Appendix D - Maximum Values
This topic provides minimum/maximum values for configurations, file size limits, and concurrent client device connections.
Configuration limits
|
Job inputs |
Min value |
Max value |
Default value |
Configurable |
|
Filename length |
1 |
4096 characters |
|
|
|
Directly URL length |
1 |
3 KB characters |
|
|
|
On Demand job comments lengths |
0 |
255 characters |
|
|
|
Number of children files to unpack from archive file |
1 |
No max |
1000 for VM appliance
10,000 for hardware appliance
|
Y |
|
File size to enter VM |
|
512 MB |
|
|
|
Archive file unpack timeout |
1
1 |
No max |
15s for regular file (< 512 MB)
60s for big file (>512 MB) |
Y |
|
Allow/Block list |
Min value |
Max value |
Default value |
Configurable |
|
URL length |
1 |
2048 characters |
|
|
|
Domain name length |
1 |
253 characters |
|
|
|
URL Regex |
1 |
1024 characters |
|
|
|
MD5+SHA1+SHA256 record limit in list |
0 |
50,000 |
|
|
|
URL Regex records |
0 |
1,000 |
|
|
|
Domain + URL records |
0 |
50,000 |
|
|
|
Custom VM |
|
|
|
|
|
VM meta file for Installed Applications |
0 |
50 lines |
|
|
|
IOC Package |
Min value |
Max value |
Default value |
Configurable |
|
Malware/URL/TCP RST package entries counts |
0 |
10,000 |
|
|
|
Scan Profile |
Min value |
Max value |
Default value |
Configurable |
|
URL scan depth |
0 |
5 |
0 |
Y |
|
VM Scan timeout for executable file |
60s |
180s |
180s |
Y |
|
VM Scan timeout for non-executable file |
45s |
180s |
60s |
Y |
|
VM Scan timeout for URL |
30s |
1200s |
60s |
Y |
|
System Login |
Min value |
Max value |
Default value |
Configurable |
|
LDAP/Radius remote authentication |
10s |
180s |
10s |
Y |
|
Radius PAP secret |
|
52 characters |
|
|
|
GUI idle time |
1 min |
480m |
30m (For Azure 3m) |
Y |
|
User management |
Min value |
Max value |
Default value |
Configurable |
|
Username length |
1 |
64 characters |
|
|
|
User password |
6 characters |
64 characters |
|
|
| Netshare/Quarantine Entries |
Min value |
Max value |
Default value |
Configurable |
|
Network Share Entry |
0 |
512 |
|
|
|
Quarantine Entry |
0 |
512 |
|
|
File size limits
File size limits are determined by the input type (on-demand, sniffer etc).The default limit for each type is set to 200MB for single file and 500MB for uncompressed archives. You view or change the file-size limit with the CLI.
|
Hardware |
Device |
Adapter |
Netshare |
Sniffer |
ICAP |
JsonRPC |
On-Demand |
|
Single File (MB) |
512 |
1024 |
10240 |
1024 |
1024 |
30720 |
30720 |
|
Uncompressed Archive (MB) |
2048 |
2048 |
10240 |
2048 |
2048 |
30720 |
30720 |
|
Virtual (VM00) |
Device |
Adapter |
Netshare |
Sniffer |
ICAP |
JsonRPC |
On-Demand |
|
Single File (MB) |
512 |
1024 |
10240 |
1024 |
1024 |
30720 |
30720 |
|
Uncompressed Archive (MB) |
2048 |
2048 |
10240 |
2048 |
2048 |
30720 |
30720 |
|
FortiSandbox Cloud (PaaS) |
Device |
|
|
|
|
|
On-Demand |
|
Single File (MB) |
512 |
|
|
|
|
|
1024 |
|
Uncompressed Archive (MB) |
2048 |
|
|
|
|
|
2048 |
|
FortiGate Cloud Sandbox (SaaS) |
Device |
|
|
|
|
|
|
|
Single File (MB) |
200 |
|
|
|
|
|
|
|
Uncompressed Archive (MB) |
500 |
|
|
|
|
|
|
To view or change the file size limit with the CLI:
filesize-limit
For more information, see FortiSandbox CLI Reference Guide in the Fortinet Documents Library.
Client Device Connections
A FortiSandbox system has a maximum authorized limit of 50,000 FortiClient endpoints and 10,000 other Fortinet devices. If the device is FortiGate, each VDOM that sends file to FortiSandbox is counted as one device.
Each client device can have multiple concurrent connections to FortiSandbox at one time. These connection are for file transfer and result query. The maximum concurrent connection is 20,000 for FSA 3000E and 3000F models, and 10,000 for all other models.
Full capacity will depend on the model and its system capacity.