Fortinet black logo

Administration Guide

Using FortiNDR malware inspection

Using FortiNDR malware inspection

FortiNDR (formerly FortiAI) is the first Fortinet Network Detection and Response product from Fortinet. Apart from the Virtual Security AnalystTM with sub-second malware detection technology based on neural networks, FortiNDR is built on FortiAI’s technology with extended and added features to detect Network Anomalies with auto and manual mitigation techniques. FortiNDR is renamed from FortiAI with additional Network Detection and Response functionality, with the original FortiAI malware analysis features.

FortiNDR is the next generation of Fortinet's malware detection technology, using Artificial Neural Networks (ANN) which can deliver sub-second malware detection and verdict. You can send suspicious email attachments to FortiNDR for inspection when you configure antivirus profiles (see Managing antivirus profiles). If the file exhibits risky behavior, or is found to contain a malware, the result will be sent back to FortiMail and you can take actions according to the verdict.

For more information about FortiNDR, see the FortiNDR Administration Guide.

Note

For FortiMail and FortiNDR to communicate, both sides must have the Fortinet certificate installed.

To add a FortiNDR service
  1. Go to System > FortiNDR > FortiNDR.
  2. Configure the following settings:

GUI item

Description

Status

Enable FortiNDR protection.

Base URL

Enter the FortiNDR base URL.

API key

Enter the API key that you generated on FortiNDR. For details, see the FortiNDR Administration Guide.

Test Connection

Click to test the network connection to the URL.

Upload timeout

Specify the timeout (in seconds) for uploading email attachments. Default setting is 10 seconds.

Rating timeout

Specify the timeout (in seconds) for FortiNDR to scan the uploaded files. Default setting is 10 seconds.

Using FortiNDR malware inspection

FortiNDR (formerly FortiAI) is the first Fortinet Network Detection and Response product from Fortinet. Apart from the Virtual Security AnalystTM with sub-second malware detection technology based on neural networks, FortiNDR is built on FortiAI’s technology with extended and added features to detect Network Anomalies with auto and manual mitigation techniques. FortiNDR is renamed from FortiAI with additional Network Detection and Response functionality, with the original FortiAI malware analysis features.

FortiNDR is the next generation of Fortinet's malware detection technology, using Artificial Neural Networks (ANN) which can deliver sub-second malware detection and verdict. You can send suspicious email attachments to FortiNDR for inspection when you configure antivirus profiles (see Managing antivirus profiles). If the file exhibits risky behavior, or is found to contain a malware, the result will be sent back to FortiMail and you can take actions according to the verdict.

For more information about FortiNDR, see the FortiNDR Administration Guide.

Note

For FortiMail and FortiNDR to communicate, both sides must have the Fortinet certificate installed.

To add a FortiNDR service
  1. Go to System > FortiNDR > FortiNDR.
  2. Configure the following settings:

GUI item

Description

Status

Enable FortiNDR protection.

Base URL

Enter the FortiNDR base URL.

API key

Enter the API key that you generated on FortiNDR. For details, see the FortiNDR Administration Guide.

Test Connection

Click to test the network connection to the URL.

Upload timeout

Specify the timeout (in seconds) for uploading email attachments. Default setting is 10 seconds.

Rating timeout

Specify the timeout (in seconds) for FortiNDR to scan the uploaded files. Default setting is 10 seconds.