.2.1
    7.2.0
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.4
    6.4.3
    6.4.1
    6.4.0
    6.0.0

    Upgrade Information

    Upgrade Information

    You can upgrade your FortiSOAR enterprise instance, High Availability (HA) cluster, or a distributed multi-tenant configuration to release 7.6.5 with the following guidance.

    Note

    The FortiSOAR UI displays a notification when a new General Availability (GA) release is available. The notification includes a direct link to the release notes for more details.

    Before You Upgrade

    The upgrade process will temporarily take your FortiSOAR application offline. During this time, users will not be able to access or log in to the platform.

    To ensure a smooth upgrade:

    • Notify users: Inform all users in advance about the planned maintenance window and expected downtime.
    • Stop active processes: Confirm that no critical playbooks, automations, or integrations are running before starting the upgrade.
    • Back up your system: Perform backup of the FortiSOAR database and configuration to prevent data loss in case of unexpected issues.
    • Confirm prerequisites: Verify that your environment meets all system requirements (OS version, disk space, dependencies, etc.).

    Downgrading to previous firmware versions

    Downgrading to previous firmware versions is not supported.

    Upgrade Path

    The following table provides version compatibility between FortiSOAR components and the supported upgrade paths:

    Enterprise or MSSP Master Node Supported Upgrade Compatible Tenant Node Compatible Agent Compatible SME

    7.6.5 (c)

    7.6.4-7.6.0
    7.5.2 -7.5.0

    7.6.4 -7.6.0
    7.5.2 -7.5.0

    Note: When upgrading to FortiSOAR 7.6.5 without upgrading the FortiSOARAgents, users must also upgrade the Utilities Connector on the FortiSOAR Agent to ensure proper functionality.
    7.6.4 (c) 7.6.3-7.6.0
    7.5.2-7.5.0

    7.6.4 -7.6.0
    7.5.2 -7.5.0

    Note:Upgrade-only releases, such as 7.6.3 and 7.5.2, do not support upgrading external SMEs to these versions.
    7.6.3 (5) (c)
    (upgrade-only release)    		 7.6.2-7.5.0 7.6.3 -7.6.0,
    7.5.2-7.5.0    		 7.6.2 -7.6.0,
    7.5.1-7.5.0
    7.6.2 (b) (c) 7.6.1-7.5.0 7.6.2-7.6.0
    7.6.1 7.6.0-7.5.0 7.6.1, 7.6.0
    7.6.0 7.5.2-7.5.0 7.6.0, 7.5.0
    7.5.2 (5)
    (upgrade-only release)    		 7.5.0, 7.5.1 7.5.2-7.5.0 7.5.1, 7.5.0
    7.5.1
    (upgrade-only release)    		 7.5.0 7.5.1, 7.5.0,
    7.4.5 -7.4.0
    7.5.0 7.4.5- 7.4.0 7.5.0,
    7.4.5-7.4.0
    7.4.5 (4)
    (upgrade-only release)    		 7.4.4, 7.4.3 7.4.5-7.4.0
    7.4.4 (4)
    (upgrade-only release)    		 7.4.3-7.4.0 7.4.4-7.4.0
    7.4.3 (a) (4)
    (upgrade-only release)    		 7.4.2-7.4.0 7.4.3-7.4.0
    7.4.2 (4) 7.4.1, 7.4.0 7.4.2-7.4.0
    7.4.1 (3) 7.4.0 7.4.1, 7.4.0,
    7.3.2
    7.4.0 7.3.3-7.3.0 7.4.0,
    7.3.2
    7.3.3 (2)
    (upgrade-only release)    		 7.3.2, 7.3.1 7.3.3-7.3.1
    7.3.2 (2)
    (upgrade-only release)    		 7.3.1, 7.3.0 7.3.2-7.3.0
    7.3.1 (1) 7.3.0 7.3.1, 7.3.0
    7.3.0
    (for upgrade and migration support)    		 7.2.2, 7.2.1 7.3.0

    Upgrade Notes:

    • Upgrade-only releases contain critical usability and security enhancements. We advise users to upgrade their FortiSOAR setups to the latest releases corresponding to their installed FortiSOAR versions.
    • (c) Upgrading from release 7.6.1 to a later release (for example, 7.6.4, 7.6.5 and later) causes the Utilities Connector 'Create an attachment from file' action to fail. A workaround for this issue is described in the Known Issues and Workarounds chapter.
      Additionally, after upgrading from release 7.6.1, the TAXII server configuration is automatically disabled. If the TAXII server is required, manually re-enable it. For more information, see the Threat Intel Management Solution Pack documentation.
    • (b) If you are upgrading your FortiSOAR HA cluster from releases 7.6.0, 7.5.2, 7.5.1, or 7.5.0 to release 7.6.1 or later, follow the steps in the Upgrading to releases prior to 7.6.1 topic. If you are upgrading your FortiSOAR HA cluster from release 7.6.1 or later to release 7.6.2 or any subsequent release such as releases, 7.6.3, 7.6.4, 7.6.5, you can use the 'rolling upgrades' process. Steps for rolling upgrade are mentioned in the Upgrading to releases post 7.6.1 topic.
      The 'rolling upgrade' process, which minimizes downtime for high availability (HA) clusters, is not supported for Docker images.
    • (a) Release 7.4.3 addresses a critical issue of connectors not working after backup and restore due to missing 'Python' dependencies, which affects fresh installations of FortiSOAR 7.4.2. Therefore, it is highly recommended to upgrade fresh installations of 7.4.2 instances to 7.4.3.

    Compatibility Notes:

    (1) No incompatibility issues were observed in MSSP use cases; however, the 'Manual Input' step operates differently in systems that have a lower-version tenant node and a higher-version master node since, FortiSOAR release 7.3.1 has an enhanced UI and upgraded functionality.

    (2) No incompatibility issues were observed in MSSP use cases; however, in FortiSOAR release 7.3.1, the 'Complete' playbook environment can be passed to child playbooks, which was not possible in earlier versions, leading to some differences in systems that have a lower-version tenant node and a higher-version master node.

    (3) Pushing approval playbooks from FortiSOAR release 7.4.1 master node to a lower-version tenant node is not supported. In such cases, the playbook is not visible on the tenant node, and neither will FortiSOAR display any error.

    (4) No incompatibility issues were observed between versions 7.4.2 , 7.4.3, and 7.4.4 of the FortiSOAR enterprise/MSSP-master and FSR agent, Secure Message Exchange (SME), or MSSP-tenants.
    However, it is important to consider the following when using versions 7.4.2, 7.4.3, or 7.4.4 of the FortiSOAR enterprise/MSSP-master with 7.4.0 or 7.4.1 versions of FSR agent or MSSP-tenants:
    In the case of MSSP environments, it is recommended that you upgrade both the master and tenant nodes to release 7.4.4 or 7.4.3. If your master and tenant nodes are both not upgraded to release 7.4.4 or 7.4.3, take note of the following:

    • Ensure that you synchronize records along with their relationships when you use the 'Sync Records' feature, if your master node is on release 7.4.2 or later, and your tenant nodes are on releases earlier than 7.4.2, such as 7.4.1 or 7.4.0.
    • To download 'FSR Agent/Tenant node' logs, both the master and agent/tenant must be on release 7.4.2 or later. If the master node is on release 7.4.2 or later, and the agent is on a release earlier than 7.4.2, the log download is unsuccessful and returns an error such as "For agents, log collection is accessible on version 7.4.2 and beyond" .
    • Replication from a tenant node that is on release 7.4.1 or 7.4.0 to a master node that is on release 7.4.2 or later will not fail if related records are not present on the master node. However, in the same case, replication from the master node to tenant nodes will fail if related records are not present on the tenant node.
    • The update record request fails when the record is unavailable at the replicated end when a tenant node is on release 7.4.1 or 7.4.0 and the master node is on release 7.4.2 or later.

    (5) Releases 7.5.2 and 7.6.3 are upgrade-only releases and upgrading an external FortiSOAR SME to both these releases are not supported.

    Upgrade Procedure

    Note

    During the upgrade, you are prompted to reset the root password and confirm it. If the two entries match, the password is updated successfully. If they do not match, the prompt is displayed again. If you cancel the prompt by entering n, the upgrade continues without resetting the root password. You are allowed up to three attempts to enter matching passwords. If all attempts are exhausted, the upgrade task is marked as failed.
    Carefully review and respond to all upgrade prompts. If the root password reset step is missed, the password must be reset later from the VM console. Refer to the Red Hat or Rocky Linux documentation for instructions on resetting the root password.
    Note: After login, the 'csadm' user is assigned limited sudo privileges. For security reasons, 'root' access is provided via the system console and is not available over SSH.
    For detailed procedures on upgrading FortiSOAR, see the "Upgrade Guide"

    After the Upgrade

    Once the upgrade is complete, perform these checks to ensure system stability and optimal performance:

    • Clear browser cache: Clear your cache and log out before signing back in to avoid any UI or functionality issues.
    • Verify key functions: Review key system areas such as playbook audit logs, user access, and automation services.
    • Validate integrations: Confirm that all connectors, integrations, and scheduled jobs are working properly.
    • Monitor performance: Observe system health metrics and logs for any irregular behavior in the hours following the upgrade.
    Previous
    Next

    Upgrade Information

    Upgrade Information

    You can upgrade your FortiSOAR enterprise instance, High Availability (HA) cluster, or a distributed multi-tenant configuration to release 7.6.5 with the following guidance.

    Note

    The FortiSOAR UI displays a notification when a new General Availability (GA) release is available. The notification includes a direct link to the release notes for more details.

    Before You Upgrade

    The upgrade process will temporarily take your FortiSOAR application offline. During this time, users will not be able to access or log in to the platform.

    To ensure a smooth upgrade:

    • Notify users: Inform all users in advance about the planned maintenance window and expected downtime.
    • Stop active processes: Confirm that no critical playbooks, automations, or integrations are running before starting the upgrade.
    • Back up your system: Perform backup of the FortiSOAR database and configuration to prevent data loss in case of unexpected issues.
    • Confirm prerequisites: Verify that your environment meets all system requirements (OS version, disk space, dependencies, etc.).

    Downgrading to previous firmware versions

    Downgrading to previous firmware versions is not supported.

    Upgrade Path

    The following table provides version compatibility between FortiSOAR components and the supported upgrade paths:

    Enterprise or MSSP Master Node Supported Upgrade Compatible Tenant Node Compatible Agent Compatible SME

    7.6.5 (c)

    7.6.4-7.6.0
    7.5.2 -7.5.0

    7.6.4 -7.6.0
    7.5.2 -7.5.0

    Note: When upgrading to FortiSOAR 7.6.5 without upgrading the FortiSOARAgents, users must also upgrade the Utilities Connector on the FortiSOAR Agent to ensure proper functionality.
    7.6.4 (c) 7.6.3-7.6.0
    7.5.2-7.5.0

    7.6.4 -7.6.0
    7.5.2 -7.5.0

    Note:Upgrade-only releases, such as 7.6.3 and 7.5.2, do not support upgrading external SMEs to these versions.
    7.6.3 (5) (c)
    (upgrade-only release)    		 7.6.2-7.5.0 7.6.3 -7.6.0,
    7.5.2-7.5.0    		 7.6.2 -7.6.0,
    7.5.1-7.5.0
    7.6.2 (b) (c) 7.6.1-7.5.0 7.6.2-7.6.0
    7.6.1 7.6.0-7.5.0 7.6.1, 7.6.0
    7.6.0 7.5.2-7.5.0 7.6.0, 7.5.0
    7.5.2 (5)
    (upgrade-only release)    		 7.5.0, 7.5.1 7.5.2-7.5.0 7.5.1, 7.5.0
    7.5.1
    (upgrade-only release)    		 7.5.0 7.5.1, 7.5.0,
    7.4.5 -7.4.0
    7.5.0 7.4.5- 7.4.0 7.5.0,
    7.4.5-7.4.0
    7.4.5 (4)
    (upgrade-only release)    		 7.4.4, 7.4.3 7.4.5-7.4.0
    7.4.4 (4)
    (upgrade-only release)    		 7.4.3-7.4.0 7.4.4-7.4.0
    7.4.3 (a) (4)
    (upgrade-only release)    		 7.4.2-7.4.0 7.4.3-7.4.0
    7.4.2 (4) 7.4.1, 7.4.0 7.4.2-7.4.0
    7.4.1 (3) 7.4.0 7.4.1, 7.4.0,
    7.3.2
    7.4.0 7.3.3-7.3.0 7.4.0,
    7.3.2
    7.3.3 (2)
    (upgrade-only release)    		 7.3.2, 7.3.1 7.3.3-7.3.1
    7.3.2 (2)
    (upgrade-only release)    		 7.3.1, 7.3.0 7.3.2-7.3.0
    7.3.1 (1) 7.3.0 7.3.1, 7.3.0
    7.3.0
    (for upgrade and migration support)    		 7.2.2, 7.2.1 7.3.0

    Upgrade Notes:

    • Upgrade-only releases contain critical usability and security enhancements. We advise users to upgrade their FortiSOAR setups to the latest releases corresponding to their installed FortiSOAR versions.
    • (c) Upgrading from release 7.6.1 to a later release (for example, 7.6.4, 7.6.5 and later) causes the Utilities Connector 'Create an attachment from file' action to fail. A workaround for this issue is described in the Known Issues and Workarounds chapter.
      Additionally, after upgrading from release 7.6.1, the TAXII server configuration is automatically disabled. If the TAXII server is required, manually re-enable it. For more information, see the Threat Intel Management Solution Pack documentation.
    • (b) If you are upgrading your FortiSOAR HA cluster from releases 7.6.0, 7.5.2, 7.5.1, or 7.5.0 to release 7.6.1 or later, follow the steps in the Upgrading to releases prior to 7.6.1 topic. If you are upgrading your FortiSOAR HA cluster from release 7.6.1 or later to release 7.6.2 or any subsequent release such as releases, 7.6.3, 7.6.4, 7.6.5, you can use the 'rolling upgrades' process. Steps for rolling upgrade are mentioned in the Upgrading to releases post 7.6.1 topic.
      The 'rolling upgrade' process, which minimizes downtime for high availability (HA) clusters, is not supported for Docker images.
    • (a) Release 7.4.3 addresses a critical issue of connectors not working after backup and restore due to missing 'Python' dependencies, which affects fresh installations of FortiSOAR 7.4.2. Therefore, it is highly recommended to upgrade fresh installations of 7.4.2 instances to 7.4.3.

    Compatibility Notes:

    (1) No incompatibility issues were observed in MSSP use cases; however, the 'Manual Input' step operates differently in systems that have a lower-version tenant node and a higher-version master node since, FortiSOAR release 7.3.1 has an enhanced UI and upgraded functionality.

    (2) No incompatibility issues were observed in MSSP use cases; however, in FortiSOAR release 7.3.1, the 'Complete' playbook environment can be passed to child playbooks, which was not possible in earlier versions, leading to some differences in systems that have a lower-version tenant node and a higher-version master node.

    (3) Pushing approval playbooks from FortiSOAR release 7.4.1 master node to a lower-version tenant node is not supported. In such cases, the playbook is not visible on the tenant node, and neither will FortiSOAR display any error.

    (4) No incompatibility issues were observed between versions 7.4.2 , 7.4.3, and 7.4.4 of the FortiSOAR enterprise/MSSP-master and FSR agent, Secure Message Exchange (SME), or MSSP-tenants.
    However, it is important to consider the following when using versions 7.4.2, 7.4.3, or 7.4.4 of the FortiSOAR enterprise/MSSP-master with 7.4.0 or 7.4.1 versions of FSR agent or MSSP-tenants:
    In the case of MSSP environments, it is recommended that you upgrade both the master and tenant nodes to release 7.4.4 or 7.4.3. If your master and tenant nodes are both not upgraded to release 7.4.4 or 7.4.3, take note of the following:

    • Ensure that you synchronize records along with their relationships when you use the 'Sync Records' feature, if your master node is on release 7.4.2 or later, and your tenant nodes are on releases earlier than 7.4.2, such as 7.4.1 or 7.4.0.
    • To download 'FSR Agent/Tenant node' logs, both the master and agent/tenant must be on release 7.4.2 or later. If the master node is on release 7.4.2 or later, and the agent is on a release earlier than 7.4.2, the log download is unsuccessful and returns an error such as "For agents, log collection is accessible on version 7.4.2 and beyond" .
    • Replication from a tenant node that is on release 7.4.1 or 7.4.0 to a master node that is on release 7.4.2 or later will not fail if related records are not present on the master node. However, in the same case, replication from the master node to tenant nodes will fail if related records are not present on the tenant node.
    • The update record request fails when the record is unavailable at the replicated end when a tenant node is on release 7.4.1 or 7.4.0 and the master node is on release 7.4.2 or later.

    (5) Releases 7.5.2 and 7.6.3 are upgrade-only releases and upgrading an external FortiSOAR SME to both these releases are not supported.

    Upgrade Procedure

    Note

    During the upgrade, you are prompted to reset the root password and confirm it. If the two entries match, the password is updated successfully. If they do not match, the prompt is displayed again. If you cancel the prompt by entering n, the upgrade continues without resetting the root password. You are allowed up to three attempts to enter matching passwords. If all attempts are exhausted, the upgrade task is marked as failed.
    Carefully review and respond to all upgrade prompts. If the root password reset step is missed, the password must be reset later from the VM console. Refer to the Red Hat or Rocky Linux documentation for instructions on resetting the root password.
    Note: After login, the 'csadm' user is assigned limited sudo privileges. For security reasons, 'root' access is provided via the system console and is not available over SSH.
    For detailed procedures on upgrading FortiSOAR, see the "Upgrade Guide"

    After the Upgrade

    Once the upgrade is complete, perform these checks to ensure system stability and optimal performance:

    • Clear browser cache: Clear your cache and log out before signing back in to avoid any UI or functionality issues.
    • Verify key functions: Review key system areas such as playbook audit logs, user access, and automation services.
    • Validate integrations: Confirm that all connectors, integrations, and scheduled jobs are working properly.
    • Monitor performance: Observe system health metrics and logs for any irregular behavior in the hours following the upgrade.
    Previous
    Next