Fortinet publikuje aktualizację oprogramowania dla produktu FortiAnalyzer oznaczoną numerem wersji 6.2.6! W wersji 6.2.6 rozwiązano między innymi problem niedziałającego NTP, który występował w poprzedniej wersji oprogramowania 6.2.5. Naprawiony został również dziennik logów w czasie rzeczywistym, który nie działał poprawnie. Błąd wykonania kopii zapasowej za pośrednictwem FTP, który występował z powodu problemów z plikami również został naprawiony.
Rozwiązane problemy:
Device Manager
| Bug ID | Description |
|---|---|
| 615803 | When FortiAnalyzer is a managed device, the ADOM should be locked. |
| 634418 | After a FortiGate is upgraded, its firmware version in Device Manager table is not automatically updated. |
| 641490 | FortiAnalyzer may fail to update HA group name after the group name is changed on the FortiGate side causing it to crash occasionally. |
| 648893 | Device list may be empty in Device Manager after upgrade. |
| 570039 | When FortiWeb is auto registered and promoted on FortiAnalyzer, the firmware version shown in Device Manager may not be correct. |
FortiView
| Bug ID | Description |
|---|---|
| 624856 | Default user filter is missing from FortiView > VPN > SSL & Dialup IPsec in filter mode while it is available in text mode. |
| 641983 | Traffic filter by policy ID with greater or less than option is not working correctly when viewing real-time logs. |
| 644204 | When using View Related Logs on FortiView, the time interval displayed on Log View is not correct. |
| 643842 | Under Secure SD-WAN Monitor and Secure SD-Wan report , all SD-WAN Rule related widgets or charts may show No Data. |
Log View
| Bug ID | Description |
|---|---|
| 636967 | After upgrade, FortiAnalyzer reports a problem that the filter in the real-time log does not work resulting in No entry found. |
| 640634 | Logver field is not added to incoming logs resulting in empty charts. |
| 642960 | Logs imported in Log Browse may not show up in traffic logs. |
| 644189 | Filters configured in the FortiView summary are not applied to Log View. |
| 596229 | Log Filter should allow to choose and filter DNS log type when Log Forwarding is enabled. |
| 645490 | In Log View > Traffic > Real-time Log, using a filter to search any column may return No entry found. |
| 651256 | Username starting with a small case „vd” letter does not get displayed in the Historical logs. |
| 657357 | Device Time filter may not work correctly under the Log Browse log files. |
Others
| Bug ID | Description |
|---|---|
| 568326 | The oftpd daemon may crash several times a day. |
| 602774 | The execute backup logs command may trim the device list output if it contains more than 4096 characters. |
| 635070 | The OFTP connection between the FortiGate unit and FortiAnalyzer units may fail to come up. |
| 644034 | FortiAnalyzer HA may not be synchronized in Analytics. |
| 645965 | The diagnose dvm device list command shows incorrect VDOM to ADOM assignment and Fabric View > Assets displays data belonging to different ADOMs. |
| 652438 | FortiAnalyzer may not perform a complete FTP backup because of problems with files. |
Reports
| Bug ID | Description |
|---|---|
| 595715 | Modified output profile may not take effect for Email generated report. |
| 643238 | User should be able filter reports based on device name in Reports > Report Definitions > All Reports. |
| 649851 | Traffic Summary and Sessions Summary graphs in all Bandwidth and Applications are empty after upgrading to 6.2.5. |
System Settings
| Bug ID | Description |
|---|---|
| 593588 | GUI should not allow the user to create a Local Certificate with a Certificate Name containing more than 35 characters. |
| 599771 | When logging in with an LDAP admin, one invalid ADOM value may cause authentication failed. |
| 613032 | Cover page files may be not synchronized to slave unit. |
| 637988 | NTP is may not work after upgrading to 6.2.5. |
| 642459 | Syslogd receives empty logs when FortiAnalyzer forwards FortiExtender logs. |
| 644863 | When SAML uses Super_User under root ADOM, the user is not able to view analytic logs under FortiView and the Event handler prompts Web Server Error 500. |
Znane problemy do rozwiązania:
Device Manager
| Bug ID | Description |
|---|---|
| 613115 | Device Manager view may show red icons for VDOMs even when the log is received. |
FortiSoC
| Bug ID | Description |
|---|---|
| 638676 | SNMP alert is not generated for event handler triggered by FortiWeb attack logs. |
FortiView
| Bug ID | Description |
|---|---|
| 565778 | FortiAnalyzer may prompt empty SOC website related to dashboard while the web filter logs exist. |
| 579828 | There may be bandwidth discrepancy under FortiView > Application & websites > Top websites. |
| 590775 | FortiAnalyzer should hide Device and Time Frame selection in FortivView Threat Map. |
| 616675 | Bandwidth may not match between FortiAnalyzer and FortiGate. |
| 636361 | The selected time range may not correspond with the time range in the charts for the Resource Usage drilldown. |
| 638828 | Incident of Compromised Hosts may not be triggered. |
| 640553 | FortiView monitor WiFi widget is not showing Bridged SSID information. |
| 641938 | The GUI many not respond when navigating to Monitors > Local System Performance. |
| 616914 | Some graphs may not render data in FortiView. |
Log View
| Bug ID | Description |
|---|---|
| 591272 | Downloading log files from Log View or Browse are not exported in the correct CSV format. |
| 604850 | The remote IP for SSL-VPN is showing as IPsec Remote IP. |
| 625306 | Hiding column(s) in Log View may cause the filters to reference the wrong column. |
| 633393 | Some IPS archive files only contain the BODY instead of showing the entire Attack Context . |
| 635598 | FortiAnalyzer may not display Traffic Logs in Log View and return Web Server Error 500. |
| 638388 | When two filters are defined and the first filter is removed, clicking on the remaining filter may reference the filter that was removed. |
| 641013 | After creating an ADOM for FortiMail, the ADOM is not visible on the GUI and mail domain logs are not going to the default FortiMail ADOM. |
| 643858 | Actual analytic logs do not match what is observed in Log View. |
| 652076 | Log View may load infinitely with Custom Time Period. |
| 656441 | Downloading an uncompressed CSV format log prompts web server error 500. |
Others
| Bug ID | Description |
|---|---|
| 595696 | Changing the value for system.global.enc-algorithm is not applied to oftpd until a reboot. |
| 617669 | File parser may keep crashing every few minutes. |
| 622408 | FortiAnalyzer may consume high disk I/O resource and high throughput may cause high CPU usage. |
| 625343 | FortiAnalyzer may consume high usage on I/O resources every hour due to fazwatch. |
Reports
| Bug ID | Description |
|---|---|
| 624911 | FortiAnalyzer may not be able to generate the SaaS Application Usage Report with Obfuscate User feature. |
| 628823 | FortiAnalyzer is not generating all local Event logs for reports. |
| 647868 | After upgrade, all default reports and event handler lists are lost. |
| 652715 | The pre-defined reports items should be created in the new ADOM even if the same name being re-used. |
| 653532 | Scheduled report does not run if the report owner has been deleted from the admin list. |
| 654182 | SD-WAN reporting graphs default to a scale of one second where the scale should auto-scale to milliseconds. |
System Settings
| Bug ID | Description |
|---|---|
| 629663 | Free text filter does not work when using (~) tilde sign on syslog ADOM for the msg field. |
| 634253 | ADOMs may disappear randomly from ADOM configuration while editing it. |
| 639102 | FortiAnalyzer may not apply Not equal to operator when Log Forwarding > Log Filter is configured with the GUI. |
| 653371 | CEF log forwarding start time does not match with event time. |
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie