Fortinet FortiOS 7.6: What's New?
Fortinet has recently announced FortiOS 7.6, a significant update to the platform that underpins a vast array of their security products.
The latest iteration of FortiOS reflects key trends within the cybersecurity landscape. So here's a recap.
Tool Consolidation
As the complexity of security environments grows, the industry is placing greater emphasis on tool consolidation. This approach is increasingly recognized as crucial for reducing complexity and managing the expanding array of endpoint functionalities—ranging from VPNs and antimalware to Privileged Access Management (PAM)—which often exceed the capabilities of in-house teams and can impact the performance of employee devices.
Reflecting these trends, FortiOS 7.6 has integrated Endpoint Detection and Response (EDR) capabilities into FortiClient. This enhancement brings ransomware protection, behavior-based detection, and automated response mechanisms into the fold. The Unified Agent, also known as FortiClient, already includes a suite of features including Zero Trust Network Access (ZTNA), VPN/Secure Access Service Edge (SASE), Endpoint Protection Platform (EPP), vulnerability assessment, telemetry, PAM, and Network Access Control (NAC), making this move a welcome step towards curbing tool sprawl.
The endpoint agent plays a pivotal role in the deployment of SASE architectures. As organizations increasingly adopt cloud-based resources and support hybrid work models, the demand for cloud-delivered and cloud-based security solutions surges. FortiOS 7.6 enriches the SASE platform with additional Data Loss Prevention (DLP) capabilities, remote browser isolation, digital experience monitoring, and other functionalities typically associated with an integrated Secure Service Edge (SSE) and Software-Defined Wide Area Network (SD-WAN) solution managed as SaaS.
Managed Services on the Rise
The task of deploying and managing public-facing devices is becoming more challenging, particularly in the face of relentless zero-day vulnerabilities that leave significant security gaps, even for well-equipped teams. Recognizing this, Fortinet is enhancing its managed security services to bridge these gaps, offering Managed SASE/ZTNA, Managed FortiGate Service, and an improved Security Operations Center as a Service (SOCaaS).
AI-Driven SOC Productivity
The detection, prevention, and remediation of threats remain daunting tasks for SOC teams, often consuming excessive amounts of time. To address this, generative AI is being increasingly utilized. FortiOS 7.6 introduces several improvements in this area. The integration of FortiAI and FortiAnalyzer offers advisory support during incidents, aiding in faster decision-making and efficient actions such as specific report queries or event handling.
Additionally, FortiAnalyzer, the data lake component of the platform, now features “light” SIEM and SOAR capabilities, alongside risk and security posture management tools.
Overall, Fortinet seems to be tracking the macro trends in the security industry, reflecting the growing challenges most organizations now face. The key themes are worth repeating: tool consolidation (endpoint and SASE), generative AI for productivity improvement and managed services to address security gaps.
For more information on the functionalities of FortiOS 7.6, see Fortinet’s press release and white paper.