B&B Bezpieczeństwo w biznesie
  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Audyt bezpieczeństwa informacji
    • Audyt- program Cyfrowa Gmina
    • Audyt konfiguracji Fortigate
    • Program Cyfrowy Powiat
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • RODO
  • Kontakt

Producent oprogramowania Fortinet udostępnił najnowszą aktualizację dla produktu FortiAnalyzer o numerze wersji 7.0.1. Nowa aktualizacja pozbawiona jest błędów – między innymi podczas generowania raportów, które finalnie były niekompletne bądź puste. Aktualizacja 7.0.1 rozwiązuje również problem działania systemu BIOS, który sygnalizował mnóstwo błędów. Najnowsza aktualizacja to również koniec problemów z urządzeniem FortiAnalyzer 200-F – od teraz aktualizacja oprogramowania powinna na nim przebiegać prawidłowo. Po więcej szczegółowych informacji zapraszam do dalszej części artykułu.

Aktualnie wspierane modele:

FortiAnalyzer FAZ-150G, FAZ-200F, FAZ-300F, FAZ-300G, FAZ-400E, FAZ-800F, FAZ-800G, FAZ-1000F, FAZ-2000E,

FAZ-3000F, FAZ-3000G, FAZ-3500E, FAZ-3500F, FAZ-3500G, FAZ-3700F, FAZ-3900E

FortiAnalyzer VM FAZ-VM64, FAZ-VM64-AWS, FAZ-VM64-Azure, FAZ-VM64-GCP, FAZ-VM64-HV (including Hyper-V 2016, 2019), FAZ-VM64-KVM, FAZ-VM64-OPC, FAZ-VM64-Xen (for both Citrix and Open Source Xen)

Rozwiązane problemy:

Device Manager

Bug ID Description
676662 Collector may not be showing the same FortiGate device version as analyzer.
716486 FortiAnalyzer still populating unauthorized device list even after detect-unregistered-log-device is set to disable.
722235 FortiWeb ADOM may not able to auto-detect correct platform model with SN.

FortiView

Bug ID Description
708006 Monitors Endpoints does not show all FortiClient endpoints as in logs.
711810 SSL Dialup IPSec connection count may not match with connection list.
713083 FortiAnalyzer may show a No Data message for the Worldwide Threat Prevalence chart.
721008 Threats > Compromised Hosts may not be able to acknowledge compromised hosts when the end user is not a known IP.

Log View

Bug ID Description
662830 FortiAnalyzer daylight adjustments are not applied to real-time logging until rebooting the system.
694307 With increasing memory usage, FortiAnalyzer may stop receiving logs via OFTP from FortiGate devices.
704410 FortiAnalyzer may stop handling logs and the oftpd process is in a non-responsive state.
711711 Log filter may show unfiltered values.
715960 FortiClient Device ID takes FortiClient EMS SN value when displaying the log information from the historical view.
721806 LDAP User may not be able to delete Custom Views.
724223 Device list in Log View does not show correct devices after switching ADOMs.

Others

Bug ID Description
625343 FortiAnalyzer may consume high on I/O resources every hour by fazwatch.
686491 Postgres may keep causing OoM with segmentation faults on multiple processes.
690271 The sqllogd daemon may crash.
698780 FortiAnalyzer may intermittently provide empty response to FortiView JSON requests.
700562 When creating a system admin user using JSON API, FortiAnalyzer may return an error: The data is invalid for selected url.
709699 FortiAnalyzer may contain a few siemdb crashes.
710178 FortiAnalyzer is listening on TCP/3000 even though accept-aggregation is disabled.
710322 An oftpd may have high memory usage triggering multiple crashes.
713344 After upgrade, FortiAnalyzer may show Invalid BIOS errors.
713701 FortiAnalyzer should provide more than 500 lines of logs via API.
713826 The diagnose test application siemdbd 6 command may show the wrong information after removing the last ADOM with „diagnose siem remove database.
722521 Upgrading of FortiAnalyzer-200F may not be possible due to hardware limitations.
723638 The dvmcmd process may crash when running TAC report.

Reports

Bug ID Description
692097 A report’s sub-charts may not work after upgrade.
713189 Dataset and Intrusions-Timeline-By-Severity, may not list low severity intrusions.
716505 Text color for date on the cover page may not be correct.
717557 FortiAnalyzer reports may be empty when enabling LDAP Query.
718172 Report may be showing user or source as malicious code.
718579 While creating new or editing an Output Profile, the body section does not take any input.
718849 Reports and Output Profiles may disappear after upgrade.
720897 Scheduled Report may not run when the /amp folder is full.

System Settings

Bug ID Description
634253 ADOMs may disappear randomly from ADOM configuration while editing it.
667488 Read-only users should not be able to change RAID level with the GUI.
696041 FortiAnalyzer SSO should support URI format in entity ID.
712043 HA cluster failover may not work with the secondary unit stuck in the init-syncing state.
717524 Users may not be able to add a username which contains a Slash (/) inside Device Log Setting.

Common Vulnerabilities and Exposures

Bug ID CVE references
716350 FortiAnalyzer 7.0.1 is no longer vulnerable to the following CVE-Reference:

  • CVE-2021-32589

Znane problemy do rozwiązania:

Device Manager

Bug ID Description
639479 FortiGate v6.0 with sub-ca certificate may not be able to establish oftp connection with FortiAnalyzer without sub-ca certificate.

Event Management

Bug ID Description
691220 Event handler may not be triggered correctly when there is more than one match.

FortiSOC

Bug ID Description
621473 FortiSOC is missing in cloud-based VMs.

FortiView

Big ID Description
616675 Bandwidth may not match between FortiAnalyzer and FortiGate.
626530 Bytes Sent/Received should match between Top Destinations and Policy Hit charts under FortiView when filtered by the same policy ID.
640553 FortiView monitor WiFi widget is not showing Bridged SSID information.
641596 FortiAnalyzer may show No Data in User Vulnerabilities Summary widget.
707480 Top Threats(FortiClient) may only display Threat level LOW and Allowed incidents.
722443 Top Destinations on FortiView may not display the correct information.
723799 Policy Name may not show up under FortiView > Traffic > Policy Hits > Policy Column for policies with name information.

Log View

Bug ID Description
661094 In Log View, importing log may fail.
674027 Filtering FortiClient event logs with wildcard UID filter returns no data.
704206 When filtering with Action and Source IP under the Traffic menu, the filter output may be incorrect with the combination of smart action with any other field.

Others

Bug ID Description
616355 FortiGate may display SSL error or OFTP error when testing connectivity with FortiAnalyzer.
687180 When using the operator „>=” for Greater than or Equal to in FortiAnalyzer CLI, it does not accept the syntax and throws an error.
701753 SIEM database should be trimmed at the same time when quota enforcement occurs.

Reports

Bug ID Description
653207 FortiAnalyzer may have incorrect dataset queries without considering the Direction field.
677090 Report Filter may not work with devname.

System Settings

Bug ID Description
638380 FortiAnalyzer may accept invalid which may break some widgets.
669402 FortiAnalyzer may not time out admin a session after many hours.
708958 Changing the Timezone on FortiAnalyzer does not take effect on FortiSOC.

 

Notatki producenta: FortiAnalyzer 7.0.1

Pozdrawiamy,

Zespół B&B
Bezpieczeństwo w biznesie

Post Views: 571
Poprzedni artykułFortiOS 7.0.1Następny artykuł FortiManager 7.0.1

Najnowsze

FortiSwitch 7.0.627 stycznia 2023
NAKIVO Backup & Replication v10.825 stycznia 2023
ESET PROTECT Cloud 4.116 stycznia 2023

Kategorie

  • Acronis
  • Aktualności
  • Bez kategorii
  • ESET
  • F-Secure
  • FortiAnalyzer
  • FortiAP
  • FortiAuthenticator
  • FortiClient
  • FORTIGATE
  • FORTIMAIL
  • FortiManager
  • FortiNAC
  • FORTISWITCH
  • FortiWeb
  • NAKIVO
  • Qnap
  • Stormshield
  • Szkolenia
  • Veeam
  • VMware

Tagi

6.0.6 6.2.1 6.2.2 6.2.7 6.4.0 6.4.2 6.4.3 6.4.4 6.4.5 6.4.8 7.0.0 7.0.2 7.0.5 7.2.0 acronis ems Eset eset endpoint antivirus eset endpoint security ESET Protect ESET Protect Cloud F-Secure f-secure client security f-secure policy manager FMG FortiAnalyzer FortiAP fortiap-s fortiap-w2 FortiAuthenticator FortiClient FortiClientEMS FortiGate FortiMail FortiManager FortiNAC Fortinet FortiOS FortiSwitch FortiWeb vCenter vCenter Server VMware vmware vcenter VMware vCenter Server

MENU

  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Audyt bezpieczeństwa informacji
    • Audyt- program Cyfrowa Gmina
    • Audyt konfiguracji Fortigate
    • Program Cyfrowy Powiat
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • RODO
  • Kontakt

BLOG TECHNICZNY

FortiSwitch 7.0.627 stycznia 2023
NAKIVO Backup & Replication v10.825 stycznia 2023
ESET PROTECT Cloud 4.116 stycznia 2023

KONTAKT

+48 500-413-313
biuro@b-and-b.plhttps://www.b-and-b.pl
8:00-16:00
BEZPIECZEŃSTWO W BIZNESIE 2022 - wszystkie prawa zastrzeżone

MENU

  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Audyt bezpieczeństwa informacji
    • Audyt- program Cyfrowa Gmina
    • Audyt konfiguracji Fortigate
    • Program Cyfrowy Powiat
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • RODO
  • Kontakt

BLOG TECHNICZNY

FortiSwitch 7.0.627 stycznia 2023
NAKIVO Backup & Replication v10.825 stycznia 2023
ESET PROTECT Cloud 4.116 stycznia 2023

Kontakt

+48 500-413-313
biuro@b-and-b.pl
8:00-16:00