What’s New In FortiOS 5.6.1

Controlled failover between wireless controllers

Administrators can now define the role of the primary and secondary controllers on the FortiAP unit, allowing the unit to decide the order in which the FortiAP selects a FortiGate unit and how the FortiAP unit fails over to a backup FortiGate unit if the primary FortiGate Fails. See Controlled failover between wireless controllers on page 68.

FortiView Endpoint Vulnerability chart

A new FortiView chart that tracks vulnerability events detected by the FortiClients running on all devices registered with the FortiGate. See New FortiView Endpoint Vulnerability Scanner chart (378647) on page 61.

FortiClient Profile changes

FortiClient profiles have been re-organized and now use the FortiGate to warn or quarantine endpoints that are not compliant with a FortiClient profile. See FortiClient Profile changes (386267, 375049).

Adding Internet services to firewall policies

Internet service objects can be added to firewall policies instead of destination addresses and services. See Adding Internet services to firewall policies (389951).

Source and destination NAT in a single Firewall policy

Extensions to VIPs support more NAT options and other enhancements. See Combining source and destination NAT in the same policy (388718).

Other highlights

l Application Control is a free service l Real time logging to FortiAnalyzer and FortiCloud l Multiple PSK for WPA Personal (393320) l VXLAN support (289354) l NP6 Host Protection Engine (HPE) to add protection for DDoS attacks (363398) l FortiGate Logs can be sent to syslog servers in Common Event Format (CEF) (300128) l New PPPoE features


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in FortiOS 5.6 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.