Fortinet black logo

Administration Guide

Home FortiIsolator 2.4.0 Administration Guide
2.4.0
2.4.4
2.4.3
2.4.2
2.4.1
2.4.0
2.3.4
2.3.1
2.3.0
2.2.0
2.1.2
2.1.1
2.1.0
2.0.1
2.0.0
1.2.2
1.2.1
1.2.0
1.1.0

New in this release

New in this release

FortiIsolator version 2.4.0 includes the following new features:

High Availability (HA) support for AWS VMs

You can now configure AWS VMs that are built on the Nitro system to work in High Availability (HA) mode. For more information about configuration in HA mode, see Configuring IP mapping in HA mode.

Support for SNMP v3

FortiIsolator 2.4.0 adds support for SNMP v3 which provides authentication and encryption capabilities. For more information about how to authenticate and encrypt SNMP v3 connection with FortiIsolator, see SNMP.

Enhancements to certificate support

FortiIsolator 2.4.0 has the following enhancements to certificate support:

  • You can now import a self-signed CA root certificate (root_ca.crt) to the FortiIsolator, which is the origin of a certificate chain that all subordinate certificates stem from. When a self-signed CA root certificate (root_ca.crt) and the whole chain of subordinate certificates are uploaded on FortiIsolator, you need to install only the lowest level subordinate certificate in your browser.
  • You can now import certificates with password, certificates in PKCS12 format, and/or certificates that bundle with a key file.
  • The Isolator CA Certificate row is no longer available under System > Certificate, which reduces confusion as the Isolator CA Certificate is exclusive to Local Certificate, which means only one can be in effect.

For more information about certificates, see Certificates.

System upgrade using CLI

You can now use the following CLI command to upgrade the system:

system-upgrade {tftp|ftp} <path> <server> [:<port>] [<user>:<password>]

For more information about the different ways to upgrade the system, see Upgrade.

Authorization cookie lifetime configuration

When creating a new or default policy under Policies and Profiles, use the Auth Cookie Lifetime field to define how long the authorization cookie is active before it expires and the user needs to re-login. This setting does not take effect when the user is in guest mode. For more information, see Policy and Default policy.

Previous
Next

New in this release

FortiIsolator version 2.4.0 includes the following new features:

High Availability (HA) support for AWS VMs

You can now configure AWS VMs that are built on the Nitro system to work in High Availability (HA) mode. For more information about configuration in HA mode, see Configuring IP mapping in HA mode.

Support for SNMP v3

FortiIsolator 2.4.0 adds support for SNMP v3 which provides authentication and encryption capabilities. For more information about how to authenticate and encrypt SNMP v3 connection with FortiIsolator, see SNMP.

Enhancements to certificate support

FortiIsolator 2.4.0 has the following enhancements to certificate support:

  • You can now import a self-signed CA root certificate (root_ca.crt) to the FortiIsolator, which is the origin of a certificate chain that all subordinate certificates stem from. When a self-signed CA root certificate (root_ca.crt) and the whole chain of subordinate certificates are uploaded on FortiIsolator, you need to install only the lowest level subordinate certificate in your browser.
  • You can now import certificates with password, certificates in PKCS12 format, and/or certificates that bundle with a key file.
  • The Isolator CA Certificate row is no longer available under System > Certificate, which reduces confusion as the Isolator CA Certificate is exclusive to Local Certificate, which means only one can be in effect.

For more information about certificates, see Certificates.

System upgrade using CLI

You can now use the following CLI command to upgrade the system:

system-upgrade {tftp|ftp} <path> <server> [:<port>] [<user>:<password>]

For more information about the different ways to upgrade the system, see Upgrade.

Authorization cookie lifetime configuration

When creating a new or default policy under Policies and Profiles, use the Auth Cookie Lifetime field to define how long the authorization cookie is active before it expires and the user needs to re-login. This setting does not take effect when the user is in guest mode. For more information, see Policy and Default policy.

Previous
Next