If you are using a FortiAnalyzer in any capacity, go ahead and upgrade to 5.4. You will be thankful!
There are some things you need to take note of though before proceeding:
- in 5.4, Fortinet changed the raw log / SQL design and support per vdom log file and also quota is now ADOM based, so a rebuild of SQL db is needed.
What’s new in FortiAnalyzer version 5.4.0
The following is a list of new features and enhancements in FortiAnalyzer version 5.4.0.
- New GUI look
- Remote SQL database deprecated
- Device support improvements
- Log forwarding improvements
- Log storage improvements
- Fetch offline logs
- FortiClient improvements
- FortiView improvements
- Reports improvements
- Improved Event Management usability
- Added Factory Reset option to Event Handler
- Improved Action and Security Action for the Traffic Log
- Improved HA Conversion efficiency
- Correlated FortiClient Logs with FortiOS Logs for Application Detection
- Added logging support for FortiDDoS l JSON API Syntax Validation for Report Configuration
- Added SSN/Credit DLP Charts
- PCI DSS Compliance Report
- Added View Related Logs Option in FortiView
- Added the ability to clone a chart from report layout
- Added options for chart import and export l Added CVE Information to FortiView and Reports
- Supporting EMS Managed Endpoint Logs
- Support FortiOS Web Application Firewall (WAF) and GTP Logs
Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!