Fortinet black logo

New Features

7.4.0
7.4.0
7.2.0
7.0.0
6.4.0
6.2.0

Update FortiSandbox Files FortiView monitor

Update FortiSandbox Files FortiView monitor

Note

This information is also available in the FortiOS 7.4 Administration Guide:

The following enhancements have been made to the FortiSandbox Files (formerly Top FortiSandbox Files) FortiView monitor:

  • Add a pie chart with different file statuses for disk data sources.
  • Add the Reports view, which lists PDF reports after they are downloaded successfully.
  • PDF reports are downloaded on-demand. By default, only 10 are kept in memory.
  • PDFs are deleted from memory after 24 hours.
Prerequisites:
  1. Add FortiSandbox running version 3.2.1 or later to the Security Fabric (see Configuring sandboxing in the FortiOS Administration Guide). This feature works with FortiGate Cloud Sandbox, FortiSandbox Cloud, and FortiSandbox appliance.
  2. Configure an AV profile with Send files to FortiSandbox for inspection enabled (see Using FortiSandbox post-transfer scanning with antivirus in the FortiOS Administration Guide).
  3. Configure a firewall policy with the AV profile that allows traffic to the internet.
  4. Add the FortiSandbox Files FortiView monitor (see Adding FortiView monitors in the FortiOS Administration Guide).
  5. On a client PC, attempt to download a suspicious file.
To view the FortiSandbox analysis and download the PDF:

  1. Go to Dashboard > FortiSandbox Files. The entry appears in the table, but the analysis is not available yet because the Status is Pending. The default view is Files.

  2. After about five to ten minutes, refresh the table. The analysis is now available.

  3. Select the entry, then right-click and select Drill Down to Details.

    The Sandbox File Analysis Drill Down pane opens.

  4. Click Download full report to download the detailed PDF report.

  5. Change the view to Reports to verify that the file was downloaded successfully. The reports contains FortiSandbox job information and detailed file information.

When the file type is not supported, a warning message appears that the file was not scanned when the Sandbox File Analysis Drill Down pane opens.

To change the maximum number of PDFs kept in memory:
# diagnose test analytics-pdf-report max <integer>

The range is 1 - 10, and the default is 10. After the FortiGate is restarted, this value will revert to the default.

Previous
Next

Update FortiSandbox Files FortiView monitor

Note

This information is also available in the FortiOS 7.4 Administration Guide:

The following enhancements have been made to the FortiSandbox Files (formerly Top FortiSandbox Files) FortiView monitor:

  • Add a pie chart with different file statuses for disk data sources.
  • Add the Reports view, which lists PDF reports after they are downloaded successfully.
  • PDF reports are downloaded on-demand. By default, only 10 are kept in memory.
  • PDFs are deleted from memory after 24 hours.
Prerequisites:
  1. Add FortiSandbox running version 3.2.1 or later to the Security Fabric (see Configuring sandboxing in the FortiOS Administration Guide). This feature works with FortiGate Cloud Sandbox, FortiSandbox Cloud, and FortiSandbox appliance.
  2. Configure an AV profile with Send files to FortiSandbox for inspection enabled (see Using FortiSandbox post-transfer scanning with antivirus in the FortiOS Administration Guide).
  3. Configure a firewall policy with the AV profile that allows traffic to the internet.
  4. Add the FortiSandbox Files FortiView monitor (see Adding FortiView monitors in the FortiOS Administration Guide).
  5. On a client PC, attempt to download a suspicious file.
To view the FortiSandbox analysis and download the PDF:

  1. Go to Dashboard > FortiSandbox Files. The entry appears in the table, but the analysis is not available yet because the Status is Pending. The default view is Files.

  2. After about five to ten minutes, refresh the table. The analysis is now available.

  3. Select the entry, then right-click and select Drill Down to Details.

    The Sandbox File Analysis Drill Down pane opens.

  4. Click Download full report to download the detailed PDF report.

  5. Change the view to Reports to verify that the file was downloaded successfully. The reports contains FortiSandbox job information and detailed file information.

When the file type is not supported, a warning message appears that the file was not scanned when the Sandbox File Analysis Drill Down pane opens.

To change the maximum number of PDFs kept in memory:
# diagnose test analytics-pdf-report max <integer>

The range is 1 - 10, and the default is 10. After the FortiGate is restarted, this value will revert to the default.

Previous
Next