Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiSandbox 4.4.3 Administration Guide
    4.4.3
    5.0.0
    4.4.6
    4.4.5
    4.4.4
    4.4.3
    4.4.2
    4.4.1
    4.4.0
    4.2.7
    4.2.6
    4.2.5
    4.2.4
    4.2.3
    4.2.2
    4.2.1
    4.2.0
    4.0.5
    4.0.4
    4.0.3
    4.0.2
    4.0.1
    4.0.0
    3.2.4
    3.2.3
    3.2.2
    3.2.1
    3.2.0
    3.1.5
    3.1.4
    3.1.3
    3.1.2
    3.1.1
    3.1.0
    3.0.7
    3.0.6

    TCP RST package

    TCP RST package

    Go to Scan Policy and Object > TCP RST Package to view the FortiSandbox Sniffer TCP RST list.

    The following options are available:

    Refresh

    Refresh the TCP RST Package list.

    View

    Select a package version number and click the View button from the toolbar. The following information is displayed:

    • Job Detail: View the downloaded file's detailed information.
    • Remove from TCP RST package: If marked, the URL will be removed from future TCP RST packages.
    • Detected: The date and time that the item was detected.
    • Host/IP: From where the URL is from.
    • URL: The URL in the package.
    • Rating: The risk rating of the downloaded file.

    Package Options

    Configure how the packages are generated.

    Download Blocklist

    Download the FSA Detected Blocklist or Custom Blocklist.

    Upload Custom Blocklist

    Upload a user-defined blocklist to FortiSandbox.

    File requirements:

    • Text files are supported
    • One URL per line
    • URLs, IPs and domains are supported

    Example:

    http://www.example.com

    www.test.net

    http://66.77.88.99

    11.22.33.44

    After the file is uploaded it will overwrite previous versions of the custom blocklist if there are any.

    In an HA Cluster , the custom blocklist will only be synced to a new primary node when failover occurs.

    Delete Custom Blocklist

    Delete a user-defined blocklist.

    The TCP RST Package page displays the following information:

    Version

    The TCP RST package version.

    Release Time

    The TCP RST package release time.

    Total

    The total number of URLs inside the package.

    To configure a TCP RST package:
    1. Go to Scan Policy and Object > TCP RST Package.
    2. Click Package Options and configure the following settings.

      Includes past 14 day(s) of dataEnter a value between 1-365 days.
      Includes job data of the following ratingsSelect Malicious, High Risk or Medium Risk.
    3. Click OK.
    Previous
    Next

    TCP RST package

    TCP RST package

    Go to Scan Policy and Object > TCP RST Package to view the FortiSandbox Sniffer TCP RST list.

    The following options are available:

    Refresh

    Refresh the TCP RST Package list.

    View

    Select a package version number and click the View button from the toolbar. The following information is displayed:

    • Job Detail: View the downloaded file's detailed information.
    • Remove from TCP RST package: If marked, the URL will be removed from future TCP RST packages.
    • Detected: The date and time that the item was detected.
    • Host/IP: From where the URL is from.
    • URL: The URL in the package.
    • Rating: The risk rating of the downloaded file.

    Package Options

    Configure how the packages are generated.

    Download Blocklist

    Download the FSA Detected Blocklist or Custom Blocklist.

    Upload Custom Blocklist

    Upload a user-defined blocklist to FortiSandbox.

    File requirements:

    • Text files are supported
    • One URL per line
    • URLs, IPs and domains are supported

    Example:

    http://www.example.com

    www.test.net

    http://66.77.88.99

    11.22.33.44

    After the file is uploaded it will overwrite previous versions of the custom blocklist if there are any.

    In an HA Cluster , the custom blocklist will only be synced to a new primary node when failover occurs.

    Delete Custom Blocklist

    Delete a user-defined blocklist.

    The TCP RST Package page displays the following information:

    Version

    The TCP RST package version.

    Release Time

    The TCP RST package release time.

    Total

    The total number of URLs inside the package.

    To configure a TCP RST package:
    1. Go to Scan Policy and Object > TCP RST Package.
    2. Click Package Options and configure the following settings.

      Includes past 14 day(s) of dataEnter a value between 1-365 days.
      Includes job data of the following ratingsSelect Malicious, High Risk or Medium Risk.
    3. Click OK.
    Previous
    Next