Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.2.3
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiEDR/XDR 7.2.3 Release Notes
    7.2.3
    7.2.3
    7.2.1
    7.2.0
    7.0.0
    6.2.0
    6.0.0
    5.2.1
    5.2.0
    5.1.0
    5.0.3
    5.0.2
    5.0.1
    4.2.2
    4.1.1
    4.1.0

    What's new

    What's new

    The FortiEDR 7.2.3 GA build includes the following features, enhancements, and changes:

    On-premise deployment in air-gapped environments

    FortiEDR 7.2.3 adds support for on-premise deployment in air-gapped environments. You can download the required deployment files at the Fortinet Support website using an Internet-connected system and transfer the files to the air-gapped (isolated) environment using approved removable media. See the FortiEDR Administration Guide for more information.

    New AV Signature policy

    To support OT and segmented environments that require controlled update windows, FortiEDR 7.2.3 adds the new AV Signature policy (under Profiles > Security > Security Content Update), which defines when and how Collector groups download AV signatures for each type (Active, Extended, Extreme, and URL DB) based on time-based rules and time zones. You can also manually upload and manage AV signatures using the Content Manager button at the top-right corner in hoster view, which is particularly useful for air-gapped environments.

    Defining Collector behavior in specific operating modes

    FortiEDR7.2.3 adds the new Collector Settings policy (under Profiles > Security > Collector Settings), which defines how Collectors behave in specific operating modes. For example, you can configure a policy to close all active network connections (in addition to new connections) for Collectors entering isolation mode . You can also configure a schedule for OTI upgrade for specific Collector groups.

    Improvement to the File Encryptor rule for the Ransomware Prevention policy Windows Collector 6.2 or later

    The File Encryptor rule for the Ransomware Prevention policy now includes the High-Sensitivity Mode toggle that you can disable to reduce false positives.

    Enabled The whole computer is protected. Enable this option for debugging purposes only.
    Disabled (Recommended) Only critical files and paths are protected (to reduce false positives).

    This toggle is disabled by default on newly installed Windows Collectors 6.2+. For Windows Collectors 6.2+ upgraded from older versions, you must manually disable the High-Sensitivity Mode option to take advantage of this feature.

    New color scheme of the Central Manager console

    The FortiEDR 7.2.3 Central Manager console use a new green color scheme for consistency with other Fortinet endpoint products:

    Previous
    Next

    What's new

    What's new

    The FortiEDR 7.2.3 GA build includes the following features, enhancements, and changes:

    On-premise deployment in air-gapped environments

    FortiEDR 7.2.3 adds support for on-premise deployment in air-gapped environments. You can download the required deployment files at the Fortinet Support website using an Internet-connected system and transfer the files to the air-gapped (isolated) environment using approved removable media. See the FortiEDR Administration Guide for more information.

    New AV Signature policy

    To support OT and segmented environments that require controlled update windows, FortiEDR 7.2.3 adds the new AV Signature policy (under Profiles > Security > Security Content Update), which defines when and how Collector groups download AV signatures for each type (Active, Extended, Extreme, and URL DB) based on time-based rules and time zones. You can also manually upload and manage AV signatures using the Content Manager button at the top-right corner in hoster view, which is particularly useful for air-gapped environments.

    Defining Collector behavior in specific operating modes

    FortiEDR7.2.3 adds the new Collector Settings policy (under Profiles > Security > Collector Settings), which defines how Collectors behave in specific operating modes. For example, you can configure a policy to close all active network connections (in addition to new connections) for Collectors entering isolation mode . You can also configure a schedule for OTI upgrade for specific Collector groups.

    Improvement to the File Encryptor rule for the Ransomware Prevention policy Windows Collector 6.2 or later

    The File Encryptor rule for the Ransomware Prevention policy now includes the High-Sensitivity Mode toggle that you can disable to reduce false positives.

    Enabled The whole computer is protected. Enable this option for debugging purposes only.
    Disabled (Recommended) Only critical files and paths are protected (to reduce false positives).

    This toggle is disabled by default on newly installed Windows Collectors 6.2+. For Windows Collectors 6.2+ upgraded from older versions, you must manually disable the High-Sensitivity Mode option to take advantage of this feature.

    New color scheme of the Central Manager console

    The FortiEDR 7.2.3 Central Manager console use a new green color scheme for consistency with other Fortinet endpoint products:

    Previous
    Next