Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiSandbox 4.4.4 Administration Guide
    4.4.4
    5.0.0
    4.4.6
    4.4.5
    4.4.4
    4.4.3
    4.4.2
    4.4.1
    4.4.0
    4.2.7
    4.2.6
    4.2.5
    4.2.4
    4.2.3
    4.2.2
    4.2.1
    4.2.0
    4.0.5
    4.0.4
    4.0.3
    4.0.2
    4.0.1
    4.0.0
    3.2.4
    3.2.3
    3.2.2
    3.2.1
    3.2.0
    3.1.5
    3.1.4
    3.1.3
    3.1.2
    3.1.1
    3.1.0
    3.0.7
    3.0.6

    FortiGuard

    FortiGuard

    Go to System > FortiGuard to view the FortiGuard page.

    The following options and information are available:

    Module Name

    FortiGuard module name such as AntiVirus Scanner, AntiVirus Extreme Signature, AntiVirus Active Signature, AntiVirus Extended Signature, Network Alerts Signature, Sandbox System Tools, Sandbox Rating Engine, Sandbox Tracer Engine, Industry Security Signature, and Traffic Sniffer.

    All modules automatically install update packages when they are available on FDN.

    Current Version

    Current version of the module.

    Last Check Time

    Date and time that module last checked for an update.

    Last Update Time

    Date and time that module was last updated.

    Last Check Status

    Status of the last update attempt.

    Upload Package File

    Click Choose File to select a package file on the management computer, then click Submit to upload the package file to FortiSandbox.

    If the unit has no access to Fortinet FDN servers, go to the Customer Service and Support site to download package files manually.

    FortiGuard Server Location

    Select FDN servers for package update and Web Filtering query. The default selection is Nearest which is the FDN server nearest to the unit's time zone. Selecting US Region means using only servers in the USA. Selecting Global means using global FDN servers via secure connection via HTTPS port 443 to do FDN update.

    FortiGuard Server Settings

    Use override FDN server to download module updates

    Enable this option to use an override FDN server or FortiManager to download module updates. Enter the override server IP address or FQDN in the text box. Enabling this option disables FortiGuard Server Location.

    Click Connect FDN Now to schedule an immediate update check.

    Use Proxy

    Enable this option to use a proxy. Configure the Proxy Type (HTTP Connect or SOCKS v5), Server Name/IP, Port, Proxy Username, and Proxy Password.

    Connect FDN Now

    Click Connect FDN Now to connect to the FDN server/proxy.

    FortiGuard Web Filter Settings

    Secure Connection

    FortiSandbox supports secure XOR encrypted connection for FortiGuard web filter settings. When enabled, the system uses secure XOR encrypted mode for the connection.

    Use override server for web filtering query

    Enable this option to use an override server address for web filtering query using the server IP address or FQDN in the text box.

    The default is the web filtering server nearest the unit's time zone.

    Use Proxy

    Enable this option to use a proxy. Configure the Socks5 or HTTP connect Server Name/IP, Port, Proxy Username, and Proxy Password. HTTP Connect option only appears when user selects Secure Connection.

    VM Image Download Proxy Settings

    Use Proxy

    Enable this option to use a proxy. Configure the Proxy Type (HTTP Connect or SOCKS v5), Server Name/IP, Port, Proxy Username, and Proxy Password.

    FortiSandbox Community Cloud & Threat Intelligence Settings

    Use override server for community cloud server query

    Enable this option when using FortiManager for Community Cloud server query in your environment

    When using FortiManager for Community Cloud server query, only verdict information is available for malware. The malware's behavior information is not available.

    Use Proxy

    Enable this option to use a proxy. Configure the Socks5 Server Name/IP, Port, Proxy Username, and Proxy Password.

    FortiSandbox WindowsCloud VM Settings

    Server Regions

    This option requires a Windows Cloud VM contract.

    Select the region where Windows Cloud VMs are used to scan files.

    Use override APT server (IP or FQDN)

    You can override the APT server and manually enter the IP address of the APT server which hosts the Windows Cloud VM.

    FortiSandbox Real-time Zero-Day Anti-Phishing Service Settings

    Server Regions

    This option requires a Real-time Zero-Day Anti-Phishing contract.

    Select the region where Real-time Zero-Day Anti-Phishing is used to scan files.

    Use override Real-time Zero-Day Anti-Phishing Service server

    Enable this option to use an override server address for Real-time Zero-Day Anti-Phishing Service query using the server IP address and Port in the text box.

    The default server refers to Port and access control information .

    Use Proxy

    Enable this option to use a proxy. Configure the Proxy Type (HTTP Connect or SOCKS v5), Server Name/IP, Port, Proxy Username, and Proxy Password.
    Note

    If the proxy is used, FortiSandbox will utilize DNS server 208.91.112.53 for that settings. Please, ensure that this server accessible from the proxy server.
    Previous
    Next

    FortiGuard

    FortiGuard

    Go to System > FortiGuard to view the FortiGuard page.

    The following options and information are available:

    Module Name

    FortiGuard module name such as AntiVirus Scanner, AntiVirus Extreme Signature, AntiVirus Active Signature, AntiVirus Extended Signature, Network Alerts Signature, Sandbox System Tools, Sandbox Rating Engine, Sandbox Tracer Engine, Industry Security Signature, and Traffic Sniffer.

    All modules automatically install update packages when they are available on FDN.

    Current Version

    Current version of the module.

    Last Check Time

    Date and time that module last checked for an update.

    Last Update Time

    Date and time that module was last updated.

    Last Check Status

    Status of the last update attempt.

    Upload Package File

    Click Choose File to select a package file on the management computer, then click Submit to upload the package file to FortiSandbox.

    If the unit has no access to Fortinet FDN servers, go to the Customer Service and Support site to download package files manually.

    FortiGuard Server Location

    Select FDN servers for package update and Web Filtering query. The default selection is Nearest which is the FDN server nearest to the unit's time zone. Selecting US Region means using only servers in the USA. Selecting Global means using global FDN servers via secure connection via HTTPS port 443 to do FDN update.

    FortiGuard Server Settings

    Use override FDN server to download module updates

    Enable this option to use an override FDN server or FortiManager to download module updates. Enter the override server IP address or FQDN in the text box. Enabling this option disables FortiGuard Server Location.

    Click Connect FDN Now to schedule an immediate update check.

    Use Proxy

    Enable this option to use a proxy. Configure the Proxy Type (HTTP Connect or SOCKS v5), Server Name/IP, Port, Proxy Username, and Proxy Password.

    Connect FDN Now

    Click Connect FDN Now to connect to the FDN server/proxy.

    FortiGuard Web Filter Settings

    Secure Connection

    FortiSandbox supports secure XOR encrypted connection for FortiGuard web filter settings. When enabled, the system uses secure XOR encrypted mode for the connection.

    Use override server for web filtering query

    Enable this option to use an override server address for web filtering query using the server IP address or FQDN in the text box.

    The default is the web filtering server nearest the unit's time zone.

    Use Proxy

    Enable this option to use a proxy. Configure the Socks5 or HTTP connect Server Name/IP, Port, Proxy Username, and Proxy Password. HTTP Connect option only appears when user selects Secure Connection.

    VM Image Download Proxy Settings

    Use Proxy

    Enable this option to use a proxy. Configure the Proxy Type (HTTP Connect or SOCKS v5), Server Name/IP, Port, Proxy Username, and Proxy Password.

    FortiSandbox Community Cloud & Threat Intelligence Settings

    Use override server for community cloud server query

    Enable this option when using FortiManager for Community Cloud server query in your environment

    When using FortiManager for Community Cloud server query, only verdict information is available for malware. The malware's behavior information is not available.

    Use Proxy

    Enable this option to use a proxy. Configure the Socks5 Server Name/IP, Port, Proxy Username, and Proxy Password.

    FortiSandbox WindowsCloud VM Settings

    Server Regions

    This option requires a Windows Cloud VM contract.

    Select the region where Windows Cloud VMs are used to scan files.

    Use override APT server (IP or FQDN)

    You can override the APT server and manually enter the IP address of the APT server which hosts the Windows Cloud VM.

    FortiSandbox Real-time Zero-Day Anti-Phishing Service Settings

    Server Regions

    This option requires a Real-time Zero-Day Anti-Phishing contract.

    Select the region where Real-time Zero-Day Anti-Phishing is used to scan files.

    Use override Real-time Zero-Day Anti-Phishing Service server

    Enable this option to use an override server address for Real-time Zero-Day Anti-Phishing Service query using the server IP address and Port in the text box.

    The default server refers to Port and access control information .

    Use Proxy

    Enable this option to use a proxy. Configure the Proxy Type (HTTP Connect or SOCKS v5), Server Name/IP, Port, Proxy Username, and Proxy Password.
    Note

    If the proxy is used, FortiSandbox will utilize DNS server 208.91.112.53 for that settings. Please, ensure that this server accessible from the proxy server.
    Previous
    Next