Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Managed Switch Release Notes

    Home FortiSwitch 7.0.8 Managed Switch Release Notes
    7.0.8
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0

    Introduction

    Introduction

    This document provides the following information for FortiSwitchOS 7.0.5 devices managed by FortiOS 7.0.8 build 0418:

    See the Fortinet Document Library for Managed FortiSwitch documentation.

    Refer to the FortiLink Compatibility matrix to find which FortiSwitchOS versions support which FortiOS versions.

    NOTE: FortiLink is not supported in transparent mode.

    The maximum number of supported FortiSwitch units depends on the FortiGate model:

    FortiGate Model Range Number of FortiSwitch Units Supported
    FortiGate 40F, FortiGate-VM01 8
    FortiGate 60F, 6xE, 80F, 8xE, 90E, 91E 16
    FortiGate 100D, FortiGate-VM02 24
    FortiGate 100E, 100EF, 100F, 101E, 140E, 140E-POE 32
    FortiGate 200E, 201E 64
    FortiGate 300D to 500D 48
    FortiGate 300E to 500E 72
    FortiGate 600D to 900D and FortiGate-VM04 64
    FortiGate 600E to 900E 96
    FortiGate 1000D to 15xxD 128
    FortiGate 1100E to 26xxF 196
    FortiGate-3xxx and up and FortiGate-VM08 and up 300

    note icon New models (NPI releases) might not support FortiLink. Contact Customer Service & Support to check support for FortiLink.

    What’s new in FortiOS 7.0.8

    The following list contains new managed FortiSwitch features added in FortiOS 7.0.8:

    • The commands for flooding IGMP reports and flooding multicast traffic on a specified managed switch interface have changed from:

      config switch-controller managed-switch

      edit <FortiSwitch_serial_number>

      config ports

      edit <port_name>

      set igmps-flood-reports {disable | enable}

      set igmps-flood-traffic {disable | enable}

      next

      end

      to:

      config switch-controller managed-switch

      edit <FortiSwitch_serial_number>

      config ports

      edit <port_name>

      set igmp-snooping-flood-reports {disable | enable}

      set mcast-snooping-flood-traffic {disable | enable}

      next

      end

      For example:

      config switch-controller managed-switch

      edit S524DF4K15000024

      config ports

      edit port3

      set igmp-snooping-flood-reports enable

      set mcast-snooping-flood-traffic enable

      next

      end

    • A new test has been added to the FortiSwitch recommendations in the Security Fabric > Security Rating page to help optimize your network. The test checks the FortiSwitchOS version on the managed switches. If the FortiSwitchOS version is 7.0.0 or higher, FortiOS recommends using the strict tunnel mode, which enforces the use of strong encryption. If the managed switches are running an older firmware version, FortiOS recommends upgrading to FortiSwitchOS 7.0.0 or higher.

      To set the tunnel mode to strict in FortiOS:

      config switch-controller system

      set tunnel-mode strict

      end

    • You can now use the FortiOS CLI to specify how often the managed FortiSwitch unit will send IGMP version-2 queries when the IGMP-snooping querier is configured:

      config switch-controller igmp-snooping

      set query-interval <10-1200>

      end

      By default, queries are sent every 125 seconds. The value for aging-time must be greater than the value for query-interval.

    • You can now add software switch interfaces for the incoming and outgoing interfaces when you create a new IPv4 or IPv6 multicast policy by going to Policy & Objects > Multicast Policy and clicking Create New. The members must belong to an explicit intra-switch-policy switch interface.

    • The FG-180xF and FG-260xF models can now manage 196 FortiSwitch units.

    Previous
    Next

    Introduction

    Introduction

    This document provides the following information for FortiSwitchOS 7.0.5 devices managed by FortiOS 7.0.8 build 0418:

    See the Fortinet Document Library for Managed FortiSwitch documentation.

    Refer to the FortiLink Compatibility matrix to find which FortiSwitchOS versions support which FortiOS versions.

    NOTE: FortiLink is not supported in transparent mode.

    The maximum number of supported FortiSwitch units depends on the FortiGate model:

    FortiGate Model Range Number of FortiSwitch Units Supported
    FortiGate 40F, FortiGate-VM01 8
    FortiGate 60F, 6xE, 80F, 8xE, 90E, 91E 16
    FortiGate 100D, FortiGate-VM02 24
    FortiGate 100E, 100EF, 100F, 101E, 140E, 140E-POE 32
    FortiGate 200E, 201E 64
    FortiGate 300D to 500D 48
    FortiGate 300E to 500E 72
    FortiGate 600D to 900D and FortiGate-VM04 64
    FortiGate 600E to 900E 96
    FortiGate 1000D to 15xxD 128
    FortiGate 1100E to 26xxF 196
    FortiGate-3xxx and up and FortiGate-VM08 and up 300

    note icon New models (NPI releases) might not support FortiLink. Contact Customer Service & Support to check support for FortiLink.

    What’s new in FortiOS 7.0.8

    The following list contains new managed FortiSwitch features added in FortiOS 7.0.8:

    • The commands for flooding IGMP reports and flooding multicast traffic on a specified managed switch interface have changed from:

      config switch-controller managed-switch

      edit <FortiSwitch_serial_number>

      config ports

      edit <port_name>

      set igmps-flood-reports {disable | enable}

      set igmps-flood-traffic {disable | enable}

      next

      end

      to:

      config switch-controller managed-switch

      edit <FortiSwitch_serial_number>

      config ports

      edit <port_name>

      set igmp-snooping-flood-reports {disable | enable}

      set mcast-snooping-flood-traffic {disable | enable}

      next

      end

      For example:

      config switch-controller managed-switch

      edit S524DF4K15000024

      config ports

      edit port3

      set igmp-snooping-flood-reports enable

      set mcast-snooping-flood-traffic enable

      next

      end

    • A new test has been added to the FortiSwitch recommendations in the Security Fabric > Security Rating page to help optimize your network. The test checks the FortiSwitchOS version on the managed switches. If the FortiSwitchOS version is 7.0.0 or higher, FortiOS recommends using the strict tunnel mode, which enforces the use of strong encryption. If the managed switches are running an older firmware version, FortiOS recommends upgrading to FortiSwitchOS 7.0.0 or higher.

      To set the tunnel mode to strict in FortiOS:

      config switch-controller system

      set tunnel-mode strict

      end

    • You can now use the FortiOS CLI to specify how often the managed FortiSwitch unit will send IGMP version-2 queries when the IGMP-snooping querier is configured:

      config switch-controller igmp-snooping

      set query-interval <10-1200>

      end

      By default, queries are sent every 125 seconds. The value for aging-time must be greater than the value for query-interval.

    • You can now add software switch interfaces for the incoming and outgoing interfaces when you create a new IPv4 or IPv6 multicast policy by going to Policy & Objects > Multicast Policy and clicking Create New. The members must belong to an explicit intra-switch-policy switch interface.

    • The FG-180xF and FG-260xF models can now manage 196 FortiSwitch units.

    Previous
    Next