If you are using a FortiAnalyzer in any capacity, go ahead and upgrade to 5.4. You will be thankful!
There are some things you need to take note of though before proceeding:
- in 5.4, Fortinet changed the raw log / SQL design and support per vdom log file and also quota is now ADOM based, so a rebuild of SQL db is needed.
What’s new in FortiAnalyzer version 5.4.0
The following is a list of new features and enhancements in FortiAnalyzer version 5.4.0.
- New GUI look
- Remote SQL database deprecated
- Device support improvements
- Log forwarding improvements
- Log storage improvements
- Fetch offline logs
- FortiClient improvements
- FortiView improvements
- Reports improvements
- Others
- Improved Event Management usability
- Added Factory Reset option to Event Handler
Introduction
- Improved Action and Security Action for the Traffic Log
- Improved HA Conversion efficiency
- Correlated FortiClient Logs with FortiOS Logs for Application Detection
- Added logging support for FortiDDoS l JSON API Syntax Validation for Report Configuration
- Added SSN/Credit DLP Charts
- PCI DSS Compliance Report
- Added View Related Logs Option in FortiView
- Added the ability to clone a chart from report layout
- Added options for chart import and export l Added CVE Information to FortiView and Reports
- Supporting EMS Managed Endpoint Logs
- Support FortiOS Web Application Firewall (WAF) and GTP Logs