Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiDeceptor 6.2.0 Release Notes
    6.2.0
    6.2.1
    6.2.0
    6.1.1
    6.1.0
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.3.3
    5.3.2
    5.3.1
    5.3.0
    5.2.2
    5.2.1
    5.2.0
    5.1.0
    5.0.0
    4.3.0
    4.2.0
    4.1.1
    4.1.0
    4.0.2
    4.0.1
    4.0.0
    3.3.3
    3.3.2
    3.3.1
    3.3.0
    3.2.2
    3.2.1
    3.2.0
    3.1.1
    3.1.0
    3.0.2
    3.0.1
    3.0.0
    2.1.0
    2.0.0
    1.1.0
    1.0.1

    What’s new in FortiDeceptor 6.2.0

    What’s new in FortiDeceptor 6.2.0

    The following is a list of new features and enhancements in 6.2.0. For details, see the FortiDeceptor Administration Guide in the Fortinet Document Library.

    New Decoys & Capabilities

    We have the support of the Decoy Customization feature with additional Linux operating systems, including Debian 11.7 and 11.9. The supported services include HTTP, HTTPS, GIT, SAMBA, SSH, SMTP, TCPListener, FTP, Radius, and ICMP.

    Decoy customization module:

    • We have improved the Custom Image feature to allow importing and exporting custom images from the FortiDeceptor. The Export & Import feature supports the transfer of custom images between different FortiDeceptor appliances.
    • We have also improved the ability to re-customize a current custom decoy image by allowing for adjustment of the HDD space, based on the existing custom decoy image.

    New Management Capabilities:

    FortiDeceptor Edge support:
    • We have expanded the FortiDeceptor Edge appliance to support a local FortiDeceptor Manager. Now a single local FortiDeceptor manager can manage hundreds of FortiDeceptor Edge appliances.
    Manager of Manager:
    • We have introduced a new management mode for FortiDeceptors called Manager of Managers. This mode allows centralized management of remote FortiDeceptor managers from a single console. The top-level manager, or TOP CM, will manage all remote FortiDeceptor managers as clients, with a focus on administration, entities, and permission control. The TOP CM will also serve as a proxy console for accessing the remote FortiDeceptor managers.
    Note

    When upgrading Central Managers, you must first upgrade all CM clients to version 6.2.0 before upgrading the CM manager itself to 6.2.0.

    Outbreak vulnerabilities

    We have expanded Outbreak Vulnerability to include the following vulnerabilities:

    • CrushFTP Authentication Bypass Attack: FDC
    • Langflow Unauth RCE Attack: FDC
    • SimpleHelp Support Software Attack: FDC
    • Apache Tomcat RCE: FDC
    • Microsoft .NET Framework Information Disclosure
    • PTZOptics NDI and SDI Cameras Attack: FDC
    • Ivanti Cloud Services Appliance Zero-Day Attack: FDC

    Incident Alerts Reporting

    • We have added support for the MITRE ATT&CK framework, which can be accessed both as a separate menu option and within incident alerts themselves. This provides enhanced visibility into incident alerts on the network. The MITRE ATT&CK framework is a globally recognized knowledge base that categorizes adversary tactics, techniques, and procedures (TTPs) observed in real-world cyber attacks. It serves as a useful tool for cyber security teams to detect, analyze, and defend against threats by mapping security controls to known attacker behaviors.

    Integration

    • We expanded the Integration module to include On-premise FortiAnalyzer using the OFTP protocol and added a new integration with FortiAnalyzer Cloud using the OFTP protocol.

    Deception Tokens

    • We have enhanced the Token Tool package to enable users to upgrade the package directly from the FortiDeceptor Update Server or FortiDeceptor GUI, rather than waiting for a new release.
    • We have added support for filtering by IP address in the Token Campaign page.
    • We have expanded the Lure Resources configuration to allow for the upload of PKCS12/PEM format keys and certificates, with or without a passphrase. These keys and certificates can be applied to any decoy service when using the Decoy Deployment Wizard.

    General

    • We have added support for CEF syslog messages over TLS 1.2 and above.
    • We have enhanced the password complexity policy for automatically generated lures.
    • We continue to improve upon the GUI migration, as well as improving the menu Dashboard and the Custom Decoy Image menu with a Neutrino component.
    • We have improved the password complexity policy support to align with Active Directory requirements when generating lures automatically with the Decoy Deployment Wizard.
    • We are continuing the GUI migration to Neutrino, including pages such as the Deployment Wizard, Deception Token, and Deception OS.
    • We have added support for PROFINET layer 2 packets over UDP with traffic proxy enabling FortiDeceptor Edge to work with the local FortiDeceptor Manager and DAAS platform.
    Previous
    Next

    What’s new in FortiDeceptor 6.2.0

    What’s new in FortiDeceptor 6.2.0

    The following is a list of new features and enhancements in 6.2.0. For details, see the FortiDeceptor Administration Guide in the Fortinet Document Library.

    New Decoys & Capabilities

    We have the support of the Decoy Customization feature with additional Linux operating systems, including Debian 11.7 and 11.9. The supported services include HTTP, HTTPS, GIT, SAMBA, SSH, SMTP, TCPListener, FTP, Radius, and ICMP.

    Decoy customization module:

    • We have improved the Custom Image feature to allow importing and exporting custom images from the FortiDeceptor. The Export & Import feature supports the transfer of custom images between different FortiDeceptor appliances.
    • We have also improved the ability to re-customize a current custom decoy image by allowing for adjustment of the HDD space, based on the existing custom decoy image.

    New Management Capabilities:

    FortiDeceptor Edge support:
    • We have expanded the FortiDeceptor Edge appliance to support a local FortiDeceptor Manager. Now a single local FortiDeceptor manager can manage hundreds of FortiDeceptor Edge appliances.
    Manager of Manager:
    • We have introduced a new management mode for FortiDeceptors called Manager of Managers. This mode allows centralized management of remote FortiDeceptor managers from a single console. The top-level manager, or TOP CM, will manage all remote FortiDeceptor managers as clients, with a focus on administration, entities, and permission control. The TOP CM will also serve as a proxy console for accessing the remote FortiDeceptor managers.
    Note

    When upgrading Central Managers, you must first upgrade all CM clients to version 6.2.0 before upgrading the CM manager itself to 6.2.0.

    Outbreak vulnerabilities

    We have expanded Outbreak Vulnerability to include the following vulnerabilities:

    • CrushFTP Authentication Bypass Attack: FDC
    • Langflow Unauth RCE Attack: FDC
    • SimpleHelp Support Software Attack: FDC
    • Apache Tomcat RCE: FDC
    • Microsoft .NET Framework Information Disclosure
    • PTZOptics NDI and SDI Cameras Attack: FDC
    • Ivanti Cloud Services Appliance Zero-Day Attack: FDC

    Incident Alerts Reporting

    • We have added support for the MITRE ATT&CK framework, which can be accessed both as a separate menu option and within incident alerts themselves. This provides enhanced visibility into incident alerts on the network. The MITRE ATT&CK framework is a globally recognized knowledge base that categorizes adversary tactics, techniques, and procedures (TTPs) observed in real-world cyber attacks. It serves as a useful tool for cyber security teams to detect, analyze, and defend against threats by mapping security controls to known attacker behaviors.

    Integration

    • We expanded the Integration module to include On-premise FortiAnalyzer using the OFTP protocol and added a new integration with FortiAnalyzer Cloud using the OFTP protocol.

    Deception Tokens

    • We have enhanced the Token Tool package to enable users to upgrade the package directly from the FortiDeceptor Update Server or FortiDeceptor GUI, rather than waiting for a new release.
    • We have added support for filtering by IP address in the Token Campaign page.
    • We have expanded the Lure Resources configuration to allow for the upload of PKCS12/PEM format keys and certificates, with or without a passphrase. These keys and certificates can be applied to any decoy service when using the Decoy Deployment Wizard.

    General

    • We have added support for CEF syslog messages over TLS 1.2 and above.
    • We have enhanced the password complexity policy for automatically generated lures.
    • We continue to improve upon the GUI migration, as well as improving the menu Dashboard and the Custom Decoy Image menu with a Neutrino component.
    • We have improved the password complexity policy support to align with Active Directory requirements when generating lures automatically with the Decoy Deployment Wizard.
    • We are continuing the GUI migration to Neutrino, including pages such as the Deployment Wizard, Deception Token, and Deception OS.
    • We have added support for PROFINET layer 2 packets over UDP with traffic proxy enabling FortiDeceptor Edge to work with the local FortiDeceptor Manager and DAAS platform.
    Previous
    Next