What’s new in FortiOS 6.2

You already know that I like reading and testing new features. I wrote about What’s new in FortiOS 5.6, What’s new in FortiOS 6.0 as well as What’s new in BIG-IP version 14.0. Therefore, I’m going to write about What’s new in FortiOS 6.2 where there are lots of new features and interesting enhancements for security engineers. Right now, I usually install FortiOS 6.0 for production firewalls but I think it’s good to know the new features and enhancements because, maybe, we’ll require these new features in the future.

Security Fabrics are increasingly useful when we have more than one Fortinet appliance. For example, FortiOS 6.0 was already able to integrate the firewall with many Fortinet appliances. Consequently, we can see interesting information from FortiView. However, FortiOS 6.2 is also able to integrate the firewall with more Fortinet appliances such as FortiMail and FortiWeb. In addition, there are more FabricConnectors available such as connectors for IP Addresses, Malware hashes and Multi-Cloud.

Security Fabric

SD-WAN is another feature which is getting better. We can already configure an IPsec VPN tunnel with more than one WAN interface against another FortiGate to make an Overlay Tunnel. Therefore VPN bandwidth can be increased easily with multiple Internet links. Traffic Shaping is also improved where we can configure shaping profiles with network requirements for applications such as maximum bandwidth or priority.

SD-WAN - Per Packet WAN Path Steering

 

There are another feature I really like. We can configure only one inspection mode in FortiOS 6.0. we have to choose between Flow-based mode or Proxy-based mode. However, if we want to enable the Web Application Firewall, we’ll need to enable the Proxy-based mode but if we want to configure firewall policies by applications, we’ll need to enable the Flow-based mode. Therefore, we can not have both features, WAF and firewall policies by applications at the same time. FortiOS 6.2 supports both inspection modes at the same time.

Inspection Mode

 

Wireless and Switching improvements have been included in FortiOS 6.2. This new version supports WPA3 and WIFI 6 (802.11ax). For instance, we’ll be able to configure the Transition WPA3 mode which will be useful for wireless networks where there mobile devices that support WPA2 but not WPA3. What’s more, security enhancements have been included to FortiSwitch such as maximum bandwidth and priorities for quarantine VLANs.

Twenty-year timeline of 802.11 standards

 

FortiOS 6.2 have lots of new security features and enhancements which will be very interesting for most companies and security engineers. Today, most FortiGate firewalls run with FortiOS 6.0 but they will run FortiOS 6.2 in the near future.

Regards my friends. Have a nice day ;-)