OK, so 6.2 is out there now, and it’s packed with new features that further enhance the security capabilities of the Fortinet portfolio. 6.2 also has some implications for the FortiGate 200D, which we’ll cover in another blog, but for now, lets take a look a the top 6 new enhancements in FortiOS 6.2:
- FortiADC — Fortinet’s Application Delivery Controller offers customers integration with FortiGuard AV and FortiSandbox to selectively scan files for malicious content. Note: FortiADC is integrated with FortiGate Dashboards offering the following visibility widgets: system information, server availability and statistics, and network topology.
- FortiToken — Fortinet’s Identity and Access Management has been expanded to include FortiToken Cloud, which represents Fortinet’s entry into the Identity-as-a-Service market. It has been designed to address the increasing need to secure access to critical data and applications in today’s world of vanishing network perimeters by augmenting standard user name and password authentication with a secondary challenge via a token.FortiToken Cloud has an easy-to-use interface that can be accessed anywhere there is an internet connection, and provides everything an organization needs to deploy two-factor authentication in their FortiGate environment—including the tokens themselves through our FortiToken Mobile product.
- FortiCASB — The new Forti-CASB Cloud (cloud access security broker) dashboards can be viewed from FortiOS through the FortiView FortiGate extension and is offering security architects a variety of pluggable dashboards that provide visibility into public cloud security dashboards.
- FortiDDoS — Extensions for Fortinet’s Distributed Denial of Service protection solution provides FortiView Dashboard integration of three new Traffic and Attack Graph widgets that provide a quick visual indication of attacks and any effect that they are having on traffic; four new Attack Table widgets that provide detailed attack information; and eight new System Information widgets that show system performance and status information.
- FortiNAC — Enhancements to Fortinet’s Network Access Control solution focuses on three critical elements.
Enhanced Visibility – FortiNAC includes two more profiling methods—WMI (Windows Management Interface) and WinRM (Windows Remote Management)—that increase the amount of information FortiNAC collects on certain devices, leading to better profiling. This information can also be gathered as serial numbers, which assists with policy creation and enforcement.
Expanded Fabric Integration – In addition to existing support for FortiGate, FortiSIEM, FortiSwitch, and FortiAP, this new release adds integrations with FortiAnalyzer and FortiClient EMS. These enable FortiNAC to feed information to the reports created by FortiAnalyzer and utilize information from FortiClient for enhanced visibility into clients.
Intent-Based Segmentation for Devices – Enhanced integration enables the passing of tag information from FortiNAC to FortiGate. This allows FortiNAC to automatically apply tags to devices as they are profiled, and then pass them to the FortiGate for enforcement of tag-based policies, thereby enabling intent-based segmentation.
- VDOM — Fortinet’s offers new functionality of split-task Virtual Domain to easily separate and isolate inline protection from security management traffic. This functionality is available by default for all flavors of FortiGate-VM, including the VMv series and all public cloud instances.
We’ll be covering some of these features in-depth over the coming weeks, so keep an eye on the blog. In the meantime, if you’d like more information on these features, please feel free to contact us.