Changes to Configuring how the internal switch fabric distributes sessions to NP7 processors. New section Carrier-Grade NAT Architecture Guide. Per-session hardware logging is not compatible with session-count DoS anomalies, see Hyperscale firewall 7.0.14 incompatibilities and limitations for more information.

FortiOS 7.0.14 document release.

More information about the FortiGate 4800F and 4801F and hyperscale hardware logging, see Enabling hyperscale firewall features and Configuring hardware logging. More information added to Hardware logging and Configuring hardware logging.

FortiOS 7.0.13 document release.

New section: Hyperscale and standard FortiOS CGNAT feature comparison .

Added information about hardware logging sending multiple session start log messages if log-processor is set to hardware and log-mode is set to per-session to Hyperscale firewall 7.0.14 incompatibilities and limitations.

FortiOS 7.0.12 document release.

FortiOS 7.0.11 document release.

Added more information about the NP7 hash-config option to Configuring how the internal switch fabric distributes sessions to NP7 processors.

NP7 hardware logging must use interfaces connected to NP7 processors to communicate with the remove log servers. This information was added to Configuring hardware logging.

FortiOS 7.0.10 document release. Corrections to SNMP queries for hardware session counts.

Improvements to Displaying IP pool usage information.

FortiOS 7.0.9 document release.

Corrections to Creating hyperscale firewall VDOMs.

FortiOS 7.0.8 document release. For information about new features, see What's new for hyperscale firewall for FortiOS 7.0.8.

FortiOS 7.0.7 document release. More information and explanation added to Hyperscale firewall policy engine mechanics.

New sections: FGSP HA hardware session synchronization and Basic FGSP HA hardware session synchronization configuration example.

Changes to FGCP HA hardware session synchronization.

Changes to Configuring FGCP HA hardware session synchronization.

New sections:

• Optimizing FGCP HA hardware session synchronization with data interface LAGs.

• How the NP7 hash-config affects CGNAT.

• How the NP7 hash-config affects sessions that require session helpers or ALGs.

Revised information about using the FortiGate-4200F/4201F and 4400F/4400F HA1, HA2, AUX1 and AUX2 interfaces. Using the following command is no longer recommended. Instead see the new sectionRecommended interface use for an FGCP HA hyperscale firewall cluster.

config system npu

config port-path-option

set ports-using-npu {ha1 ha2 aux1 aux2}

end

Improvements to Hyperscale firewall VDOM session timeouts. New section Session timeouts for individual hyperscale policies.

Added information about how FortiOS 7.0.14 hyperscale policies are no longer separated from normal firewall policies and how hyperscale firewall policies are converted during the upgrade process to Upgrading hyperscale firewall features to FortiOS 7.0.14.

Misc. changes throughout the document.

FortiOS 7.0.6 document release. See What's new for hyperscale firewall for FortiOS 7.0.6.

New section: Allowing packet fragments for NP7 NAT46 policies when the DF bit is set to 1.

Added more information about the verbose option to diagnose sys npu-session stat [verbose [{44 | 66 | 64 | 46}]] .

Improvements to Displaying information about NP7 hyperscale firewall hardware sessions.