Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiTester 7.2.0 Administration Guide
    7.2.0
    7.4.2
    7.4.1
    7.4.0
    7.3.2
    7.3.0
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.0
    7.0.0

    What’s new in FortiTester 7.2.0

    What’s new in FortiTester 7.2.0

    FortiTester 7.2.0 offers the following new features and enhancements:

    Support ATT&CK V10 Breach Simulation

    FortiTester v7.2 comes with a new MITRE ATT&CK framework supporting MITRE matrix v10 and sub-techniques, released as beta and running concurrently with the previous v6 matrix. Users are encouraged to try and migrate to this version. Note: The two versions (v6 and v10) are not compatible. Here’s an overview of differences between different versions:

    FortiTester v3.9/4.x/7.0/7.1

    FortiTester v7.2

    Comments

    MITRE ATT&CK matrix version

    V6

    V10

    Sub-techniques support

    No

    Yes

    End point agents support

    Windows only

    Windows / MAC / Linux

    Number of techniques (Abilities)

    26 default

    300+ total

    95 default

    200+ total

    More updates will be made available for v10 via FortiGuard

    Default Campaigns (Adversaries)

    4

    (Credential Dumping, Execution_Through_API, PowerShell, Scheduled_Task)

    8

    (Check Systems Environment, Create Exfiltrate Directory, User and Domain information Extraction, Process Enumeration, Signed Binary Proxy Execution, Find and Exfiltrate files, Install Powershell, Bypass UAC User Access control on Windows)

    Exfiltrate files

    Separate server on network

    FortiTester

    New ATT&CK v10 menu

    MITRE v10 with sub-techniques support:

    Separation of Test Case ports and physical ports

    This new feature allows configuration export/import between different models.

    Previous v7.2 Fortitester configuration could only be exported/imported between the same model. In v7.2 this limitation is removed, made possible with the use of Test Case ports mapping to physical ports in tests. With this change, FortiTester introduces new objects, such as port mapping and port settings.

    Allocation of extra vCPUs for VMs

    FortiTester v7.2 allows for the allocation of two extra vCPUs more than total licensed vCPU for system management. For example, a VM04 can use 4 vCPU for traffic generation and an extra 2 vCPU's for system management.

    Support of Virtual Router in SSLVPN testing

    SSLVPN case include CPS, RPS, CC and Throughput now supports Virtual Router. VR is useful in public cloud testing where IP assignment is limited (e.g. AWS public cloud). Now, many SSLVPN client IP's can be simulated using VR.

    Improved Report generation time

    Report generation for longer tests cases (e.g. couple of hours up to days) received improvements in report generation time.

    New DNS Zone Transfer support

    Added DNS-AXFR case. This simulates attacker use of AXFR zone transfer as an attack vector for DDoS attacks. This new feature establishes a TCP connection (three-way handshake), simulates a DNS zone transfer (AXFR), and closes the TCP connection.

    Single Packet control for DDoS testing

    In previous version DDoS tests uses system default ‘mix’ of attacks (such as SYN_flood, FIN_Flood etc). Some parameters were set and not configurable by the user. In v7.2 a new single packet case option allows an advanced configuration item to refer Single Packet Group object. This feature is used to simulate a DDoS attack, specially related to the MIRAI attacks simulation.

    Supports IBM Public cloud platform

    New platform IBM released for FortiTester.

    New ICMP test

    Added ICMP Case. This allows FortiTester to generate ICMP traffic with different settings such as packet size etc, to test DUT’s capability to parse/route ICMP traffic, offering a ‘flood’ option to send simultaneous pings within configured time interval (up to 600ms).

    Previous
    Next

    What’s new in FortiTester 7.2.0

    What’s new in FortiTester 7.2.0

    FortiTester 7.2.0 offers the following new features and enhancements:

    Support ATT&CK V10 Breach Simulation

    FortiTester v7.2 comes with a new MITRE ATT&CK framework supporting MITRE matrix v10 and sub-techniques, released as beta and running concurrently with the previous v6 matrix. Users are encouraged to try and migrate to this version. Note: The two versions (v6 and v10) are not compatible. Here’s an overview of differences between different versions:

    FortiTester v3.9/4.x/7.0/7.1

    FortiTester v7.2

    Comments

    MITRE ATT&CK matrix version

    V6

    V10

    Sub-techniques support

    No

    Yes

    End point agents support

    Windows only

    Windows / MAC / Linux

    Number of techniques (Abilities)

    26 default

    300+ total

    95 default

    200+ total

    More updates will be made available for v10 via FortiGuard

    Default Campaigns (Adversaries)

    4

    (Credential Dumping, Execution_Through_API, PowerShell, Scheduled_Task)

    8

    (Check Systems Environment, Create Exfiltrate Directory, User and Domain information Extraction, Process Enumeration, Signed Binary Proxy Execution, Find and Exfiltrate files, Install Powershell, Bypass UAC User Access control on Windows)

    Exfiltrate files

    Separate server on network

    FortiTester

    New ATT&CK v10 menu

    MITRE v10 with sub-techniques support:

    Separation of Test Case ports and physical ports

    This new feature allows configuration export/import between different models.

    Previous v7.2 Fortitester configuration could only be exported/imported between the same model. In v7.2 this limitation is removed, made possible with the use of Test Case ports mapping to physical ports in tests. With this change, FortiTester introduces new objects, such as port mapping and port settings.

    Allocation of extra vCPUs for VMs

    FortiTester v7.2 allows for the allocation of two extra vCPUs more than total licensed vCPU for system management. For example, a VM04 can use 4 vCPU for traffic generation and an extra 2 vCPU's for system management.

    Support of Virtual Router in SSLVPN testing

    SSLVPN case include CPS, RPS, CC and Throughput now supports Virtual Router. VR is useful in public cloud testing where IP assignment is limited (e.g. AWS public cloud). Now, many SSLVPN client IP's can be simulated using VR.

    Improved Report generation time

    Report generation for longer tests cases (e.g. couple of hours up to days) received improvements in report generation time.

    New DNS Zone Transfer support

    Added DNS-AXFR case. This simulates attacker use of AXFR zone transfer as an attack vector for DDoS attacks. This new feature establishes a TCP connection (three-way handshake), simulates a DNS zone transfer (AXFR), and closes the TCP connection.

    Single Packet control for DDoS testing

    In previous version DDoS tests uses system default ‘mix’ of attacks (such as SYN_flood, FIN_Flood etc). Some parameters were set and not configurable by the user. In v7.2 a new single packet case option allows an advanced configuration item to refer Single Packet Group object. This feature is used to simulate a DDoS attack, specially related to the MIRAI attacks simulation.

    Supports IBM Public cloud platform

    New platform IBM released for FortiTester.

    New ICMP test

    Added ICMP Case. This allows FortiTester to generate ICMP traffic with different settings such as packet size etc, to test DUT’s capability to parse/route ICMP traffic, offering a ‘flood’ option to send simultaneous pings within configured time interval (up to 600ms).

    Previous
    Next