FortiOS 6.2 – To Upgrade, or Not To Upgrade?

Share Button

FortiOS 6.2 was released to the public at the end of March in the form of FortiOS 6.2.0, and boasts many new features that we are excited about, such as:

  • Security Fabric Expansion
  • SD-WAN Enhancements
  • Security Profile Enhancements

These new features are so tempting that some of our customers have already upgraded their FortiGates to see how they can incorporate these into their security posture.

However, our advice at this time is to wait to upgrade your production FortiGates.

 

Why Wait?

To explain why we recommend waiting to upgrade, it’s important to first consider how Fortinet releases firmware.

Every major release (for example, FortiOS 5.6, 6.0, and 6.2) comes with new features and is released as the GA (general availability) release. The number after the major release indicates the minor release, or the patch level of the firmware. As bugs and vulnerabilities are discovered, Fortinet will release patches to resolve these issues. Later patches usually don’t contain new features, just code fixes.

As of now, only the first patch version of 6.2 is out, FortiOS 6.2.1. While this firmware is tested prior to release by both Fortinet QA and the Beta program, these GA and early patch releases have been objectively considered by the community to be buggy.

In our own lab, we have already experienced a memory leak with FortiOS 6.2.0, as well as several GUI issues with the management GUI.

 

VPLS Recommendations

At the time of this writing, we are recommending our customers run FortiOS 6.0.6. Being the 6th patch of the 6.0 major release, it is considered a more mature and stable firmware, with all the top priority and network-impacting bugs resolved.

Note: The exception to this would be if you encountered a critical bug on 6.0.6 that is resolved in 6.2.1, or you absolutely need a feature that only 6.2.1 offers.

If you are still on 5.6 or earlier, 6.0 has its own set of new features that are worth checking out.

And as always, before upgrading to whichever FortiOS version you decide on, it is recommended that you:

We will continue evaluating FortiOS 6.2 and will update this post when we feel 6.2.x is ready for production use.

 

– John Headley, Solutions Engineer

Speak to our Fortinet experts today!