Security Profiles (5.6.1)

Security Profiles (5.6.1)

New security profile features added to FortiOS 5.6.1.

FortiGuard WAN IP blacklist service is now online (404859)

The Fortiguard WAN IP blacklist service was not online in FortiOS 5.6.0. In FortiOS 5.6.1, a notification appears on the Dashboard when WAN IP is blacklisted. Clicking on the notification brings up the blacklist details.

Application Control GUI improvements (279956)

An All Categories button on the Security Profiles > Application Control page makes it easier to apply an action (Monitor, Allow, Block, Quarantine) to all categories at once.

Note that the All Categories selector goes blank when any of theactions to be applied to individual categories is manually changed to something different than what was selected for all the categories. The Unknown Application action will match the All Categories action unless that action is Quarantine, which is unsupported for unknown applications.

Industrial Application Control signatures (0434592)

The application control category Industrial is now controlled by a FortiGuard license and the default disable mask is no longer needed. The special category is also no longer used.

GUI updates to reflect package and license changes for IPS, Application Control and Industrial signatures (397010)

The following changes have been made to the GUI to reflect changes in the signature databases:

  • Application Control signature database information is displayed under on the System > FortiGuardpage in the FortiCare section.
  • The IPS package version and license status are shown in a separate section in System > FortiGuard A link to manually upload the IPS database signatures has been added.

(5.6.1)

  • The Industrial package version and license status are shown in a separate section in System > FortiGuard A link to manually upload the Industrial database signatures is available. Access to the Industrial database is provided with the purchase of the FortiGuard Industrial Security Service. The row item for this license will not appear if you are not subscribed. l Botnet category is no longer available when searching the Application Signatures list.

Improved FortiClient monitor display (378288)

The GUI for the Monitor > FortiClient Monitor page has been revised.

  • new dropdown option: Online Only or Include Offline. The default is Online Only.

l new dropdown option l Sending FortiTelemetry Only (default) l Include All FortiTelemetry States l Not Sending FortiTelemetry Only

  • update: Compliance status for offline device is N/A l update: offline status indicator to grey l new compliance status text after the icon in Compliance column l Moved Compliance column after Status column
  • Combined unregistered endpoint devices with not registered devices

FortiSandbox integration with AntiVirus in quick mode (436380)

FortiSandbox options in an AntiVirus Security Profile in quick scanning mode can now be enabled with CLI commands.

CLI syntax

config antivirus profile edit default set ftgd-analytics disable/everything set analytics-max-upload 10 set analytics-wl-filetype 0 set analytics-bl-filetype 0 set analytics-db enable/disable set scan-mode quick

end

Pre-configured parental controls for web filtering (399715)

Pre-configured filters based on the Motion Picture Association of America (MPAA) ratings can now be added to the Web Filter Security Profile. This feature is already available on FortiCloud and uses the same ratings categories.

Anti-Spam GUI updates (300423)

Changes made to the Anti-Spam profile update the GUI to reflect FortiOS 5.6 style.

 

This entry was posted in FortiOS 5.6 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.