Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiSandbox VM on AWS

    Home FortiSandbox Public Cloud 4.2.0 FortiSandbox VM on AWS
    4.2.0
    5.0.0
    4.4.0
    4.2.3
    4.2.1
    4.2.0
    4.0.0
    3.2.0
    3.1.0
    3.0.0

    Deploy FortiSandbox on AWS (BYOL/On-Demand)

    Deploy FortiSandbox on AWS (BYOL/On-Demand)

    You can create your FortiSandbox instance on AWS in On-Demand mode or BYOL mode. For BYOL mode, a FSA VM00 license file should be purchased and uploaded.

    Choose an Amazon Machine Image (AMI) and the instance type

    1. Go to EC2 > Instances and click Launch Instance.

    2. In the left panel, click AWS Marketplace and search for fortisandbox AMI.

    3. Select Fortinet FortiSandbox Advanced Threat Protection (BYOL) or Fortinet FortiSandbox Advanced Threat Protection (On-Demand).
      Technical Specification

      		Details

      On-Premise (Private) Cloud

      Public Cloud - BYOL

      Public Cloud - PYAG

      Hypervisor Support

      VMware ESXi

      Microsoft Hyper-V Windows server 2016 and 2019

      AWS

      Azure

      HA Support

      FortiSandbox 3.2 or later

      Virtual CPUs (min / max)

      4/Unlimited

      Fortinet recommends four virtual CPUs plus the number of VM clones.

      4/16

      Fortinet recommends following virtual CPUs based on the number of VM Clones:

      0-4 clones - 4 cores, 5-32 clones - 8 cores, 33-100 clones - 16 cores, 101+ clones - 16 cores or higher.

      Pick up the appropriate Instance Type.

      Virtual Memory (min / max)

      16 GB / 32 GB

      Fortinet recommends following virtual memory based n the number of VM Clones:

      0-4 clones - 24 GB

      5-8 clones - 32 GB

      8 GB / 64 GB

      Recommended: Following virtual memory based on the number of VM Clones:

      0-4 clones - 8 GB, 5-32 clones - 16 GB, 33-100 clones - 32 GB, 101+ clones - 64 GB.

      Pick the appropriate Instance Type.

      Virtual Storage (min / max)

      200 GB / 16 TB

      Fortinet recommends at least 500 GB for a production environment.

      Virtual Network Interfaces

      Recommended: 4 and above

      Recommended: 2 and above

      VM Clones Support (Min/Max)

      01/ 8 (Local VMs) and 200 (Cloud VMs)

      01 / 2162

      01 / 1283

      1 For HA-Cluster deployment setup configured as Primary node acting as a dispatcher.

      2 Can enable any of the Custom VM or Cloud VM types up to the total seat count which is based on a combination of Windows licenses (max of 8), BYOL (8) and Cloud VMs (max of 200).

      3 Total seat count is based on the number of cores multiplied by 4. Maximum VMs is 128 since the highest available vCPU on PAYG is 32. CloudVMs can also be added on top and registered, however, this is not advised due to product serial number changes after shutdown.

    4. Click Next: Configure Instance Details.

    Configure the instance

    Configure the following instance details, then click Next, Add Storage.

    Details

    Values

    Number of Instances

    1

    Purchasing Option

    N/A

    Network

    Select the FortiSandbox VPC you created

    Subnet

    Select the management interface subnet you created

    Auto-Assign Public IP

    Disable

    IAM Role:

    None

    Shutdown Behavior

    Stop

    Enable Termination Protection

    N/A

    Monitoring

    N/A

    Tenancy

    Shared - Run a shared hardware instance

    eth0

    Select the management interface subnet you created; Auto-Assign (or any IP in that subnet)

    eth1

    Select the local VM clone communication subnet you created, Auto-Assign (or any IP in that subnet)

    note icon

    If you do not use a local VM clone, you don't need to add eth1. You can add it later if needed when the instance is not running.

    Add storage

    After configuring the Instance Details, click Next, Add Storage. Fortinet recommends 500GB to 16TB for storage size, depending on number of historical jobs user wants to keep in the system.

    Adding tags

    Do not configure anything on this page. Click Next, Configure Security Group. Choose the security group you created.

    Launch the instance

    1. Review the instance details, then click Launch to open the Create a New Key Pair dialog box.
    2. Enter a Key pair name.
    3. Click Download Key Pair and save the private key file to a safe place. The key files are needed to access FortiSandbox instance through SSH connection.

    4. Click Launch Instances.

      5. After launching the instance, the next page shows that the FortiSandbox instance is running.

    5. Click View Instances to view the instance state. Allow several minutes for Status Checks to change from Initializing to 2/2 checks.

    6. When the instance is running, click the instance and enter a name. For example, FortiSandbox.

    7. Select the created instance. Right-click the instance and select Monitor and troubleshoot > Get Instance Screenshot to view the status of the launched instance.

    Previous
    Next

    Deploy FortiSandbox on AWS (BYOL/On-Demand)

    Deploy FortiSandbox on AWS (BYOL/On-Demand)

    You can create your FortiSandbox instance on AWS in On-Demand mode or BYOL mode. For BYOL mode, a FSA VM00 license file should be purchased and uploaded.

    Choose an Amazon Machine Image (AMI) and the instance type

    1. Go to EC2 > Instances and click Launch Instance.

    2. In the left panel, click AWS Marketplace and search for fortisandbox AMI.

    3. Select Fortinet FortiSandbox Advanced Threat Protection (BYOL) or Fortinet FortiSandbox Advanced Threat Protection (On-Demand).
      Technical Specification

      		Details

      On-Premise (Private) Cloud

      Public Cloud - BYOL

      Public Cloud - PYAG

      Hypervisor Support

      VMware ESXi

      Microsoft Hyper-V Windows server 2016 and 2019

      AWS

      Azure

      HA Support

      FortiSandbox 3.2 or later

      Virtual CPUs (min / max)

      4/Unlimited

      Fortinet recommends four virtual CPUs plus the number of VM clones.

      4/16

      Fortinet recommends following virtual CPUs based on the number of VM Clones:

      0-4 clones - 4 cores, 5-32 clones - 8 cores, 33-100 clones - 16 cores, 101+ clones - 16 cores or higher.

      Pick up the appropriate Instance Type.

      Virtual Memory (min / max)

      16 GB / 32 GB

      Fortinet recommends following virtual memory based n the number of VM Clones:

      0-4 clones - 24 GB

      5-8 clones - 32 GB

      8 GB / 64 GB

      Recommended: Following virtual memory based on the number of VM Clones:

      0-4 clones - 8 GB, 5-32 clones - 16 GB, 33-100 clones - 32 GB, 101+ clones - 64 GB.

      Pick the appropriate Instance Type.

      Virtual Storage (min / max)

      200 GB / 16 TB

      Fortinet recommends at least 500 GB for a production environment.

      Virtual Network Interfaces

      Recommended: 4 and above

      Recommended: 2 and above

      VM Clones Support (Min/Max)

      01/ 8 (Local VMs) and 200 (Cloud VMs)

      01 / 2162

      01 / 1283

      1 For HA-Cluster deployment setup configured as Primary node acting as a dispatcher.

      2 Can enable any of the Custom VM or Cloud VM types up to the total seat count which is based on a combination of Windows licenses (max of 8), BYOL (8) and Cloud VMs (max of 200).

      3 Total seat count is based on the number of cores multiplied by 4. Maximum VMs is 128 since the highest available vCPU on PAYG is 32. CloudVMs can also be added on top and registered, however, this is not advised due to product serial number changes after shutdown.

    4. Click Next: Configure Instance Details.

    Configure the instance

    Configure the following instance details, then click Next, Add Storage.

    Details

    Values

    Number of Instances

    1

    Purchasing Option

    N/A

    Network

    Select the FortiSandbox VPC you created

    Subnet

    Select the management interface subnet you created

    Auto-Assign Public IP

    Disable

    IAM Role:

    None

    Shutdown Behavior

    Stop

    Enable Termination Protection

    N/A

    Monitoring

    N/A

    Tenancy

    Shared - Run a shared hardware instance

    eth0

    Select the management interface subnet you created; Auto-Assign (or any IP in that subnet)

    eth1

    Select the local VM clone communication subnet you created, Auto-Assign (or any IP in that subnet)

    note icon

    If you do not use a local VM clone, you don't need to add eth1. You can add it later if needed when the instance is not running.

    Add storage

    After configuring the Instance Details, click Next, Add Storage. Fortinet recommends 500GB to 16TB for storage size, depending on number of historical jobs user wants to keep in the system.

    Adding tags

    Do not configure anything on this page. Click Next, Configure Security Group. Choose the security group you created.

    Launch the instance

    1. Review the instance details, then click Launch to open the Create a New Key Pair dialog box.
    2. Enter a Key pair name.
    3. Click Download Key Pair and save the private key file to a safe place. The key files are needed to access FortiSandbox instance through SSH connection.

    4. Click Launch Instances.

      5. After launching the instance, the next page shows that the FortiSandbox instance is running.

    5. Click View Instances to view the instance state. Allow several minutes for Status Checks to change from Initializing to 2/2 checks.

    6. When the instance is running, click the instance and enter a name. For example, FortiSandbox.

    7. Select the created instance. Right-click the instance and select Monitor and troubleshoot > Get Instance Screenshot to view the status of the launched instance.

    Previous
    Next