Mitigation: Most of these bugs are edge cases. For standard routing, firewalling, SD-WAN, and SSL VPN, 7.0.9 is exceptionally stable.
Deploy 7.0.9 as a stepping stone to the latest 7.0.x patch, but do not upgrade to 7.2.x unless you need a specific feature. Your firewall should be boring—and 7.0.9 is exactly that. fortigate 7.0.9
According to the official release notes, FortiOS 7.0.9 addresses several hundred individual issues. Notable highlights include: Mitigation: Most of these bugs are edge cases
: This version does not support full-fledged DNS TXT record management (for services like Let's Encrypt or SPF/DMARC) directly on the device, requiring external workarounds or virtual DNS servers. and SSL VPN
When to upgrade
: Introduced features like per-session accounting for offloaded sessions, improved Link Aggregation Group (LAG) capacity, and hardware-accelerated DoS protection .