Fortinet black logo

Cookbook

Adding sandbox inspection to security profiles

Copy Link
Copy Doc ID 4d801240-7ccc-11e9-81a4-00505692583a:913671
Download PDF

Adding sandbox inspection to security profiles

You can apply sandbox inspection with three types of security inspection: antivirus, web filter, and FortiClient compliance profiles.

This example shows you how to add sandbox inspection to all FortiGates in the Security Fabric individually using the profiles that each FortiGate applies to network traffic.

To pass the Advanced Threat Protection check, add sandbox inspection to antivirus profiles for all FortiGates in the Security Fabric.

  1. On Edge, go to Security Profiles > AntiVirus and edit the default profile.
  2. In the Inspection Options section, set Send Files to FortiSandbox Appliance for Inspection to All Supported Files.

    Enable Use FortiSandbox Database so that if FortiSandbox discovers a threat, it adds a signature for that file to the antivirus signature database on the FortiGate.

    Click Apply.

  3. Go to Security Profiles > Web Filter and edit the default profile.
  4. In the Static URL Filter section, enable Block malicious URLs discovered by FortiSandbox so that if FortiSandbox discovers a threat, it adds the URL to the list of URLs that are blocked by the FortiGate.

  5. Go to Security Profiles > FortiClient Compliance Profiles and edit the default profile.
  6. Enable Security Posture Check

    Enable Realtime Protection.

    Enable Scan with FortiSandbox.

Adding sandbox inspection to security profiles

You can apply sandbox inspection with three types of security inspection: antivirus, web filter, and FortiClient compliance profiles.

This example shows you how to add sandbox inspection to all FortiGates in the Security Fabric individually using the profiles that each FortiGate applies to network traffic.

To pass the Advanced Threat Protection check, add sandbox inspection to antivirus profiles for all FortiGates in the Security Fabric.

  1. On Edge, go to Security Profiles > AntiVirus and edit the default profile.
  2. In the Inspection Options section, set Send Files to FortiSandbox Appliance for Inspection to All Supported Files.

    Enable Use FortiSandbox Database so that if FortiSandbox discovers a threat, it adds a signature for that file to the antivirus signature database on the FortiGate.

    Click Apply.

  3. Go to Security Profiles > Web Filter and edit the default profile.
  4. In the Static URL Filter section, enable Block malicious URLs discovered by FortiSandbox so that if FortiSandbox discovers a threat, it adds the URL to the list of URLs that are blocked by the FortiGate.

  5. Go to Security Profiles > FortiClient Compliance Profiles and edit the default profile.
  6. Enable Security Posture Check

    Enable Realtime Protection.

    Enable Scan with FortiSandbox.