Special Notices
This section highlights some of the operational changes that administrators should be aware of in FortiAnalyzer version 6.2.0.
Port 8443 reserved
Port 8443 is reserved for https-logging from FortiClient EMS for Chromebooks.
All OFTP connections must be encrypted for FortiAnalyzer 6.2.0 (or higher)
Prior to upgrading to FortiAnalyzer 6.2, make sure that all FortiGate devices are configured to use encryption when communicating with FortiAnalyzer. Starting with FortiAnalyzer 6.2.0, all OFTP communications must be encrypted.
Hyper-V FortiAnalyzer-VM running on an AMD CPU
A Hyper-V FAZ-VM running on a PC with an AMD CPU may experience a kernel panic. Fortinet recommends running VMs on an Intel-based PC.
SSLv3 on FortiAnalyzer-VM64-AWS
Due to known vulnerabilities in the SSLv3 protocol, FortiAnalyzer-VM64-AWS only enables TLSv1 by default. All other models enable both TLSv1 and SSLv3. If you wish to disable SSLv3 support, please run:
config system global
set ssl-protocol t1sv1
end
Pre-processing logic of ebtime
Logs with the following conditions met are considered usable for the calculation of estimated browsing time:
Traffic logs with logid
of 13
or 2
, when logid == 13
, hostname
must not be empty. The service
field should be either HTTP
, 80/TCP
or 443/TCP
.
If all above conditions are met, then devid
, vdom
, and user
(srcip
if user
is empty) are combined as a key to identify a user. For time estimation, the current value of duration
is calculated against history session start and end time, only un-overlapped part are used as the ebtime
of the current log.