Fortinet 5.0 Patch 6 Whats new

Fortinet 16 FortiWeb 5.0 Patch 6 Administration Guide

What’s new

The list below contains features new or changed since FortiWeb 5.0. For upgrade information,

see the Release Notes available with the firmware and “Updating the firmware” on page 77.

FortiWeb 5.0 Patch 6

• No new features. Bug fixes only.

FortiWeb 5.0 Patch 5

•RADIUS vendor-specific attributes for access profiles — If your administrator accounts

authenticate via a RADIUS query, you can assign their access profile using RFC 2548

Microsoft Vendor-specific RADIUS Attributes. See Access Profile in “Administrators” on

page 212 and “Configuring RADIUS queries” on page 233.

FortiWeb 5.0 Patch 4

•Bulk edits for parameter validation rules — Rather than individually editing each rule, you

can now replace the Action, Trigger Policy, and/or Severity of multiple rules simultaneously.

See “Bulk changes to input validation rules” on page 428.

•Namibian time zone support — System time and date settings now support the Namibian

time zone. See “Setting the system time & date” on page 91.

FortiWeb 5.0 Patch 3

• No new features. Bug fixes only.

FortiWeb 5.0 Patch 2

•Hidden fields protection for HTTPS — You can now use the Fetch URL dialog in the GUI to

help you tamper-proof hidden inputs in HTTPS requests. See “Preventing tampering with

hidden inputs” on page 430.

•Indicating original service to back-end servers— When offloading SSL/TLS, you can now

use an HTTP X-header to indicate to back-end web servers that the original client’s request

was, in fact, encrypted. See “Indicating to back-end web servers that the client’s request

was HTTPS” on page 269.

•More Microsoft file types for file upload restrictions — There are now signatures

specifically for Microsoft Office Open XML file types such as .docx. See “Limiting file

uploads” on page 451.

•Per CPU SNMP queries— You can now monitor the usage of each CPU in multi-CPU

appliances. See “MIB support” on page 586.

•NMI and COMlog support — FortiWeb 3000D, 3000DFsx, and 4000D models that have

NMI buttons now have firmware support. This can be useful for carriers that require

extensive debugging capabilities. See your model’s QuickStart Guide and the FortiWeb NMI

& COMlog Technical Note.

•RAM-only traffic log support — To reduce wear and tear on your hard disks when you

require traffic logs, you can now disable hard disk storage of traffic logs and use RAM only.

See the FortiWeb CLI Reference.