FortiOS IPS Engine version 3.443


This document provides the following information for FortiOS IPS Engine version 3.443.

Bug ID Description
443479 Support for FortiSandbox Sniffer user defined file extensions.

l What’s New in IPS Engine 3.443 l Product Integration and Support l Resolved Issues

For additional FortiOS documentation, see the Fortinet Document Library.

What’s New in IPS Engine 3.443

Product Integration and Support

Fortinet Product Support

The following table lists IPS engine product integration and support information:

FortiOS 5.2.0 and later

5.4.0 and later

5.6.0 and later

FortiClient 5.4.0 and later (Windows and Mac)

5.6.0 and later (Windows and Mac)



Resolved Issues

The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Customer Service & Support.

Bug ID Description
446858 Fixed a crash caused by a NULL pointer de-reference.


Fixed two SSL deep inspection bugs.
444268 Fix IPS engine high CPU usage caused by TCP RST packets with data.
444811 Fix a crash in the IPS HTTP decoder on some proxy traffic. Fixed IPS_CONTEXT_URI_ DECODED context field_start and field_end value for proxy traffic.
440277 Fixed a random detection miss, and a random crash in SSL packet scanning.
411415 Support session clearing by VDOM.
379449 Updated the Brotli library to match the version used by Chromium 61.
450442 Fixed crashes caused by configuration errors in IPS sensors.
444237 Fixed two bugs in the SMB2 decoder that may cause high memory usage.
403562 Fixed a bug that could cause FortiOS to enter conserve mode because of memory corruption.
451677 Fixed a bug that caused the IPS engine to incorrectly identify Phoenix PACS traffic as BitTorrent traffic.
451763 Fixed a bug that caused the IPS engine to drop STUN packets because they were identified as partial SSL records.
460391 Fix crashes in the update_ftp_scan_ret function.
448646 Fix high CPU usage caused by retransmission bugs.


Fixed a bug that caused the ERR_SSL_DECRYPT_ERROR_ALERT message when SSL deep scanning is enabled.
This entry was posted in Administration Guides, Release Notes and tagged on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.