See below for the detailed notes for 7.11.0. Need the latest build? Download Indeni.

Platform

New Features

• Curated sample Grafana device dashboards
  • FRONT-3773 FortiGate Grafana device dashboard
  • FRONT-3775 CHKP VSX Grafana device dashboard
  • FRONT-3776 CHKP Mgt Server Grafana device dashboard
  • FRONT-3777 Panorama Grafana dashboard
  • FRONT-3789 CHKP Gateway Grafana device dashboard updated
• IS-5138 FortiGate – Add support of HTTP for non-VDOM devices
• IS-5142 FortiGate – Add support for REST API cookies update every few hours

Front

New Features

• FR-126 CHKP – add graph for ‘Firewall virtual memory usage’
• FR-226 LDAP integration – support FQDN for the Service Endpoint
• FR-235 Uptime Percentage Report
• FR-236 Ability to suspend alerting but not monitoring

Bug Fixes

• FRONT-3779 Custom Reports- sending e-mail now before “save” uses the previous configuration
• FRONT-3780 Device Suspension Timer – fix support for TZ differences
• FRONT-3782 Remove references to CIS Benchmark
• FRONT-3785 SSO SAML – set identifierFormat default to email (was: unspecified)

Knowledge

New Features

• FR-117 PAN – Add an alert for packet descriptor (on-chip) maximum threshold check
• IKP-4648 PAN – Add an alert for ‘packet buffer (maximum)’
• IKP-4673 PAN – create a rule to monitor “Policy Based Forwarding Rule” (PBF)
• IKP-4644 CHKP – interface_tx_rx_util_percentage_checkpoint ATE – add support for VSX
• Uplift Fortinet FortiGate support
  • IKP-4612 FortiGate – IPS extended database package is not enabled
  • IKP-4613 FortiGate – The device is in conserve mode
  • IKP-4614 FortiGate – FortiGuard services last update
  • IKP-4615 FortiGate – DoS IPv4 is not configured
  • IKP-4616 FortiGate – Top 5 memory processes
  • IKP-4617 FortiGate – Top 5 socket memory processes
  • IKP-4618 FortiGate – Top 5 active file descriptors processes
  • IKP-4619 FortiGate – Session status and statistics
  • IKP-4666 FortiGate – Hardware & Software EOS
  • IKP-4670 FortiGate – add licensing tags

Bug Fixes

• IKP-4655 End-of-Support dates – verify and update for all supported vendors
• IKP-4624 Security risk ADE should not be classified as critical alerts
• IKP-4649 ASA – asa_coredump.py fix assertion in cross_vendor_core_dump_created rule
• IKP-4646 ASA – asa-ipsec-pkts – remove the ind because it generates issues with huge number of items
• IKP-4607 ASG – g_all_vsx_stat_l.py – parser error due to “Unknown” values
• IKP-4664 CHK – cplic-print-nomds.parser.1.awk – avoid reporting duplicate items
• IKP-4663 CHKP – check_configuration.py – parser error on command failure
• IKP-4608 CHKP – cphaprob_a_if_no_vsx.py – parser error
• IKP-4623 CHKP – cross_vendor_log_servers_not_communicating_parser.py – collect_routing_interface error on “ip route get” format
• IKP-4622 CHKP – Required Interfaces not recognizing VS bond interfaces
• IKP-4647 CHKP – VSX Interface nearing max Tx thruput reporting 150k+% capacity
• IKP-4603 CHKP – SecureXL Fast Accelerator tables do not match across cluster members
• IKP-4659 FortiGate – fortios-diagnose-sys-logdisk-usage – parsing error
• IKP-4611 FortiGate – fortios-get-ipsec-tunnel-list parsing error on empty table
• IKP-4668 FortiGate – Device Info does not show “Network Interfaces – [RT]x Bits” correctly
• IKP-4595 PAN – add support for Packet Descriptor (on-chip) (maximum), cpu cores
• IKP-4620 PAN – Core dump files found – filter temporary files
• IKP-4660 PAN – improved remediation step for Packet Descriptor (on-chip) (maximum), cpu cores
• IKP-4643 PAN – panos-show-jobs-all – XML parsing of large input is causing high CPU load on the Indeni server
• IKP-4621 PAN – show_system_state_filter_sys_s_p – parser error when “setting: auto”
• IKP-4661 PAN – url_cloud_not_connected_paloaltonetworks – failing to parse “<request><resolve><address>”correctly
• IKP-4662 Rule – CheckPointSecureXLDisabledNoVsxRule.yaml – error when running for VSX device
• IKP-4656 Rule – cross_vendor_packet_drops – friendly name “counters increasing” should be “All Devices: Packet drop counters increasing”