Contactez-nous

Tél. +33 2 85 52 08 00

Blog

Le blog des experts Ironie

Accueil du blog

Catégories

Derniers articles

Mise à jour FortiSASE : 26.2.1

Bonjour,

Vous trouverez ci-dessous les dernières nouveautés de l’offre FortiSASE, qui arrive à partir du 16/06 en version 26.2.1

Scope

Anticipated Impact: Potential for short interruption of customer instances and configuration portal during the window.

The Operations team will be installing a rolling software update. There is potential for short connectivity impact (approximately ~1-2 minutes) for each customer instance and the configuration portal while these components are updated. No other impact on service delivery is expected.

Tenant upgrades to 26.2.1 will be processed Tuesday, June 16th through Thursday, June 18th. Upgrades will follow your assigned maintenance window, consistent with prior scheduled maintenances. Customers who have configured a preferred maintenance window in the FortiSASE portal will be upgraded during their selected hours. For details on maintenance window scheduling, see:

https://docs.fortinet.com/document/fortisase/latest/administration-guide/190872/appendix-e-monthly-maintenance

For Feature release

  • Integrated FortiCASB-SSPM basic cloud access security broker (CASB) management and advanced SaaS security posture management (SSPM) into FortiSASE for secure SaaS access. A FortiSASE SSPM Protection add-on subscription is required to integrate with several SaaS applications via connectors and to access advanced SSPM features.
  • Granular control of pre-logon tunnels has been implemented through Secure Private Access (SPA) and Secure Internet Access (SIA) policy management.
  • Added support for LDAP user authentication with IPsec agent tunnels for both Windows and macOS using the EAP for LDAP authentication setting. This setting is only supported on instances supporting FortiClient 7.4.
  • Security PoPs can be created, disabled/enabled, decommissioned, and migrated in the Operations > Infrastructure page.
  • A FortiClient 7.4.7 ARM installer for Windows is available for endpoint onboarding.
  • In Endpoint management > Endpoint profiles, the On connect script and On disconnect script fields allow the entry of Windows and macOS scripts that will trigger actions when connecting to or disconnecting from Secure Internet Access (SIA), IPsec, or SSL tunnels.
  • The Security PoP icons and naming convention have been updated to the format City, State (Country) when provisioning a FortiSASE instance and in Operations > Infrastructure. When selecting an entry, hover over the Security PoP name to see more details.
  • Added support for bring your own device (BYOD) enrollment to a mobile device management (MDM) platform used for installing FortiClient and automatically provisioning a ZTNA client certificate to a device. Currently, only iOS mobile devices are supported with the Intune and JAMF platforms.
  • When FortiPAM integration is enabled, added support for adding the FortiPAM agent to the FortiClient installer available on the FortiSASE portal. Also, when FortiPAM integration is disabled in FortiSASE, added support for removing the FortiPAM agent from the FortiClient installer and for removing the FortiPAM browser extension.
  • Improved usability of the Connection tab in an endpoint profile to clearly indicate that local LAN access options apply when connected to a tunnel and that the network lockdown option applies when not connected to a tunnel.
  • Added option for administrators to override global FortiSASE Cloud Security Tunnel encapsulation to IPsec over TCP via endpoint profile. This allows for IPsec remote user connectivity in cases when Auto option for FortiSASE Cloud Security Tunnel encapsulation is not working since initial IKE negotiation over UDP works fine but ISP blocks UDP ports 500/4500 so fail back to TCP never occurs.
  • For new instances or existing instances provisioned in 25.4.c Feature or later supporting FortiClient 7.4, added support for the Show Vulnerability Popup toggle that allows administrators to control whether a vulnerability scan summary popup is shown when a scan finds vulnerabilities on a given endpoint.
  • Updated support for Fortinet security PoPs: Burnaby – Canada.


For Mature release

  • The Security PoP icons and naming convention have been updated to the format City, State (Country) when provisioning a FortiSASE instance. When selecting an entry, hover over the Security PoP name to see more details.
  • Updated support for Fortinet security PoPs: Burnaby – Canada.
  • Mature to Feature migrations: For selected customer Mature instances, migration to Feature is being incrementally deployed. These customers will receive a notification in the FortiSASE portal in advance. If no action is taken by the week of July 20, 2026, remaining Mature instances will be automatically migrated during a maintenance window to be scheduled shortly thereafter. For details on migrating earlier, see the Mature Admin Guide, specifically, the FAQs > Mature to Feature migration topic or the System > Software audit & version > New major features available topic.

Documentation

For further information on what’s new: https://docs.fortinet.com/document/fortisase/latest/release-notes/661728/whats-new

Catégories de ce billet :