Fortinet opublikował aktualizację dla FortiAnalyzer o oznaczeniu wersji 6.4.11. Aktualizacja przynosi poprawki dla wszystkich modułów rozwiązania, począwszy od Device Managera który teraz powinien prawidłowo prezentować oraz sortować dane dotyczące Average Log Rate w przypadku klastra HA Fortigate, prawidłowo rozpoznawać urządzenia, oprogramowanie układowe. W module FortiView naprawiono problemy związane z wydajnością monitorowania – SD-WAN Monitor oraz SD-WAN Performance Status powinny funkcjonować szybciej oraz lepiej! Dodatkowo pojawiły się poprawki związane z magazynowaniem logów oraz ich archiwizacją, wykorzystaniem dysków, playbookami oraz samym funkcjonowaniem systemu. Finalnie FortiAnalyzer 6.4.11 nie jest również podatny na CVE-2023-23776.
Aktualnie wspierane modele:
| FortiAnalyzer | FAZ-150G, FAZ-300G, FAZ-200F, FAZ-300F, FAZ-400E, FAZ-800F, FAZ-800G, FAZ-1000E, FAZ-2000E, FAZ-3000E, FAZ-1000F, FAZ-3000F, FAZ-3000G, FAZ-3500E, FAZ-3500F, FAZ-3500G, FAZ-3700F, FAZ-3700G and FAZ-3900E. |
| FortiAnalyzer VM | FAZ-VM64, FAZ-VM64-Ali, FAZ-VM64-AWS, FAZ-VM64-AWS-OnDemand, FAZ-VM64-Azure, FAZ-VM64-GCP, FAZ-VM64-HV, FAZ-VM64-KVM, FAZ-VM64-OPC, and FAZ-VM64-XEN (Citrix XenServer and Open Source Xen). |
Rozwiązane problemy:
Device Manager
| Bug ID | Description |
|---|---|
| 814008 | Sort function for logs and average log rate (logs/sec) does not work in Device Manager. |
| 819664 | Under Device Manager, Average Log Rate is displayed zero for FortiGates HA Cluster. |
| 835653 | The FortiGate’s IP address and firmware version are not updated when FortiGates are added manually to a non-root ADOM. |
| 837310 | FortiAnalyzer does not show the correct IP addresses and firmware versions for its registered FortiGates. |
| 838727 | Log Status of the Devices are displayed red when the Primary has a zero lograte. |
FortiView
| Bug ID | Description |
|---|---|
| 673168 | Filtering on the „Device Name” at Compromised Hosts displays „Device ID” instead. |
| 821845 | Launching Secure SD-WAN Monitor page is significantly slow, especially for viewing jitter diagram. |
| 831973 | SD-WAN Performance Status widget in Secure SD-WAN Monitor under FortiView contains blank device interfaces. |
| 841717 | The Data displayed on FortiView is inconsistent with the exported „Top Website Domains” PDF report. |
Log View
| Bug ID | Description |
|---|---|
| 765710 | When service is not in the log entry, filter based on negative service should still show related logs in the filtered result. |
Others
| Bug ID | Description |
|---|---|
| 817639 | FortiAnalyzer archive logs caused unexpected increase in the disk quota usage. |
| 837657 | When creating ADOMs using JSON API, default ADOM configs, such as report, datasets, and charts, are not created. |
| 838182 | Logs are not being inserted into the secondary FortiAnalyzer. |
| 839910 | The diagnose test application oftpd command does not display any outputs for some FortiGate devices registered on FortiAnalyzer. |
| 845871 | FortiAnalyzer stopped accepting logs and status of the devices turned into red. |
| 860113 | The primary FortiAnalyzer can show the logs in Log View. The synchronization between primary and secondary fails and the secondary doesn’t show the last logs. |
Reports
| Bug ID | Description |
|---|---|
| 764194 | Playbooks run_report fails with „missing device(s)” if „Playbook Starter” as devices filter is selected. |
| 837826 | The event logs does not create any event logs whenever reports are being generated via „run report”. |
System Settings
| Bug ID | Description |
|---|---|
| 739136 | Task monitor shows incorrect user for newly created ADOM. |
| 782431 | SNMPv3 stopped working after upgrading. |
| 837203 | Unable to fetch logs between FortiAnalyzer devices due to Invalid cross-device link error. |
| 853855 | The log forwarding filter does not seem to work properly as expected on FortiAnalyzer. |
Common Vulnerabilities and Exposures
Visit https://fortiguard.com/psirt for more information.
| Bug ID | CVE references |
|---|---|
| 839861 | FortiAnalyzer 6.4.11 is no longer vulnerable to the following CVE Reference:
|
Znane problemy:
Others
| Bug ID | Description |
|---|---|
| 698361 | SNMPv3 engineBoots may not properly be initialized. |
Notatki producenta: FortiAnalyzer 6.4.11
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie