What's new
FortiTester 7.3.0 offers the following new features and enhancements:
Sending random files based on user-uploaded files
FortiTester 7.3.0 supports sending random files based on user-uploaded files. It is supported in HTTP/HTTPS/HTTP2/FTP/TFTP/SMTP/POP3 cases.
To create a file object, go to Performance Testing > Object > Files. Click the Create new button to create a file object and upload the file.
Upload the user file created. Then you can configure the request files object and enable the Random File Name and Content option.
Action configuration in HTTP/S/2 cases
The following image shows the HTTP request URI and response body.
Action configurations in FTP cases
The following images show the FTP request file name and content.
Configurations in POP3 cases
The following image shows loading POP3 configurations.
The following image shows the attachment file name and content.
Action configurations in TFTP cases
The following image shows TFTP configurations.
The following image shows the request file name and content.
User-Agent
The User-Agent request header is a characteristic string that lets servers and network peers identify the application, operating system, vendor, and/or version of the requesting user agent.
FortiTester version 7.3.0 supports configuring User-Agent requests in several application cases including Facebook, Gmail, Netflix, Twitter, WebEx, Yahoo Mail, and YouTube.
SMTP enhancements
Use a sample file as a payload
You can now use a sample file to create an SMTP case by uploading a sample file as the Files Object.
FortiTester currently only has support for |
Multiple recipients
FortiTester 7.3.0 now supports up to 32 recipients.
Random sender/recipient email addresses
FortiTester 7.3.0 supports inputting “<###>” in Sender/Recipient Email Address. Every # symbol will be converted to random characters.
Random attachment
FortiTester can now generate a random attachment name and content.
Randomize file name and content
FortiTester can now add six random characters to each attachment file name and content.
Base64 disabled
Base64 can be disabled and the payload and attachments will be sent in plain text.
DNS over TLS (DoT)
DNS over TLS (DoT) is a network security protocol for encrypting and wrapping Domain Name System (DNS) queries and answers via the Transport Layer Security (TLS) protocol. Using this method will increase user privacy and security by preventing eavesdropping and manipulation of DNS data via man-in-the-middle attacks. The most used port number for DoT is 853.
DoT can be found under Performance Testing > Protocol > DNS > TCP.
Key configurations
Mode
If “Simulated Users” is selected, FortiTester simulates users processing through an Actions list one at a time. It allows you to determine the maximum number of concurrent users your device, infrastructure, or system can handle.
If “Connections/second” is configured (support for CPS and RPS cases), FortiTester simulates TCP connections with each of them containing up to hundreds of transactions. This can be used to test how many concurrent connections can be handled by your device.
Enable DNS outstanding query (Support for RPS cases)
“Enable DNS Outstanding Query” allows multiple DNS queries to be sent in parallel. It is disabled by default, with one DNS query sent at a time. If enabled, you can set the number of parallel queries.
Maximum concurrent connections (Support for CC cases)
You can determine the maximum number of concurrent TCP connections supported through or with the DUT/SUT. This test is intended to find the maximum number of entries the DUT/SUT can store in its connection table.
Think time (Support for CC cases)
Think Time is the delay between client DNS queries by seconds. You can configure the think time between queries.
Domain policy (Support for CPS, RPS, and CC)
FortiTester queries the domains in the specified list. Only “List” type and “A” record is currently supported. You can now configure the expected domain name.
UDP PPS case support using iMIX objects
Internet Mix or iMIX refers to typical Internet traffic passing some network equipment such as routers, switches or firewalls. When measuring equipment performance using an iMIX of packets, the performance is assumed to resemble what can be seen in "real-world" conditions.
iMIX objects can be found under Performance Testing > Objects > iMIX.
UDP PPS Test Case is located in Performance Testing > UDP > PPS.
You can then select iMIX as the Frame Size Type and select the iMIX object.
ATT&CK enhancements
Discontinued support for MITRE version 6
Previously, ATT&CK v6 version and ATT&CK v10 (Beta) version models were both available to use on the GUI. In order to simplify the configuration process and require zero prior knowledge about the environment for user, FortiTester now officially uses the version 10 model and removes all version 6 models on the GUI.
Coverage map
The ATT&CK Matrix Coverage map has been upgraded to version 12. You can select previous versions of the matrix to view from the dropdown list.
New MITRE URL link
All links (Tactic/Technique) in abilities Detail have been directed to the corresponding v10 MITRE ATT&CK Matrix documents on the official website.Tactic/Technique links in Abilities Detail will default to the v10 page.
Ability dependency
When running an ATT&CK case with specific abilities in an Adversary group, the abilities should have a correct sequence to make sure they operate correctly. You can detail "pre-conditions" in the attribute details to make sure abilities that meet these requisites are added to the Adversary group first.
Auto cleanup
The Auto Cleanup option can be used to see how abilities work on agents. The Auto Cleanup is enabled by default.
FortiTester TestCenter Mode by public IP
FortiTester has support to create TestCenter Mode by public IP.
The Test Center client must be accessed by the public IP. |
SSLVPN DTLS testing
DTLS provides communications privacy for datagram protocols. It allows client/server applications to communicate in a way that prevents eavesdropping, tampering, or message forgery. DTLS is based on the Transport Layer Security (TLS) protocol and provides equivalent security guarantees.
DTLS can be found under Performance Testing > VPN > SSL-VPN Specifics > Client > Profile.
Key configurations
DTLS tunnel
If disabled, no DTLS tunnel will be created. Only TLS tunnels will be created for inner traffic. If enabled, DTLS tunnel will be created for inner traffic.
Available DTLS versions
If DTLSv1.0 is selected, DTLSv1.0 will be supported by FortiTester. If DTLSv1.2 is selected, DTLSv1.2 will be supported by FortiTester.
DTLS ciphers
If one DTLS cipher is selected, only the selected DTLS cipher will be supported. It is also possible to select multiple DTLS ciphers at the same time. If all DTLS ciphers are selected, all selected DTLS ciphers will be supported.