Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiSandbox VM on AWS

    Home FortiSandbox Public Cloud 3.0.0 FortiSandbox VM on AWS
    3.0.0
    5.0.0
    4.4.0
    4.2.3
    4.2.1
    4.2.0
    4.0.0
    3.2.0
    3.1.0
    3.0.0

    Basic AWS network setup

    Basic AWS network setup

    Creating a Virtual Private Cloud (VPC)

    1. Navigate to VPC Dashboard > Your VPCs > Create VPC. The Create VPC dialog box will open.

      note icon

      There’s a default VPC but you should always create a new VPC.
    2. In the Name Tag field, enter a name. For example, FortiSandbox.
    3. In the IPv4 CIDR field, enter 10.0.0.0/16. This will ease scale-out issues in the future.
    4. In the IPv6 CIDR Block field, select No.
    5. In the Tenancy field, select Default from the dropdown list.
    6. Click Yes, Create to create the new VPC.

    Creating the subnet for FortiSandbox firmware

    You will need to create two subnets for FortiSandbox.

    • Public subnet with IPv4 CIDR 10.0.0.0/24, which is connected to the FSA-VM management interface.
    • Private subnet with IPv4 CIDR 10.0.1.0/24, which is connected to all VM clones and FSA-VM.
      note icon

      You can skip creating Private subnet if you do not use Custom VMs. Without a Private subnet, you can still use the Remote VM for file analysis.
    To create the Public Subnet:
    1. Click Subnets > Create Subnet. The Create Subnet dialog box will open.
    2. In the Name Tag field, enter a name. For example, Public_FortiSandbox.
    3. In the VPC field, select the VPC you have just created.
    4. In the IPV4 CIDR block field, enter 10.0.0.0/24 (public subnet).
    5. Click Yes, Create to create the new subnet.

    To create the Private Subnet:
    1. Click Subnets > Create Subnet. The Create Subnet dialog box will open.
    2. In the Name Tag field, enter a name. For example, Private_FortiSandbox.
    3. In the VPC field, select the VPC you have just created.
    4. In the IPV4 CIDR block field, enter 10.0.1.0/24 (private subnet).
    5. Click Yes, Create to create the new subnet.

    Creating an internet gateway

    1. Under Virtual Private Cloud, select Internet Gateways.
    2. Click Create Internet Gateway.
    3. In the Name Tag field, enter a name. For example, vpc-gw.
    4. Click Yes, Create.

    5. Once the Internet Gateway is created, click Attach to VPC.
    6. Select your created VPC, and click Yes, Attach.

    Creating a route table

    1. Under Virtual Private Cloud > Route Tables > click Create Route Table. The Create Route Table dialog box will open.

    2. In the Name Tag field, enter a name. For example, route_FortiSandboxTest.
    3. In the VPC field, select the VPC you created.
    4. Click Yes, Create.

    5. Go to Subnet Associations > Edit and select the public subnet you created. Click Save.

    6. Go to Routes > Add Another Route.
    7. In the Destination field, enter 0.0.0.0/0.
    8. In the Target field, select the internet gateway for the public subnet. Click Save.

    Previous
    Next

    Basic AWS network setup

    Basic AWS network setup

    Creating a Virtual Private Cloud (VPC)

    1. Navigate to VPC Dashboard > Your VPCs > Create VPC. The Create VPC dialog box will open.

      note icon

      There’s a default VPC but you should always create a new VPC.
    2. In the Name Tag field, enter a name. For example, FortiSandbox.
    3. In the IPv4 CIDR field, enter 10.0.0.0/16. This will ease scale-out issues in the future.
    4. In the IPv6 CIDR Block field, select No.
    5. In the Tenancy field, select Default from the dropdown list.
    6. Click Yes, Create to create the new VPC.

    Creating the subnet for FortiSandbox firmware

    You will need to create two subnets for FortiSandbox.

    • Public subnet with IPv4 CIDR 10.0.0.0/24, which is connected to the FSA-VM management interface.
    • Private subnet with IPv4 CIDR 10.0.1.0/24, which is connected to all VM clones and FSA-VM.
      note icon

      You can skip creating Private subnet if you do not use Custom VMs. Without a Private subnet, you can still use the Remote VM for file analysis.
    To create the Public Subnet:
    1. Click Subnets > Create Subnet. The Create Subnet dialog box will open.
    2. In the Name Tag field, enter a name. For example, Public_FortiSandbox.
    3. In the VPC field, select the VPC you have just created.
    4. In the IPV4 CIDR block field, enter 10.0.0.0/24 (public subnet).
    5. Click Yes, Create to create the new subnet.

    To create the Private Subnet:
    1. Click Subnets > Create Subnet. The Create Subnet dialog box will open.
    2. In the Name Tag field, enter a name. For example, Private_FortiSandbox.
    3. In the VPC field, select the VPC you have just created.
    4. In the IPV4 CIDR block field, enter 10.0.1.0/24 (private subnet).
    5. Click Yes, Create to create the new subnet.

    Creating an internet gateway

    1. Under Virtual Private Cloud, select Internet Gateways.
    2. Click Create Internet Gateway.
    3. In the Name Tag field, enter a name. For example, vpc-gw.
    4. Click Yes, Create.

    5. Once the Internet Gateway is created, click Attach to VPC.
    6. Select your created VPC, and click Yes, Attach.

    Creating a route table

    1. Under Virtual Private Cloud > Route Tables > click Create Route Table. The Create Route Table dialog box will open.

    2. In the Name Tag field, enter a name. For example, route_FortiSandboxTest.
    3. In the VPC field, select the VPC you created.
    4. Click Yes, Create.

    5. Go to Subnet Associations > Edit and select the public subnet you created. Click Save.

    6. Go to Routes > Add Another Route.
    7. In the Destination field, enter 0.0.0.0/0.
    8. In the Target field, select the internet gateway for the public subnet. Click Save.

    Previous
    Next