Release Notes FortiClient (Linux) 7.0.3 - Amazon AWS

 
CONTINUE READING
Release Notes FortiClient (Linux) 7.0.3 - Amazon AWS
Release Notes
FortiClient (Linux) 7.0.3
FORTINET DOCUMENT LIBRARY
https://docs.fortinet.com

FORTINET VIDEO GUIDE
https://video.fortinet.com

FORTINET BLOG
https://blog.fortinet.com

CUSTOMER SERVICE & SUPPORT
https://support.fortinet.com

FORTINET TRAINING & CERTIFICATION PROGRAM
https://www.fortinet.com/training-certification

NSE INSTITUTE
https://training.fortinet.com

FORTIGUARD CENTER
https://www.fortiguard.com

END USER LICENSE AGREEMENT
https://www.fortinet.com/doc/legal/EULA.pdf

FEEDBACK
Email: techdoc@fortinet.com

February 28, 2022
FortiClient (Linux) 7.0.3 Release Notes
04-703-766525-20220228
TABLE OF CONTENTS

            Change log                                                                    4
            Introduction                                                                  5
                Licensing                                                                 5
            Special notices                                                               6
                Zero Trust Network Access certificates                                    6
            What’s new in FortiClient (Linux) 7.0.3                                       7
            Installation information                                                      8
                Installing FortiClient (Linux)                                            8
                   Installing FortiClient (Linux) using a downloaded installation file    8
                   Installation folder and running processes                              9
                Starting FortiClient (Linux)                                              9
                Uninstalling FortiClient (Linux)                                          9
            Product integration and support                                              10
            Resolved issues                                                              11
                Malware Protection and Sandbox                                           11
                Vulnerability Scan                                                       11
                Remote Access                                                            11
                Zero Trust tags                                                          12
                Common Vulnerabilities and Exposures                                     12
            Known issues                                                                 13
                Avatar and social network login                                          13
                Zero Trust Network Access (ZTNA) connections                             13
                Malware Protection and Sandbox                                           13
                Remote Access                                                            13

FortiClient (Linux) 7.0.3 Release Notes                                                       3
Fortinet Inc.
Change log

     Date                 Change Description

     2022-02-28           Initial release.

FortiClient (Linux) 7.0.3 Release Notes        4
Fortinet Inc.
Introduction

   FortiClient (Linux) 7.0.3 is an endpoint product for well-known Linux distributions that provides FortiTelemetry, antivirus,
   SSL VPN, and Vulnerability Scan features. FortiClient (Linux) can also download and use FortiSandbox signatures.
   This document provides a summary of support information and installation instructions for FortiClient (Linux) 7.0.3 build
   0137.
     l   What’s new in FortiClient (Linux) 7.0.3 on page 7
     l   Installation information on page 8
     l   Product integration and support on page 10
     l   Resolved issues on page 11
     l   Known issues on page 13
   Review all sections prior to installing FortiClient.

Licensing

   See Windows, macOS, and Linux endpoint licenses.

FortiClient (Linux) 7.0.3 Release Notes                                                                                           5
Fortinet Inc.
Special notices

Zero Trust Network Access certificates

   For Linux devices, Zero Trust Network Access (ZTNA) certificate provisioning requires Trusted Platform Module 2.0.
   For ZTNA tags for checking certificates, FortiClient (Linux) does not check user certificates and only checks root CA
   certificates installed on the system. These routes are:
     l   Ubuntu: /etc/ssl/certs/ca-certificates.crt
     l   CentOS and Red Hat: /etc/pki/tls/certs/ca-bundle.crt

FortiClient (Linux) 7.0.3 Release Notes                                                                                    6
Fortinet Inc.
What’s new in FortiClient (Linux) 7.0.3

   For information about what's new in FortiClient 7.0.3, see the FortiClient & FortiClient EMS 7.0 New Features.

FortiClient (Linux) 7.0.3 Release Notes                                                                             7
Fortinet Inc.
Installation information

Installing FortiClient (Linux)

    You can install FortiClient (Linux) on the following operating systems:
      l   Ubuntu
      l   CentOS
      l   Red Hat
    For supported versions, see Product integration and support on page 10.
    FortiClient (Linux) 7.0.3 features are only enabled when connected to EMS 7.0.

                             You must upgrade EMS to 7.0.2 or newer before upgrading FortiClient.

    See Recommended upgrade path for information on upgrading FortiClient (Linux) 7.0.3.

                             FortiClient (Linux) 7.0.3 is not available to install from repo.fortinet.com.

Installing FortiClient (Linux) using a downloaded installation file

    To install on Red Hat or CentOS 8:

     1. Obtain a FortiClient Linux installation rpm file.
     2. In a terminal window, run the following command:
          $ sudo dnf install  -y
           is the full path to the downloaded rpm file.
    If running Red Hat 7 or CentOS 7, replace dnf with yum in the command in step 2.

    To install on Ubuntu:

     1. Obtain a FortiClient Linux installation deb file.
     2. Install FortiClient using the following command:
          $ sudo apt-get install 
           is the full path to the downloaded deb file.

 FortiClient (Linux) 7.0.3 Release Notes                                                                     8
 Fortinet Inc.
Installation information

Installation folder and running processes

    The FortiClient installation folder is /opt/forticlient.
    In case there are issues, or to report a bug, FortiClient logs are available in /var/log/forticlient.

Starting FortiClient (Linux)

    FortiClient (Linux) runs automatically in the backend after installation.

    To open the FortiClient (Linux) GUI:

     1. Do one of the following:
        a. In the terminal, run the forticlient command.
        b. Open Applications and search for forticlient.
    After running the FortiClient (Linux) GUI for the first time, you can add it to the favorites menu. By default, the favorites
    menu is usually on the left-hand side of the screen.

Uninstalling FortiClient (Linux)

    You cannot uninstall FortiClient while it is connected to EMS. Disconnect FortiClient from EMS before uninstalling it.

    To uninstall FortiClient from Red Hat or CentOS:

    $ sudo dnf remove forticlient

    If running Red Hat 7 or CentOS 7, replace dnf with yum in the command.

    To uninstall FortiClient from Ubuntu:

    $ sudo apt-get remove forticlient

 FortiClient (Linux) 7.0.3 Release Notes                                                                                            9
 Fortinet Inc.
Product integration and support

   The following table lists version 7.0.3 product integration and support information:

    Operating systems                      l   Ubuntu 18.04 and later
                                           l   CentOS Stream 8, CentOS 7.4 and later
                                           l Red Hat 7.4 and later

                                          All supported with KDE or GNOME
    AV engine                              l   6.00258
    FortiAnalyzer                          l   7.0.0 and later
    FortiClient EMS                        l   7.0.0 and later
    FortiManager                           l   7.0.0 and later
    FortiOS                               The following FortiOS versions support Zerto Trust Network Access (ZTNA) with
                                          FortiClient (Linux) 7.0.3:
                                            l 7.0.0 and later

                                          The following FortiOS versions support IPsec and SSL VPN with FortiClient
                                          (Linux) 7.0.3:
                                            l 7.0.0 and later

                                            l 6.4.0 and later

                                            l 6.2.0 and later

                                            l 6.0.0 and later

    FortiSandbox                           l   4.0.0 and later
                                           l   3.2.0 and later
                                           l   3.1.0 and later
                                           l   3.0.0 and later
                                           l   2.5.0 and later

FortiClient (Linux) 7.0.3 Release Notes                                                                                   10
Fortinet Inc.
Resolved issues

   The following issues have been fixed in version 7.0.3. For inquiries about a particular bug, contact Customer Service &
   Support.

Malware Protection and Sandbox

     Bug ID                 Description

     736956                 FortiClient does not scan additional mounted partitions.

     748164                 FortiClient does not perform malware scan after missing scheduled date.

Vulnerability Scan

     Bug ID                 Description

     747871                 Malware endpoint summary shows no scans have been completed for Linux endpoints.

Remote Access

     Bug ID                 Description

     684913                 SAML authentication on SSL VPN with realms does not work.

     711970                 While FortiClient is connected to EMS and the VPN tunnel is disconnected, DNS entries in
                            /etc/resollv.conf are not removed.

     714338                 FortiClient does not revert DNS setting after operating system suspends while VPN is
                            connected.

     719229                 GUI is missing certificate import field for SSL VPN tunnels.

     721651                 When connected to a full VPN tunnel to FortiGate, FortiClient (Linux) sends virtual IP and
                            MAC addresses to EMS.

     736783                 When connected over an SSL VPN tunnel, changing Internet source (Wi-Fi SSID) fails DNS
                            resolution.

     741614                 Connection error on Linux Red Hat 7.9 distribution.

FortiClient (Linux) 7.0.3 Release Notes                                                                                      11
Fortinet Inc.
Resolved issues

Zero Trust tags

     Bug ID                 Description

     652897                 FortiClient (Linux) tags endpoint as vulnerable when EMS has enabled Exclude Application
                            Vulnerabilities Requiring Manual Update from Vulnerability.

     774422                 FortiClient fails to show host tags for certificate rule on EMS.

Common Vulnerabilities and Exposures

     Bug ID                 Description

     721746                 FortiClient (Linux) 7.0.3 is no longer vulnerable to the following CVE Reference:
                             l CVE-2021-41028

FortiClient (Linux) 7.0.3 Release Notes                                                                                12
Fortinet Inc.
Known issues

   The following issues have been identified in FortiClient (Linux) 7.0.3. For inquiries about a particular bug or to report a
   bug, contact Customer Service & Support.

Avatar and social network login

     Bug ID               Description

     785209               FortiClient (Linux) fails to log in using social login Google.

Zero Trust Network Access (ZTNA) connections

     Bug ID              Description

     778214              FortiClient is missing external browser option for SAML authentication when accessing remote
                         site via ZTNA rule.

Malware Protection and Sandbox

     Bug ID                  Description

     713459                  FortiClient crash accompanied by scanunit.

     725402                  FortiClient halts the operating system.

     785652                  The network drive scan setting from EMS profile is broken.

Remote Access

     Bug ID                  Description

     713024                  Autoconnect/always up does not work as FortiClient fails to save username.

     715444                  SSL VPN traffic drops randomly in FortiClient installed on Ubuntu.

FortiClient (Linux) 7.0.3 Release Notes                                                                                          13
Fortinet Inc.
Known issues

     Bug ID                 Description

     720821                 FortiClient (Linux) fails to autoconnect to FortiSASE VPN on user login if user previously
                            logged out of machine while VPN was connected.

     763897                 OS tag versions do not include Fedora OS.

     776888                 FortiClient does not dynamically display Disconnect VPN button unless user reopens the
                            console.

     777191                 With exclusive routing enabled, Ubuntu 18.02 with FortiClient installed can access local LAN
                            devices.

     781570                 SSL VPN throws an error if configured through CLI.

     781762                 FortiSASE SSL VPN SAML autoconnect feature does not work.

     782473                 FortiSASE SSL VPN autoconnect feature does not work.

     785876                 JavaScript error while using external browser for SSL VPN SAML authentication.

FortiClient (Linux) 7.0.3 Release Notes                                                                                    14
Fortinet Inc.
www.fortinet.com

Copyright© 2022 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein
may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were
attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance
results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract,
signed by Fortinet’s General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only
the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal
conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change,
modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.
You can also read