Fortinet black logo

Handbook

Home FortiADC 7.0.0 Handbook

Chapter 1: What's New

7.0.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.1.4
7.1.3
7.1.2
7.1.1
7.1.0
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.1.6
6.1.5
6.1.4
6.1.3
6.1.2
6.1.1
6.1.0
6.0.1
6.0.0
5.4.3
5.4.2
5.4.1
5.4.0
5.3.6
5.3.5
5.3.4
5.3.3
5.3.2
5.3.1
5.3.0
5.2.7
Copy Link
Copy Doc ID 488cf093-83af-11ec-a0d0-fa163e15d75b:190300
Download PDF

Chapter 1: What’s New

This chapter lists features and enhancements introduced in the FortiADC 7.0.0 release.

Load Balance

FTPS virtual server support

FortiADC now supports FTPS (File Transfer Protocol Secure) for virtual servers through the new Security Mode options for the FTP application profile type.

Increased secure communication between GSLB and SLB to prevent MITM attacks

To protect against MITM attacks, communication between GSLB and SLB can now be further secured by implementing root CA verification so that only the same set of certification and CA may pass.

Share IP address with SNAT and virtual servers

You can now enable the SNAT across the firewall, L4 VS and L7 VS to use the same IP address, while maintaining different port ranges.

SAML enhancements
  • SAML Service Providers metadata can now be exported through the Web UI.
  • You can now use the AuthNRequest algorithm to allow FortiADC to sign the SAML authentication request.
  • The Assertion Require Sign configuration object has been added to support Sign SAML Assertion.
  • The Single Logout Binding Type now supports “redirect”.
Layer 4 virtual server debug support

The new diagnose debug flow commands allows you to get the debug information of specific Layer 4 virtual servers.

Security

WAF exceptions enhancement

New WAF exception rule types have been added: HTTP Method, HTTP Header, Cookie, and Parameter.

IP Reputation now includes ISDB IPs

The FortiADC IP Reputation will now use Internet Services DB (ISDB) which is dependent on the FortiGuard IP Reputation service.

System

FortiGuard delta package download support

FortiADC now supports delta package downloads mode for AV DB from FortiGuard.

HSM FIPS support

You can now enable FIPS support in the HSM server to use a FIPS-certification HSM.

Automated Certificate Management Environment (ACME) support

The ACME protocol is a communications protocol for automating interactions between certificate authorities and their users' web servers. FortiADC will support the ACME protocol to get SSL certificates through certificate authorities like Let’s Encrypt.

Unicast HA support for FortiADC-VM KVM image

FortiADC now supports HA VRRP Unicast mode in KVM.

GUI

Login navigation page enhancement

The Login navigation page will now guide users to set up the readable hostname and change the default password in their initial login.

GUI enhancements

The following enhancements are made in the GUI:

  • In the Dashboard, the hover tooltip will show completely when the graph is on the first row.
  • “No Data” is displayed when there is no available data for a chart.
  • Graphs now dynamically scale according to the window size.
  • In the FortiView Security Aggregate Log, graph titles have been added.
  • In the FortiView System Automation page, table list items will show 25 entries per page as the default option.
  • For Security Fabric objects, a check mark will be visible when hovering over a selection.
Previous
Next

Chapter 1: What’s New

This chapter lists features and enhancements introduced in the FortiADC 7.0.0 release.

Load Balance

FTPS virtual server support

FortiADC now supports FTPS (File Transfer Protocol Secure) for virtual servers through the new Security Mode options for the FTP application profile type.

Increased secure communication between GSLB and SLB to prevent MITM attacks

To protect against MITM attacks, communication between GSLB and SLB can now be further secured by implementing root CA verification so that only the same set of certification and CA may pass.

Share IP address with SNAT and virtual servers

You can now enable the SNAT across the firewall, L4 VS and L7 VS to use the same IP address, while maintaining different port ranges.

SAML enhancements
  • SAML Service Providers metadata can now be exported through the Web UI.
  • You can now use the AuthNRequest algorithm to allow FortiADC to sign the SAML authentication request.
  • The Assertion Require Sign configuration object has been added to support Sign SAML Assertion.
  • The Single Logout Binding Type now supports “redirect”.
Layer 4 virtual server debug support

The new diagnose debug flow commands allows you to get the debug information of specific Layer 4 virtual servers.

Security

WAF exceptions enhancement

New WAF exception rule types have been added: HTTP Method, HTTP Header, Cookie, and Parameter.

IP Reputation now includes ISDB IPs

The FortiADC IP Reputation will now use Internet Services DB (ISDB) which is dependent on the FortiGuard IP Reputation service.

System

FortiGuard delta package download support

FortiADC now supports delta package downloads mode for AV DB from FortiGuard.

HSM FIPS support

You can now enable FIPS support in the HSM server to use a FIPS-certification HSM.

Automated Certificate Management Environment (ACME) support

The ACME protocol is a communications protocol for automating interactions between certificate authorities and their users' web servers. FortiADC will support the ACME protocol to get SSL certificates through certificate authorities like Let’s Encrypt.

Unicast HA support for FortiADC-VM KVM image

FortiADC now supports HA VRRP Unicast mode in KVM.

GUI

Login navigation page enhancement

The Login navigation page will now guide users to set up the readable hostname and change the default password in their initial login.

GUI enhancements

The following enhancements are made in the GUI:

  • In the Dashboard, the hover tooltip will show completely when the graph is on the first row.
  • “No Data” is displayed when there is no available data for a chart.
  • Graphs now dynamically scale according to the window size.
  • In the FortiView Security Aggregate Log, graph titles have been added.
  • In the FortiView System Automation page, table list items will show 25 entries per page as the default option.
  • For Security Fabric objects, a check mark will be visible when hovering over a selection.
Previous
Next