Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiSandbox VM on GCP

    Home FortiSandbox Public Cloud 4.2.3 FortiSandbox VM on GCP
    4.2.3
    5.0.0
    4.4.0
    4.2.3

    Deploy FortiSandbox-VM with the Deployment Image

    Deploy FortiSandbox-VM with the Deployment Image

    Obtaining the deployment image

    To obtain the deployment image:
    1. Log in to FortiCloud.
    2. In the banner, go to Support > VM Images.
    3. From the Select Product dropdown list, select FortiSandbox.
    4. From the Select Platform dropdown list, select Google.
    5. Download the deployment package file. The deployment package file is named “fsa-gcp-vX-buildXXXX-fortinet.tar.gz”, where vX is the major version number and XXXX is the build number.
    Note

    This deployment method only applies for Bring Your Own License (BYOL).

    Uploading the FortiSandbox deployment image to Google Cloud

    To upload the FortiSandbox deployment image to Google Cloud:
    1. Log in to FortiSandbox Cloud.
    2. Go to Storage > Browser.
    3. Create a new bucket or go to an existing bucket.
    4. Click UPLOAD FILES to upload the newly downloaded deployment file.

    Creating the FortiSandbox deployment image

    To create the FortiSandbox deployment image:
    1. Go to Compute Engine > Images.

    2. In the top-right corner of the page, click Activate Cloud Shell .

    3. On the Cloud Shell interface, enter the command to create the custom image and click Enter.

      gcloud compute images create <custom image name> \

      --source-uri <The gs-uri of the uploaded original image file> \

      --guest-os-features MULTI_IP_SUBNET

      Example:

      gcloud compute images create fsa-gcp-v400-build0255-fortinet \

      --source-uri gs://fortisandbox-image/fsa-gcp-v400-build0255-fortinet.tar.gz \

      --guest-os-features MULTI_IP_SUBNET

    4. Click REFRESH. The new image should be displayed in the IMAGE list. The image is listed on the Images pane.

    Deploying the FSA-VM instance

    1. Go to Compute Engine > VM Instances. Click CREATE INSTANCE.

    2. Configure the instance:
      1. In the Name field, enter a name for the instance. From the dropdowns select the Zone and Machine type.

      2. Under Boot disk, click Change.

      3. On the Custom images tab, select the newly created image. Change the Boot disk type as required, and enter 10 for the Size. Click Select.

      4. Ensure the new image is selected.
      5. Under Firewall Option, select Allow HTTPS traffic.

        You will access the FortiSandbox management console using HTTPS. If you allocate multiple network interfaces to the FortiSandbox , please refer to GCP VPC settings. Each network card needs to belong to different VPC.

      6. Click Advanced options.
      7. Click Networking. Here you want to specify multiple network interfaces. One is located on the public-facing side of the Internet, the other facing a protected private network.

      8. Edit the first network interface. We recommend assigning a static IP address. Configure the other items as needed and click Done.

      9. Click Add network interface to add the second interface for the private subnet. If you click Network you will see the list of preconfigured networks. Choose the network located in the same region you chose to deploy the instance. Under External IP, select None.

        Note

        The VPC and Subnetwork used should be set up in advance and given appropriate outbound and inbound firewall policies.

      10. Under Advanced options, click Disks, and attach a Datadrive disk for the FortiSandbox instance.

      11. Click ADD NEW DISK, and select the appropriate Disk Type and Size. The recommended minimum value 80G.

      12. Click SAVE.
    3. After configuring all elements, click Create.

    After several minutes, the instance should be up and running.

    Previous
    Next

    Deploy FortiSandbox-VM with the Deployment Image

    Deploy FortiSandbox-VM with the Deployment Image

    Obtaining the deployment image

    To obtain the deployment image:
    1. Log in to FortiCloud.
    2. In the banner, go to Support > VM Images.
    3. From the Select Product dropdown list, select FortiSandbox.
    4. From the Select Platform dropdown list, select Google.
    5. Download the deployment package file. The deployment package file is named “fsa-gcp-vX-buildXXXX-fortinet.tar.gz”, where vX is the major version number and XXXX is the build number.
    Note

    This deployment method only applies for Bring Your Own License (BYOL).

    Uploading the FortiSandbox deployment image to Google Cloud

    To upload the FortiSandbox deployment image to Google Cloud:
    1. Log in to FortiSandbox Cloud.
    2. Go to Storage > Browser.
    3. Create a new bucket or go to an existing bucket.
    4. Click UPLOAD FILES to upload the newly downloaded deployment file.

    Creating the FortiSandbox deployment image

    To create the FortiSandbox deployment image:
    1. Go to Compute Engine > Images.

    2. In the top-right corner of the page, click Activate Cloud Shell .

    3. On the Cloud Shell interface, enter the command to create the custom image and click Enter.

      gcloud compute images create <custom image name> \

      --source-uri <The gs-uri of the uploaded original image file> \

      --guest-os-features MULTI_IP_SUBNET

      Example:

      gcloud compute images create fsa-gcp-v400-build0255-fortinet \

      --source-uri gs://fortisandbox-image/fsa-gcp-v400-build0255-fortinet.tar.gz \

      --guest-os-features MULTI_IP_SUBNET

    4. Click REFRESH. The new image should be displayed in the IMAGE list. The image is listed on the Images pane.

    Deploying the FSA-VM instance

    1. Go to Compute Engine > VM Instances. Click CREATE INSTANCE.

    2. Configure the instance:
      1. In the Name field, enter a name for the instance. From the dropdowns select the Zone and Machine type.

      2. Under Boot disk, click Change.

      3. On the Custom images tab, select the newly created image. Change the Boot disk type as required, and enter 10 for the Size. Click Select.

      4. Ensure the new image is selected.
      5. Under Firewall Option, select Allow HTTPS traffic.

        You will access the FortiSandbox management console using HTTPS. If you allocate multiple network interfaces to the FortiSandbox , please refer to GCP VPC settings. Each network card needs to belong to different VPC.

      6. Click Advanced options.
      7. Click Networking. Here you want to specify multiple network interfaces. One is located on the public-facing side of the Internet, the other facing a protected private network.

      8. Edit the first network interface. We recommend assigning a static IP address. Configure the other items as needed and click Done.

      9. Click Add network interface to add the second interface for the private subnet. If you click Network you will see the list of preconfigured networks. Choose the network located in the same region you chose to deploy the instance. Under External IP, select None.

        Note

        The VPC and Subnetwork used should be set up in advance and given appropriate outbound and inbound firewall policies.

      10. Under Advanced options, click Disks, and attach a Datadrive disk for the FortiSandbox instance.

      11. Click ADD NEW DISK, and select the appropriate Disk Type and Size. The recommended minimum value 80G.

      12. Click SAVE.
    3. After configuring all elements, click Create.

    After several minutes, the instance should be up and running.

    Previous
    Next