Operation Center
On this page you can view malware which has been detected, as well as its status from a security update perspective.
When a dynamic signature is sent back to FortiGate, FortiMail, or FortiClient, the status information will be displayed so you can see that it has been done.
When a new antivirus update is received, FortiSandbox will recheck all samples not covered by the standard antivirus package and update its status. Malware detected by FortiSandbox before an antivirus signature is available will be marked as Zero-day.
The following options are available:
Refresh |
Click the refresh icon to refresh the entries displayed after applying search filters. |
Search |
Show or hide the search filter field. |
Time Period |
Select the time period from the drop-down list. Select one of the following: 24 Hours, 7 Days, or 4 Weeks. |
Clear all removable filters |
Click the trash can icon to clear all removable filters. |
Export Data |
Click the Export Data button to create a PDF or CSV snapshot report. The time to generate the report is dependent on the number of events selected. You can wait till the report is ready to view, or navigate away and find the report later in Log & Report > Report Center page. |
Add Search Filter |
Click the search filter field to add search filters. Click the cancel icon to the left of the search filter to remove the specific filter. Click the clear all filters icon in the search filter field to clear all filters. In this page, several fields, like victim host IP can be the search criteria. Search filters can be used to filter the information displayed in the GUI. |
View Job |
Click the View Jobs icon show the job detail page. |
Number of Blocks |
After a malware's signature is added to a Malware package and downloaded by FortiGate, FortiGate can block subsequent occurrence of it. Hover your cursor on top of the icon, the number of blocks of this Malware is displayed. |
In Cloud |
An icon will appear if the malware is available in the FortiSandbox Community Cloud. |
In Signature |
An icon will appear if the malware is included in the current FortiSandbox generated Malware Package. |
Perform Rescan |
Click the icon to rescan the suspicious or malicious entry. In the Rescan Configuration dialog box you can select to skip Static Scan, AV Scan, Cloud Query, and Sandboxing. Click OK to continue. Click the Close icon or the Close button to close the dialog box. The rescan job can be found in File Input > File On-Demand page. |
Archived File |
An icon will appear if the file is an Archived File. |
Pagination |
Use the pagination options to browse entries displayed. |
This page displays the following information:
To view file details:
- Select a file.
- Click the View Details icon. A new tab will open.
- See Appendix A - View Details Page Reference for descriptions of the View Details page.
- Close the tab to exit the View Details page.