Use the Pre-Filter page file type panel to define file types and URLs that are allowed to enter the job queue if they are from a sniffer, adapter, or device other than FortiMail.
Files or URLs submitted through On-Demand, RPC JSON API, network share, or FortiMail are always put into the job queue even if their file types are not set to enter the job queue.
Click the toggle button to enable it. If the button is grayed out, files of that type are dropped.
Click the toggle button to enable it. If the button is enabled, only suspicious files or unrated URLs are forwarded for VM Scan. The files and URLs will still go through the Static Scan stage. Enabling the prefilter can improve the scan performance. For more information, see Improving Scan Performance in the FortiSandbox Best Practices and Troubleshooting Guide.
Click the toggle button to enable it. If the button is enabled, files rated by that resources are pre-filtered.
When FortiNDR entrust is enabled, files rated by FortiNDR as clean skip the sandboxing VM scan step.
When Trusted Vendor is enabled, executable files from a small internal list of trusted vendors skip the sandboxing scan step.
When Trust Domain is enabled, files downloaded from a small internal list of trusted domains skip the sandboxing scan step.
If a file type is turned off, files of that type already in the job queue will still be processed. You can use the
To determine the number of each file type and its input source, use the