Fortinet black logo

Built-in IPS engine

Built-in IPS engine

Resolved engine issues

Bug ID

Description

580391

Unable to create MAC address-based policies in NGFW mode.

654356

In NGFW policy mode, sessions are not re-validated when security policies are changed. A workaround is to clear sessions after a policy change.

662698

One-arm sniffer logging shows inaccurate SNMP application sent bytes.

672994

Web filter warning message does not contain certification chain.

676705

Custom IEC-104 application control signatures skipped after signature database update.

677834

HTTP traffic is dropped when custom proxy options are applied to a policy.

681611

IPS engine crashes (5.218 ips_dlp_alert).

683669

Firewall schedule settings are not following daylight saving time.

688888

BZIP2 file including EICAR is detected in the original direction of the flow mode firewall policy even though scan-bzip2 is disabled.

691196

One-arm IPS URL filter unable to block HTTPS websites.

695441

Not getting past block/override page or warning page when doing a web filter override in flow mode.

695774

Remote category flow and proxy mode wildcard matching difference

696619

FGSP synchronized UDP sessions may be blocked in NGFW policy mode when asymmetric routing is used due to a policy matching failure. Other types of traffic may also be affected (such as TCP) in the case of failover of the reply direction traffic to a different FortiGate in the FGSP cluster.

696753

Chassis has multiple IPS crashes and UTM web filter is impacted after enabling web filter content header.

696811

IPSA self test failed, disable IPSA! IPSA disabled: self test failed message appears in system event logs.

696819

IPS archive timestamp is dated from 1970.

702142

File filter monitor blocks files in flow AV if there is a scan error.

707907

IPS engine (flow mode deep inspection) does not decrypt some TLS 1.3 sessions, which causes problems with application control detection.

713068

FGSP support in NGFW policy mode.

715136

High memory usage for some slab objects.

718452

set https-replacemsg disable causing connection RST on URLs in URL filter list (flow-based inspection).

719007

URL filtering followed by /* causes rating error.

719252

IPS engine crash.

721410

Unable to open fb.watch website in flow mode using SSL deep inspection with application control.

721462

Memory usage increases up to conserve mode after upgrading IPS engine to 5.00239.

724400

Facebook.com website gives error in Firefox version 89 with flow mode and deep inspection.

724767

Hostname is garbled in event log that is detected by HTTP.Suspicious.Headers.With.Special.Characters.

Built-in IPS engine

Resolved engine issues

Bug ID

Description

580391

Unable to create MAC address-based policies in NGFW mode.

654356

In NGFW policy mode, sessions are not re-validated when security policies are changed. A workaround is to clear sessions after a policy change.

662698

One-arm sniffer logging shows inaccurate SNMP application sent bytes.

672994

Web filter warning message does not contain certification chain.

676705

Custom IEC-104 application control signatures skipped after signature database update.

677834

HTTP traffic is dropped when custom proxy options are applied to a policy.

681611

IPS engine crashes (5.218 ips_dlp_alert).

683669

Firewall schedule settings are not following daylight saving time.

688888

BZIP2 file including EICAR is detected in the original direction of the flow mode firewall policy even though scan-bzip2 is disabled.

691196

One-arm IPS URL filter unable to block HTTPS websites.

695441

Not getting past block/override page or warning page when doing a web filter override in flow mode.

695774

Remote category flow and proxy mode wildcard matching difference

696619

FGSP synchronized UDP sessions may be blocked in NGFW policy mode when asymmetric routing is used due to a policy matching failure. Other types of traffic may also be affected (such as TCP) in the case of failover of the reply direction traffic to a different FortiGate in the FGSP cluster.

696753

Chassis has multiple IPS crashes and UTM web filter is impacted after enabling web filter content header.

696811

IPSA self test failed, disable IPSA! IPSA disabled: self test failed message appears in system event logs.

696819

IPS archive timestamp is dated from 1970.

702142

File filter monitor blocks files in flow AV if there is a scan error.

707907

IPS engine (flow mode deep inspection) does not decrypt some TLS 1.3 sessions, which causes problems with application control detection.

713068

FGSP support in NGFW policy mode.

715136

High memory usage for some slab objects.

718452

set https-replacemsg disable causing connection RST on URLs in URL filter list (flow-based inspection).

719007

URL filtering followed by /* causes rating error.

719252

IPS engine crash.

721410

Unable to open fb.watch website in flow mode using SSL deep inspection with application control.

721462

Memory usage increases up to conserve mode after upgrading IPS engine to 5.00239.

724400

Facebook.com website gives error in Firefox version 89 with flow mode and deep inspection.

724767

Hostname is garbled in event log that is detected by HTTP.Suspicious.Headers.With.Special.Characters.