Fortinet black logo

FortiSandbox VM on Azure

Home FortiSandbox Public Cloud 4.2.1 FortiSandbox VM on Azure

Deploy FortiSandbox VM on Azure (PAYG / BYOL)

4.2.1
4.4.0
4.2.1
4.2.0
4.0.0
3.2.0
3.1.0
3.0.0
Copy Link
Copy Doc ID baade84c-0e8a-11ed-bb32-fa163e15d75b:712060
Download PDF

Deploy FortiSandbox VM on Azure (PAYG / BYOL)

You can deploy FortiSandbox VM using the Azure GUI or CLI:

Deploy FortiSandbox instance on Azure using the GUI

To deploy FortiSandbox on Azure with the GUI:
  1. Go to Azure Marketplace and search for Fortinet FortiSandbox.
  2. From the Plan dropdown, select Fortinet FortiSandbox-VM for Azure PAYG or Fortinet FortiSandbox-VM for Azure BYOL and click Create.

  3. On the Create a virtual machine, configure the settings in the Basics tab.

    Resource group

    Choose the one created for FSA.

    Virtual machine name

    Name of the FSA VM.

    Region

    The region should be same as the resource group.

    Size

    Select the VM instance type. The type should be close to the resource recommendations as shown in the table above. FortiSandbox on Azure uses the temporary disk (provided free by the VM) to store and process job files. A secondary disk is not required.

    Authentication type

    Click Password or SSH public key.

  4. Click the Disks tab to configure the disks.

    OS disk type

    Select the disk type depending on your needs

    Data disk for

    Select Create and attach a new disk or Attach an existing disk.

  5. Click the Network tab to configure the network interface.

    Virtual NetworkSelect the Virtual Network which you created for FortiSandbox.
    Subnet

    Select the subnet you created for FortiSandbox port1.

    Public IPCreate a new for FortiSandbox port1, , or use an existing IP.
    Configure network security group Select the security group you created for FortiSandbox and allowed access to FortiSandbox port1.

  6. It is high recommended you enable certain diagnostics settings. Click the Management tab to configure these diagnostics settings.

    Boot diagnostics

    Enable with custom storage account.

    Enable OS guest diagnostics

    Enable.

    Diagnostics storage account

    Choose the debug storage account.

  7. Click Review + Create.
  8. Wait for the setup wizard to validate your information and click Create.
  9. When the VM is available, click Go to resource to go to the VM.

  10. Use the Public IP address assigned to the FortiSandbox port1 via HTTPS once the FSA OS boots up completely via its console.

  11. Get the default admin password for the FortiSandbox VM using the Azure CLI command:

    az vm list --output tsv -g <resource group name> |grep <FortiSandbox-VM name>

    The VM-ID UUID is the default password for Admin access

  12. Prepare FortiSandbox for scanning contents. See Import Azure settings into FortiSandbox.

Deploy FortiSandbox instance on Azure using the CLI

To create the VM using the Azure CLI:
  1. Since the Marketplace URN is subject to change without notice, you can get the latest FortiSandbox image URN with the following command:

    az vm image list -p fortinet -f fortinet_fortisandbox_vm --all --query "[].urn"

  2. Create the Azure FortiSandbox with the Azure CLI from the Azure Marketplace with the network interfaces and data disk for the FortiSandbox you created.
    1. Create the Azure FortiSandbox BYOL.

      az vm create --resource-group [resource group name] --name [ FortiSandbox_BYOL_VM name] --image "fortinet:fortinet_fortisandbox_vm:fortinet_fsa-vm:4.2.0" --size [vm size] --nics [NIC for port1] [NIC for port2] [NIC for port3] [NIC for port4] --attach-data-disks [attach_data_disks_name] --location [location_of_ resource_group_for_FSA] --boot-diagnostics-storage [boot_diagnostics_storage_ container_name] --verbose

    2. Create the Azure FortiSandbox PAYG.

      az vm create --resource-group [resource group name] --name [ FortiSandbox_PAYG_VM name] --image "fortinet:fortinet_fortisandbox_vm:fortinet_fsa-vm_payg:4.2.0" --size [vm size] --nics [NIC for port1] [NIC for port2] [NIC for port3] [NIC for port4] --attach-data-disks [attach_data_disks_name] --location [location_of_ resource_group_for_FSA] --boot-diagnostics-storage [boot_diagnostics_storage_ container_name] --verbose

  3. Get the default admin password for the FortiSandbox VM using the following Azure CLI command:

    az vm list --output tsv -g <resource group name> |grep <FortiSandbox-VM name>

    The VM-ID UUID is the default password for Admin access.

  4. Prepare FortiSandbox for scanning contents. See Import Azure settings into FortiSandbox.
Previous
Next

Deploy FortiSandbox VM on Azure (PAYG / BYOL)

You can deploy FortiSandbox VM using the Azure GUI or CLI:

Deploy FortiSandbox instance on Azure using the GUI

To deploy FortiSandbox on Azure with the GUI:
  1. Go to Azure Marketplace and search for Fortinet FortiSandbox.
  2. From the Plan dropdown, select Fortinet FortiSandbox-VM for Azure PAYG or Fortinet FortiSandbox-VM for Azure BYOL and click Create.

  3. On the Create a virtual machine, configure the settings in the Basics tab.

    Resource group

    Choose the one created for FSA.

    Virtual machine name

    Name of the FSA VM.

    Region

    The region should be same as the resource group.

    Size

    Select the VM instance type. The type should be close to the resource recommendations as shown in the table above. FortiSandbox on Azure uses the temporary disk (provided free by the VM) to store and process job files. A secondary disk is not required.

    Authentication type

    Click Password or SSH public key.

  4. Click the Disks tab to configure the disks.

    OS disk type

    Select the disk type depending on your needs

    Data disk for

    Select Create and attach a new disk or Attach an existing disk.

  5. Click the Network tab to configure the network interface.

    Virtual NetworkSelect the Virtual Network which you created for FortiSandbox.
    Subnet

    Select the subnet you created for FortiSandbox port1.

    Public IPCreate a new for FortiSandbox port1, , or use an existing IP.
    Configure network security group Select the security group you created for FortiSandbox and allowed access to FortiSandbox port1.

  6. It is high recommended you enable certain diagnostics settings. Click the Management tab to configure these diagnostics settings.

    Boot diagnostics

    Enable with custom storage account.

    Enable OS guest diagnostics

    Enable.

    Diagnostics storage account

    Choose the debug storage account.

  7. Click Review + Create.
  8. Wait for the setup wizard to validate your information and click Create.
  9. When the VM is available, click Go to resource to go to the VM.

  10. Use the Public IP address assigned to the FortiSandbox port1 via HTTPS once the FSA OS boots up completely via its console.

  11. Get the default admin password for the FortiSandbox VM using the Azure CLI command:

    az vm list --output tsv -g <resource group name> |grep <FortiSandbox-VM name>

    The VM-ID UUID is the default password for Admin access

  12. Prepare FortiSandbox for scanning contents. See Import Azure settings into FortiSandbox.

Deploy FortiSandbox instance on Azure using the CLI

To create the VM using the Azure CLI:
  1. Since the Marketplace URN is subject to change without notice, you can get the latest FortiSandbox image URN with the following command:

    az vm image list -p fortinet -f fortinet_fortisandbox_vm --all --query "[].urn"

  2. Create the Azure FortiSandbox with the Azure CLI from the Azure Marketplace with the network interfaces and data disk for the FortiSandbox you created.
    1. Create the Azure FortiSandbox BYOL.

      az vm create --resource-group [resource group name] --name [ FortiSandbox_BYOL_VM name] --image "fortinet:fortinet_fortisandbox_vm:fortinet_fsa-vm:4.2.0" --size [vm size] --nics [NIC for port1] [NIC for port2] [NIC for port3] [NIC for port4] --attach-data-disks [attach_data_disks_name] --location [location_of_ resource_group_for_FSA] --boot-diagnostics-storage [boot_diagnostics_storage_ container_name] --verbose

    2. Create the Azure FortiSandbox PAYG.

      az vm create --resource-group [resource group name] --name [ FortiSandbox_PAYG_VM name] --image "fortinet:fortinet_fortisandbox_vm:fortinet_fsa-vm_payg:4.2.0" --size [vm size] --nics [NIC for port1] [NIC for port2] [NIC for port3] [NIC for port4] --attach-data-disks [attach_data_disks_name] --location [location_of_ resource_group_for_FSA] --boot-diagnostics-storage [boot_diagnostics_storage_ container_name] --verbose

  3. Get the default admin password for the FortiSandbox VM using the following Azure CLI command:

    az vm list --output tsv -g <resource group name> |grep <FortiSandbox-VM name>

    The VM-ID UUID is the default password for Admin access.

  4. Prepare FortiSandbox for scanning contents. See Import Azure settings into FortiSandbox.
Previous
Next