What’s new in FortiOS 7.0

You already know I like writing about the new features and enhancements in FortiOS. I think it’s important to know the new features because they will be requirements for new projects and they will be interesting for lots of customers. The new FortiOS 7.0 brings lots of new features and enhancements. I can’t write about all of them in this article because there are more than 300 new features across the Fabric. Therefore, I will write about the most interesting features and improvements from my point of view.

The Fortinet Security Fabric has improved with new integrations for comprehensive protection. The Open Fabric Ecosystem has already more than 400 integrated solutions. There are Fabric Connectors and Fabric APIs for AWS, Aruba, Cisco and many more. We can also integrate FortiWeb, FortiDeceptor and FortiTester to the Security Fabric. What’s more, we can even integrate VDOMs in the Security Fabric. In addition, there are improvements in the automation workflow where we can even send notifications vía Microsoft Teams. 

Fortinet Security Fabric

There are some customers who want to block some features in social networks. For instance, they want to allow users to access social networks but they want to block social networks chats. This can already be configured with application control from previous versions. However, FortiOS 7.0 also allow you to block channels from YouTube, Vimeo or Daily Motion throught the new Video Filters. Therefore, we can configure security policies with a lot of granularity.

Video Filtering

There are another interesting feature I really like which allow you to generate automatically a certificate for a device using ACME (Automated Certificate Management Environment). I like because we can configure a Let’s Encrypt Certificate easily for SSL-VPN access. This new feature provides a simplified way for administrators to assign a certificate to the device, without complexities of manully managing certificates.

Let's Encrypt

I always like to write about the changes of subscription services. The FortiGuard Services have changed a little bit. The IPAM service is EoO (End of Order) thus you can’t buy this service anymore. The FortiGuard IoT Detection Service includes an IoT MAC database for device detection (visibility) WiFi access. The new Video Filtering service has been included in the Unified Threat Protection. In addition, FortiCloud SOCaaS is a new service where the Fortinet SOC Team can help you to protect your systems.

FortiGuard Services

There are many more features and improvements. There are also interesting features for wireless networks, NAC and wired networks with FortiSwitches. However, FortiOS 7.0 should be applied just for a non-production environment because we should wait three or four patches to have a stable version for production environments. Meanwhile, FortiOS 6.4 is the best version for your devices.

Have a nice day! Are you ready to test this new version?