Академический Документы
Профессиональный Документы
Культура Документы
0 MR4 Patch 2
Release Notes
FortiDB 4.0 MR4 Patch 2 Release Notes November 14, 2012 Revision 2 Copyright 2012 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, and FortiGuard are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance metrics contained herein were attained in internal lab tests under ideal conditions, and performance may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinets General Counsel, with a purchaser that expressly warrants that the identified product will perform according to the performance metrics herein. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinets internal lab tests. Fortinet disclaims in full any guarantees. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.
Technical Documentation Knowledge Base Forums Customer Service & Support Training Services FortiGuard Document Feedback
Table of contents
Change log ....................................................................................................... 4 Introduction ...................................................................................................... 5
Enhancements .......................................................................................................... 5
Troubleshooting ............................................................................................. 13
Monitoring and Auditing Log .............................................................................. 13
Change log
Date 2012-10-25 2012-11-14 Change Description Initial release. Updated Collection Method tables MySQL entry
Introduction
This document provides installation instructions and caveats, resolved issues, and known issues for FortiDB 4.0 MR4 Patch 2, build 0240. FortiDB provides web application and web services security in a single platform enabling the protection, load balancing and acceleration of web applications and the data exchanged between them and clients. For additional documentation, please visit: http://docs.fortinet.com/fdb.html
Enhancements
Poll FortiDB via SNMP for interface status, CPU and Memory statistics and more Vulnerability Assessment is now supported for MSSQL 2012
Special Notices
General
Monitor Settings for Web User Interface Access - Fortinet recommends setting your monitor to a screen resolution of 1280x1024. This allows all objects in the Web UI to be viewed properly The following web browsers are supported to properly display the FortiDB GUI: Application FortiDB 4.0 MR4 Patch2 Supported Web Browser Internet Explorer 7.x, 8.x, 9.x Firefox 4.x/5.0
Supported Platforms
Windows 2003 32-bit, 64-bit Window XP Linux RH4 64-bit, RH5 64-bit Solaris
Application VA
Oracle
MS SQL Server
Sybase
DB2 UDB
MySQL
Microsoft SQL
Server 2000
Sybase ASE
12.5
Microsoft SQL
Server 2005
Sybase ASE
15.0.2
Microsoft SQL
Server 2008
Sybase ASE
15.5
Oracle 11gR2
Microsoft SQL
Server 2008R2
Sybase ASE
15.7
Microsoft SQL
Server 2012 DAM
Microsoft SQL
Server 2000 SP2
Sybase ASE
12.5 (Sniffer only)
DB2 UDB
V9.5
MySQL 5.1
(not supported with sniffer)
DB2 UDB
V9.7
Microsoft SQL
Server 2005 SP2
Sybase ASE
15.0.2
Oracle 11gR2
MySQL 5.5
(not supported with sniffer)
Sybase ASE
15.5
Microsoft SQL
Server 2008 SP2
Sybase ASE
15.7 (MDA only)
Microsoft SQL
Server 2008R2
Microsoft SQL
Server 2012
Target DB Oracle
FortiDB Collection methods DB, EXTENDED. Agent is not required. XML File Agent. FortiDB agent is required. Please see Running the Oracle XML File Agent (UNIX, Windows) in online help. SGA Agent. FortiDB agent is required. Please see Running the Oracle SGA Agent (Solaris) in online help. TCP/IP Sniffer SQL Trace. Agent is not required. For SQL 2000, make sure the following commands are issued before starting monitoring: USE master GO EXEC sp_configure 'show advanced options', 1 GO RECONFIGURE WITH OVERRIDE GO EXEC sp_configure 'xp_cmdshell', 1 GO RECONFIGURE WITH OVERRIDE GO EXEC sp_configure 'show advanced options', 0 GO TCP/IP Sniffer DB2 Agent. FortiDB agent is required. Please see Running the DB2 Agent on Windows and Running the DB2 Agent on UNIX in online help. TCP/IP Sniffer MDA. Agent is not required. TCP/IP Sniffer General Query Log
SGA (for only 10gR2 on Linux 32-bit or Linux 64-bit machines) SPAN/mirror port MS SQL Server Trace file
SPAN/mirror port Sybase MDA SPAN/mirror port MySQL General Query Log
By default, the encoding that is used is UTF-8. In general, any encoding supported by the Java VM is supported by FortiDB, but for exporting PDF reports, the specified encoding (entered in step 2 previously) must map to a supported PDF font. The following encodings are supported by FortiDB for exporting PDF data: Locale Japanese Supported Encodings Shift_JIS SJIS EUC-JP EUC_JP x-EUC-JP-LINUX EUC_JP_LINUX
9 FortiDB 4.0 MR4 Patch 2 Release Notes
Chinese
ISO-2022-JP ISO2022JP windows-31j MS932 Cp930 Cp939 Cp942 Cp943 Cp33722 x-mswin-936, MS936 GB18030 x-EUC-CN EUC_CN GBK x-windows-950 MS950 x-MS950-HKSCS MS950_HKSCS x-EUC-TW EUC_TW Big5 Big5-HKSCS Cp935 Cp937 Cp948 Cp950 Cp964 ISO2022_CN_CNS ISO2022_CN_GB x-windows-949 MS949 EUC-KR ISO-2022-KR ISO2022KR UTF-8
Korean
Others
Please visit http://java.sun.com/javase/6/docs/technotes/guides/intl/encoding.doc.html for additional information about encodings supported by the Java virtual machine.
10
11
Upgrade instructions
Upgrade from previous versions
Upgrade supported from previous official 4.x releases. Upgrade from 3.x versions is not supported
12
Troubleshooting
Monitoring and Auditing Log
During the Monitoring and Auditing life-cycle, FortiDB may encounter issues in the target database system which alter the way in which that target is monitored (in Native Audit collection method only), or even prevent that target from being monitored. The table below lists the problems that FortiDB may encounter and the log message that will be generated.
Severities
INFORMATIONAL used to describe the general monitoring state (started, reconfigured, stopped). All descriptions notify users of a successfully executed task. CAUTIONARY used to describe issues that users should be aware of, but do not impact the monitoring operation MINOR used to describe configuration issues that impact how monitoring is done, but does not impact the overall monitoring action on a target. Typically, minor errors describe configuration issues, such as the specification of non-existing objects or users in policies, which FortiDB can skip over. MAJOR used to describe changes in the target database that is being monitored. Users should be aware of these changes, and they may need to act on them to adjust how monitoring is done, or they may need to address this issue on the target database. Usually, these errors describe objects being modified or users being deleted from the target database that impact certain policies that are being used for monitoring CRITICAL used to describe errors that prevent FortiDB from monitoring the target database.
Error Types
CONFIGURATION Any issue that occurs when configuring a target with the associated policies. These log entries occur with specific policies (in which case a policy-name is logged), or it may be a general error (in which case n/a is logged for the Policy Name field). PERMISSION Issues having to do with insufficient permissions of the target user. OBJECT_CHANGE When objects are changed on the target database after monitoring has started USER_CHANGE When users are changed on the target database after monitoring has started.
13
Configuration Messages
Message 1 The user <USER> does not exist on <TARGET> Type CONFIGURATION Severity MINOR Description This is a policy-specific error, which signals that a certain user that was specified in the policy does not exist on the target database. This user entry will be skipped when configuring the policy. If all the user entries are skipped, then the policy itself will not be used to monitor the target. This is a policy-specific error, which signals that a certain table that was specified in the policy does not exist on the target database. This object entry will be skipped when configuring the target. . If all the table entries are skipped, then the policy itself will not be used to monitor the target. An unexpected exception was thrown when attempting to configure a target with a specific policy. The error message is the actual exception message. When initializing the Sybase collector, there were insufficient permissions with the FortiDB target user which prevented FortiDB from doing JDBC queries against the target database. No policies were enabled for the target, or if enabled, no objects or users in the policies were configurable for that target.
FortiDB 4.0 MR4 Patch 2 Release Notes
The object <DB.SCHEMA.TABLE> does not exist on <TARGET> and will not be monitored on this target.
CONFIGURATION
MINOR
CONFIGURATION
CRITICAL
PERMISSION
CRITICAL
CONFIGURATION
CRITICAL
14
CONFIGURATION
INFORMATIONAL
The Start Monitoring operation was successfully executed on the target. The Stop Monitoring operation was successfully executed on the target. The Reconfigure operation was successfully executed on the target, and the collection state is now consistent with changes made in the UI. A configured object has been removed from the target. Note that this error is only logged when FortiDB is doing target checks at the scheduled times (which can be configured in the Log view). A configured user has been removed from the target. Note that this error is only logged when FortiDB is doing target checks at the scheduled times (which can be configured in the Error Log view). Valid for Oracle DB, EXTENDED. Reports that the queryto get the audit data from the target is taking more than 10 seconds. This typically occurs when sys.aud$ table.has more than 2 million records. It can be a result of an intermittent network delay.
CONFIGURATION
INFORMATIONAL
CONFIGURATION
INFORMATIONAL
OBJECT_CHANGE
MAJOR
10
USER_CHANGE
MAJOR
11
Excessive Time :<time> seconds to execute audit data query. The audit table for: <targetname> should be truncated.
COLLECTION
MAJOR
15
Resolved issues
The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support. Table 1: Resolved issues Bug ID 169409 171856 172294 172295 Description Sybase 5.7 sniffer version added to system settings sniffer support for CP850 charset The DAM connection to a XML Agent stays stale after a re-boot of Oracle Depending on the audit method some SYS user and/or operation is not Audited with User Defined Policies Alert inconsistencies when the time settings are different between the FortiDB appliance and target database FortiDb cant connect to a MSSQL database that requires a certificate MySQL auditing stops after a few hours can't generate alerts/audits for a certificated MSSQL server certain FortiDB administrative actions not logged LDAP Login SIMPLE authentication problem Importing VA policy fails Cant run connection test to Windows 2008 AD get sys status shows disk as 0GB The alerts Return Code shows 0 500 error when trying to add a user-defined policy DB username represented incorrectly in alerts
171574
174695 175330 175111 174410 168930 177596 176967 177141 0153766 177236 179433
16
Known issues
This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please contact Fortinet Customer Service & Support. Table 2: Known issues Bug ID 0167853 0183358 0169044 0166347 Description Metadata Policy doesnt generate an alert when using sqlplus Test connection to DB2 server fails on DB2 v9.1 Some VA policies fail on MSSQL 2012 Using white list can cause FortiDB to freeze
17
Image checksums
To verify the integrity of the firmware file, use a checksum tool and compute the firmware files MD5 checksum. Compare it with the checksum indicated by Fortinet. If the checksums match, the file is intact. MD5 checksums for Fortinet software and firmware releases are available from Fortinet Customer Service & Support. After logging in to the web site, go to Download > Firmware Image Checksums. In the File Name field, enter the firmware image file name including its extension, then click Get Checksum Code. Figure 1: Customer Service & Support image checksum tool
18