New SLBC features added to FortiOS 5.6.1.
FortiController-5000 series independent port splitting (42333)
FortiOS 5.6.1 supports splitting some 40G FortiController front panel fiber channel front panel interfaces in to 10G ports. In previous versions of FortiOS this configuration was not supported and all FortiController fiber channel front panel interfaces had to operate at the same speed.
(5.6.1)
New load balancing features added to FortiOS 5.6.
IPv6, 6to4, and 4to6 server load balancing (280073)
Sever load balancing is supported for:
Server Load balancing (5.6)
l IPv6 VIPs (config firewall vip6) l IPv6 to IPv4 (6to4) VIPs (config firewall vip64) l IPv4 to IPv6 (4to6) VIPs (config firewall vip46)
Configuration is the same as IPv4 VIPs, except support for advanced HTTP and SSL related features is not available. IPv6 server load balancing supports all the same server types as IPv4 server load balancing (HTTP, HTTPS, IMAPS, POP3S, SMTPS, SSL, TCP, UDP, and IP). IPv4 to IPv6 and IPv6 to IPv4 server load balancing supports fewer server types (HTTP, TCP, UDP, and IP).
Improved Server load balancing GUI pages (404169)
Server load balancing GUI pages have been updated and now include more functionality and input verification.
New load balancing features added to FortiOS 5.6.1.
Add server load balancing real servers on the Virtual Server GUI page (416709)
In previous versions of the FortiOS GUI, after adding a Virtual Server you would go to Policy & Objects > Real Servers to add real servers and associate each real server with a virtual server.
In FortiOS 5.6.1 you now go to Policy & Objects > Virtual Servers, configure a virtual server and then from the same GUI page add real servers to the virtual server. In addition, on the Virtual Server GUI page the option Outgoing Interface is renamed Interface and the load balancing method Source IP Hash has been renamed
Static.
Server Load balancing
New custom IPS and Application Control Signatures list (280954)
You can now create IPS and Application control custom signatures by going to Security Profiles > Custom Signatures. From here you can create and edit all custom IPS and Application Control signatures.
FortiGate conserve mode changes (242562, 386503)
The following changes were made to rework conserve mode and facilitate its implementation:
Webcache-https and SSL deep inspection profile configuration changes (381101)
In older releases, the CLI blocked the configuration of the SSL deep inspection profile when webcache-https was enabled. This bug is fixed in FortiOS 5.6.0.
Web Filter Quota traffic can no longer be set to 0 (374380)
To fix a bug in older major release, the CLI has been changed so that minimum traffic quota does not allow 0 as an entry. The value entered must be in the range of 1 – 4,294,967,295; if 0 is entered, then an error message will be returned.
CLI Commands:
config webfilter profile edit default config ftgd-wf config quota edit 1 set type traffic set value {a number in the range of 1 – 4,294,967,295}
Web Filter profile page GUI updates (309012)
The GUI for the Web Filter security profile and Web Profile Overrides pages are changed.