Deploy FortiSandbox on AWS (BYOL/On-Demand)
You can create your FortiSandbox instance on AWS in On-Demand mode or BYOL mode. For BYOL mode, a FSA VM00 license file should be purchased and uploaded.
Choose an Amazon Machine Image (AMI) and the instance type
- Go to EC2 > Instances and click Launch Instance.
- In the left panel, click AWS Marketplace and search for fortisandbox AMI.
- Select Fortinet FortiSandbox Advanced Threat Protection (BYOL) or Fortinet FortiSandbox Advanced Threat Protection (On-Demand).
Technical Specification Details On-Premise (Private) Cloud
Public Cloud - BYOL
Public Cloud - PYAG
Hypervisor Support
AWS
Azure
HA Support
FortiSandbox 3.2 or later
Fortinet recommends four virtual CPUs plus the number of VM clones.
4/16
Fortinet recommends following virtual CPUs based on the number of VM Clones:
0-4 clones - 4 cores, 5-32 clones - 8 cores, 33-100 clones - 16 cores, 101+ clones - 16 cores or higher.
Pick up the appropriate Instance Type.
16 GB / 32 GB
Fortinet recommends following virtual memory based n the number of VM Clones:
0-4 clones - 24 GB
5-8 clones - 32 GB
8 GB / 64 GB
Recommended: Following virtual memory based on the number of VM Clones:
0-4 clones - 8 GB, 5-32 clones - 16 GB, 33-100 clones - 32 GB, 101+ clones - 64 GB.
Pick the appropriate Instance Type.
200 GB / 16 TB
Fortinet recommends at least 500 GB for a production environment.
Recommended: 4 and above
Recommended: 2 and above
VM Clones Support (Min/Max)
01/ 8 (Local VMs) and 200 (Cloud VMs)
01 / 2162
01 / 1283
1 For HA-Cluster deployment setup configured as Primary node acting as a dispatcher.
2 Can enable any of the Custom VM or Cloud VM types up to the total seat count which is based on a combination of Windows licenses (max of 8), BYOL (8) and Cloud VMs (max of 200).
3 Total seat count is based on the number of cores multiplied by 4. Maximum VMs is 128 since the highest available vCPU on PAYG is 32. CloudVMs can also be added on top and registered, however, this is not advised due to product serial number changes after shutdown.
- Click Next: Configure Instance Details.
Configure the instance
Configure the following instance details, then click Next, Add Storage.
|
Details |
Values |
||
|---|---|---|---|
|
Number of Instances |
1 |
||
|
Purchasing Option |
N/A |
||
|
Network |
|||
|
Subnet |
Select the management interface subnet you created |
||
|
Auto-Assign Public IP |
Disable |
||
|
IAM Role: |
None |
||
|
Shutdown Behavior |
Stop |
||
|
Enable Termination Protection |
N/A |
||
|
Monitoring |
N/A |
||
|
Tenancy |
Shared - Run a shared hardware instance |
||
|
eth0 |
Select the management interface subnet you created; Auto-Assign (or any IP in that subnet) |
||
|
eth1 |
Select the local VM clone communication subnet you created, Auto-Assign (or any IP in that subnet)
|
Add storage
After configuring the Instance Details, click Next, Add Storage. Fortinet recommends 500GB to 16TB for storage size, depending on number of historical jobs user wants to keep in the system.
Adding tags
Do not configure anything on this page. Click Next, Configure Security Group. Choose the security group you created.
Launch the instance
- Review the instance details, then click Launch to open the Create a New Key Pair dialog box.
- Enter a Key pair name.
- Click Download Key Pair and save the private key file to a safe place. The key files are needed to access FortiSandbox instance through SSH connection.
- Click Launch Instances.
- Click View Instances to view the instance state. Allow several minutes for Status Checks to change from Initializing to 2/2 checks.
- When the instance is running, click the instance and enter a name. For example, FortiSandbox.
- Select the created instance. Right-click the instance and select Monitor and troubleshoot > Get Instance Screenshot to view the status of the launched instance.
After launching the instance, the next page shows that the FortiSandbox instance is running.