• New web UI—An improved web UI.

• New log subtypes—See “Logging and Reporting”.

• New dashboard and report features—See “Logging and Reporting”.

• Additional load balancing methods—Support for new methods based on a hash of a full URI, domain name, hostname, or destination IP address. See “Configuring methods”.

• Predefined health checks—Helps you get started with your deployment. See “Configuring health checks”.

• Predefined persistence rules—Helps you get started with your deployment. See “Configuring persistence rules”.

• HTTP Turbo profile—Improves the performance of HTTP applications that do not require our optional profile features. See “Configuring profiles”.

• Layer 2 load balancing—Support for TCP profiles. See “Server load balancing”.

• SNI support—Require clients to use the TLS extension to include the server hostname in the TLS client hello message. Then, the FortiADC system can select the appropriate local server certificate to present to the client. You can also configure content routes based on SNI hostname values. See “Configuring profiles” and “Configuring content routes”.

• Granular SSL configuration—Specify the SSL/TLS versions and encryption algorithms per profile. See “Configuring profiles”.

• Connection rate limiting—Set a connection rate limit per real server or per virtual server. See “Configuring pools of real servers” and “Configuring virtual servers”.

• HTTP transaction rate limiting—Set a rate limit on HTTP transactions per virtual server. See “Configuring virtual servers”.

• Additional link load balancing methods—Support for new methods in link groups, including spillover and hash of the source IP address. See “Configuring a link group”.

• Global load balancing—A new implementation of our DNS-based solution that enables you to deploy redundant resources around the globe that you can leverage to keep your business online when a local area deployment experiences unexpected spikes or downtime. See “Global Load Balancing”.

• HA active-active clustering—Support for active-active clusters. See “High Availability Deployments”.

• Administrator authentication enhancements—Support for authenticating users against LDAP and RADIUS servers. See “Managing administrator users”.

• Multinetting—You can configure a secondary IP address for a network interface when necessary to support deployments with backend servers that belong to different subnets. See “Configuring network interfaces”.

• High speed logging—Supports deployments that require a high volume of logging activity. See “Configuring high speed logging”.

• Packet Capture—Support for tcpdump. See “execute command example: tcpdump”.

• No design changes. Bug fixes only.

• No design changes. Bug fixes only.

• No design changes. Bug fixes only.

• VDOMs—Virtual domains (VDOMs) allow you to divide a FortiADC into two or more virtual units that are configured and function independently. The administrator for each virtual domain can view and manage the configuration for his or her domain. The admin administrator has access to all virtual domain configurations.

• Caching – A RAM cache is a cache of HTTP objects stored in FortiADC's system RAM that are reused by subsequent HTTP transactions to reduce the amount of load on the backend servers.

• IP Reputation—You can now block source IP addresses that have a poor reputation using data from the FortiGuard IP Reputation Service.

• Layer 2 server load balancing – FortiADC can now load balance Layer 3 routers, gateways or firewalls. This feature is useful when the request’s destination IP is unknown and you need to load balance connections between multiple next-hop gateways. Supports HTTP, HTTPS and TCPS client-side connection profiles only.

• Open Shortest Path First (OSPF) support—The new OSPF feature allows FortiADC to learn dynamic routes from or redistribute routes to neighboring routers.

• HTTPS profile type for virtual servers—The HTTPS profile type provides a standalone HTTPS client-side connection profile.

• Consistent Hash IP – The persistence policy type Hash IP has changed to Consistent Hash IP. Consistent hashing allows FortiADC to achieve session persistence more efficiently than traditional hashing.

• FortiADC now supports a third type of log – attack log.

• You can now download log messages using the FortiADC web UI.

• The format of logs has changed. Because of this format change, if you upgrade from FortiADC 3.x, use the execute log-rebuild command to rebuild the log database.

• FortiADC now exports log reports in HTML or PDF format only. RTF and plain text reports are no longer supported.

• Link routing policies—You can now specify how FortiADC routes traffic for each available ISP link, including by source or destination address and port.

• Virtual tunnels—You can now use tunneling between two FortiADC appliances to balance traffic across multiple links to each appliance. A typical scenario is a VPN between a branch office and headquarters for application-specific access.

• Persistent routing—You can now configure connections that persist regardless of the FortiADC link load balancing activity. You can configure persistence based on source IP, destination IP, and subnet.

• Proximity-based routing—Maximize WAN efficiency by using link proximity to determine latency between FortiADC and remote WAN sites so that FortiADC can choose the best route for traffic.

• Scheduled link load balancing—You can now apply a link load balancing policy during a specific time period.

• One-to-one (1-to-1) NAT—You can now fully define how each individual source and destination IP address will be translated. This feature is useful when you require a different NAT range for each ISP.

• PPPoE interface support—To support DSL connectivity, you can now configure interfaces to use PPPoE (Point-to-Point Protocol over Ethernet) to automatically retrieve its IP address configuration.

• Custom error page—You can now upload a custom error page to FortiADC that it can use to respond to clients when HTTP service is unavailable.

• Full NAT for Layer 3/4 load balancing—Layer 3/4 load balancing now supports full NAT (translation of both source and destination IP addresses). FortiADC can now round robin among a pool of source IP addresses for its connections to backend servers.

• Standby server—You can now configure FortiADC to forward traffic to a hot standby (called a Backup Server) when all other servers in the pool are unavailable.

• Log cache memory—To avoid hard disk wear and tear, FortiADC can cache logs in memory and then periodically write them to disk in bulk. Previously, FortiADC always wrote each log message to disk instantaneously.

• HA sync for health check status with IPv6—For high availability FortiADC clusters, the Layer 4 health check status of IPv6-enabled virtual servers is now synchronized.

• Link load balancing—FortiADC now supports load balancing among its links, in addition to distributing among local and globally distributed servers. Depending on if the traffic is inbound or outbound, different mechanisms are available: outbound can use weighted round robin; inbound can use DNS-based round robin or weighted round robin.

• HTTP response compression—FortiADC now can compress responses from your backend servers, allowing you to off load compression from your backend servers for performance tuning that delivers faster replies to clients.

• Quality of service (QoS)—FortiADC now can guarantee bandwidth and queue based upon source/destination address, direction, and network service.

• Source NAT (SNAT)—When applying NAT, FortiADC can now apply either static or dynamic source NAT, depending on your preference.

• Session persistence by source IP segment—FortiADC now can apply session persistence for entire segments of source IPs such as 10.0.2.0/24. Previously, session persistence applied to a single source IP.

• Health check enhancements—FortiADC now supports additional health check types for servers that respond to these protocols: email (SMTP, POP3, IMAP), TCPS, TCP SYN (half-open connection), SNMP, and UDP.

• HA enhancements—FortiADC HA now synchronizes Layer 3/4 and Layer 7 sessions and connections for session persistence and uninterrupted connections when the standby assumes control of traffic.

• Support for FortiADC 200D and FortiADC VM— FortiADC software has been released to support these new platforms.