Reporter for FortiGate Release Notes
   All Release Notes Reporter for FortiGate (2024-02-20)

Introducing Fastvue’s New Safeguarding Report

We’re excited to launch our new Safeguarding Report, designed specifically for Digital Safeguarding Leads (DSLs), Student Well-being Officers, and Pastoral Care Teams. This streamlined report focuses on identifying ‘risky’ online behaviors among students, pinpointing searches, videos, and web content related to self-harm, extremism, drugs, and other unacceptable categories as defined by your school.

For a brief overview, watch our quick guide here.

Getting started with the Safeguarding Report:

  • Navigate to Reports > Overview Report > Safeguarding.
  • Optionally, apply filters to exclude staff or include only certain year groups.
  • Select your desired date range and click Run Report, or click Schedule to automatically send the report to the appropriate recipients daily, weekly, or monthly.

This is the initial version, and we’re eager for your honest feedback to refine it further!

Productivity Settings

With the introduction of the Safeguarding report detailing access to categories in the ‘Unacceptable Productivity’ list, we felt it important to separate IT Security concerns, such as Botnet and Malware, from this list, as they are not safeguarding concerns.

We have therefore added a new ‘IT Security’ list in Settings > Productivity, which separates categories such as Botnet and Malware from the existing ‘Unacceptable’ Productivity list.

For new installations, the ‘Unacceptable’ Productivity list is ordered by safeguarding priorities. Existing installations will retain their current ordering, but categories can be re-ordered by dragging and dropping in the ‘Unacceptable’ list under Settings > Productivity. This order is reflected in the ‘Unacceptable Web Categories’ sections of the new Safeguarding report.

If needed, existing installations can reset their Productivity settings to the new defaults by:

  1. Going to Settings > Data Storage > Settings and noting the Data Location.
  2. Stopping the Fastvue Reporter service in services.msc.
  3. Navigating to the data location on the Fastvue server.
  4. Deleting all Aliases.* files.
  5. Starting the Fastvue Reporter service in services.msc. It may take a few minutes for the database to initialize, visible in Settings > Diagnostic > Database.
  6. Navigating to Settings > Productivity to review the new Productivity settings.
  • Keyword Groups can now be reordered in Settings > Keywords, reflecting the order of Keyword sections in the new Safeguarding report.
FortiGate Import Logic

We have adjusted the import logic to merge key information from application control events with the records created in the existing session.

This provides a range of advantages:

  • You can now drilldown or run an Activity Report on an application and view the URLs from the web filtering events an application has requested.
  • Applications will no longer display 0 bytes in the size columns depending on the filter used in your report.
  • The size of the Fastvue database is reduced as we’re no longer importing noisy app-ctrl events as their own independent record. In certain cases, this reduction can be as significant as 50% depending on the applications in use on the network. Spotify, for example, is a culprit for generating a lot of app-ctrl data.
FortiGate New and Adjusted Fields
  • Added an Application Productivity field that groups Application Categories into Productive, Acceptable, Unproductive, Unacceptable and IT Security. This is in addition to the existing Productivity field that groups Web Categories into these lists.
  • The Policy field will now show “Implicit Deny” instead of 0 for traffic that hits the implicit deny policy.
  • The Reason field now shows the FortiGate Policy in the absence of a more descriptive message field in the log event.
  • For SSL log events, the Event Message field is now populated with the more descriptive message in the sslaction field.
  • The Application field is populated with the service field when an Application is not logged in the session. This is mainly traffic that does not pass through application control.
  • The Reason field no longer shows (null) for SSL Anomaly events.
  • Added a Blocked Applications widget to the Internet Usage report and reordered the widgets in the Blocked Traffic section.
  • Added an Applications widget into the Network section of the IT Network and Security report.
  • Adjusted the search term extraction rules for YouTube to prevent duplicated searches appearing in alerts and reports.
  • Fixed an issue where adding multiple email addresses using commas in the Schedule dialog on the Reports tab didn’t separate the addresses correctly.
  • When YouTube integration is not configured, Internet Usage reports will show raw YouTube URLs instead.
  • AV Threats widgets are no longer cluttered with informational AV events, such as FortiGate submitting files to FortiSandbox and coming back clean.
Download Latest Update