Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiSandbox 4.2.2 Administration Guide
    4.2.2
    5.0.0
    4.4.6
    4.4.5
    4.4.4
    4.4.3
    4.4.2
    4.4.1
    4.4.0
    4.2.7
    4.2.6
    4.2.5
    4.2.4
    4.2.3
    4.2.2
    4.2.1
    4.2.0
    4.0.5
    4.0.4
    4.0.3
    4.0.2
    4.0.1
    4.0.0
    3.2.4
    3.2.3
    3.2.2
    3.2.1
    3.2.0
    3.1.5
    3.1.4
    3.1.3
    3.1.2
    3.1.1
    3.1.0
    3.0.7
    3.0.6

    FortiClient

    FortiClient

    FortiClient 5.4 and earlier versions can silently connect to FortiSandbox without the need to be authorized. You can de-authorize a FortiClient host manually. If a FortiClient endpoint is managed by EMS, it follows the authorization status and file submission speed setting of EMS. You can manually change these settings.

    For information on how to configure FortiClient to send files to FortiSandbox, see the FortiClient Administration Guide in the Fortinet Document Library.

    To view connected FortiClient endpoints in FortiSandbox, go to Security Fabric > FortiClient.

    The following options are available:

    Refresh

    Refresh display after applying search filters.

    Device Filter

    Filter devices by entering part of device name or serial number.

    Clear all removable filters

    Click the trash can icon to remove all filters.

    This page displays the following:

    FCT Serial

    The FortiClient serial number.

    Hostname

    FortiClient host name.

    User

    Current user logged into the FortiClient host, if available.

    IP

    Host IP Address.

    Malicious, High, Medium, Low

    The number of malicious, high risk, medium risk, or low risk files submitted by FortiClient to FortiSandbox in the last seven days.

    Malicious files are not executed in the FortiSandbox VM module as the antivirus scanner has already determined the file rating.

    Clean

    Number of clean files submitted by the device to FortiSandbox in the last seven days.

    Others

    Number of other files submitted by the device to FortiSandbox in the last seven days.

    Mal Pkg

    Malware package version currently on the device.

    Auth

    If the FortiClient is authorized, you can click the FortiClient serial number and modify its authorization status.

    Limit

    Shows if this device has a submission limit.

    Status

    Status of the FortiClient host. An icon shows that the device is connected (up) or down.

    Delete

    Click to delete the FortiClient. If the device connects to FortiSandbox again, it appears as a new device.
    To edit FortiClient settings in FortiSandbox:
    1. On your FortiSandbox device, go to Security Fabric > FortiClient.
    2. Click the device name to open the Edit FortiClient Settings page.
    3. Edit the following settings and then click OK.

      FortiClient Status

      Serial Number

      Device serial number.

      Hostname

      FortiClient host name.

      IP

      IP address of the FortiClient.

      Status

      Status of the device.

      Files Transmitted

      Number of files transmitted to FortiSandbox in the last seven days.

      Last Seen

      Date and time that FortiClient last connected to FortiSandbox.

      Permissions & Policy

      Authorized

      Enable to authorize the device.

      Submission Limitation

      Limit the submission speed. Select Unlimited or specify the number of submissions per Hour or Day.

      When the limit is reached, FortiSandbox sends a signal to FortiClient to stop file submission to save resources on both devices.

    Previous
    Next

    FortiClient

    FortiClient

    FortiClient 5.4 and earlier versions can silently connect to FortiSandbox without the need to be authorized. You can de-authorize a FortiClient host manually. If a FortiClient endpoint is managed by EMS, it follows the authorization status and file submission speed setting of EMS. You can manually change these settings.

    For information on how to configure FortiClient to send files to FortiSandbox, see the FortiClient Administration Guide in the Fortinet Document Library.

    To view connected FortiClient endpoints in FortiSandbox, go to Security Fabric > FortiClient.

    The following options are available:

    Refresh

    Refresh display after applying search filters.

    Device Filter

    Filter devices by entering part of device name or serial number.

    Clear all removable filters

    Click the trash can icon to remove all filters.

    This page displays the following:

    FCT Serial

    The FortiClient serial number.

    Hostname

    FortiClient host name.

    User

    Current user logged into the FortiClient host, if available.

    IP

    Host IP Address.

    Malicious, High, Medium, Low

    The number of malicious, high risk, medium risk, or low risk files submitted by FortiClient to FortiSandbox in the last seven days.

    Malicious files are not executed in the FortiSandbox VM module as the antivirus scanner has already determined the file rating.

    Clean

    Number of clean files submitted by the device to FortiSandbox in the last seven days.

    Others

    Number of other files submitted by the device to FortiSandbox in the last seven days.

    Mal Pkg

    Malware package version currently on the device.

    Auth

    If the FortiClient is authorized, you can click the FortiClient serial number and modify its authorization status.

    Limit

    Shows if this device has a submission limit.

    Status

    Status of the FortiClient host. An icon shows that the device is connected (up) or down.

    Delete

    Click to delete the FortiClient. If the device connects to FortiSandbox again, it appears as a new device.
    To edit FortiClient settings in FortiSandbox:
    1. On your FortiSandbox device, go to Security Fabric > FortiClient.
    2. Click the device name to open the Edit FortiClient Settings page.
    3. Edit the following settings and then click OK.

      FortiClient Status

      Serial Number

      Device serial number.

      Hostname

      FortiClient host name.

      IP

      IP address of the FortiClient.

      Status

      Status of the device.

      Files Transmitted

      Number of files transmitted to FortiSandbox in the last seven days.

      Last Seen

      Date and time that FortiClient last connected to FortiSandbox.

      Permissions & Policy

      Authorized

      Enable to authorize the device.

      Submission Limitation

      Limit the submission speed. Select Unlimited or specify the number of submissions per Hour or Day.

      When the limit is reached, FortiSandbox sends a signal to FortiClient to stop file submission to save resources on both devices.

    Previous
    Next