Fortinet white logo
Fortinet white logo

Administration Guide

Setting up a custom VM

Setting up a custom VM

Upload Custom VM

You can use the GUI to upload a Custom VM in appliance-based and private cloud FortiSandbox devices. Admins must have Read Write privileges to upload a custom VM.

Note

This feature is not supported on AWS, Azure, GCP and FortiSandbox Cloud.

Note

Please refer to the FortiSandbox Custom VM Guide when creating your Custom VM. This guide is available to FortiSandbox customers with access to the Fortinet Developer Network or is available upon request from Customer Support.

A Custom VM requires a perpetual license. Once the license is registered with FortiCloud, download it from the support site and then upload it to FortiSandbox. If successful, the License widget in the Dashboard will display a green icon indicating the VM is enabled and ready to use.

To upload a custom VM:
  1. Go to Scan Policy and Object > VM Settings.
  2. In the toolbar, click Upload Custom VM.
  3. Configure the Custom VM.

    Name

    The name cannot exceed 15 characters. Only letters and numbers are supported.

    CPU Cores

    Default is 1.

    Maximum of two cores are supported.

    Memory

    Default is 1024MB.

    Maximum of 4096 MB memory is supported. Using a large size of memory may result in not being able to run the maximum number of clones allowed.

    Activate VM

    If the VM is pre-activated, please select this option and input the system UUID of the Custom VM, otherwise the VM may not remain in an activated status after uploading.

    OS Type

    Default is Windows7.

    Options include: Windows7, Windows8, Windows10, Linux, etc.

    Select VM Image

    Select the Custom VM image file to be uploaded from the local folder. This should be a vdi file.

    NOTE: VDI is the officially supported VM image format. Other formats should be converted to VDI before upload. We recommend the following conversion tools: VBoxManage in Windows, Convert-VHD in Windows PowerShell and qemu-img in Linux.

  4. Click Upload VM Image. The system starts uploading VM images. Uplaod time will vary depending on your network.

  5. After the upload is complete, the system will automatically install the Custom VM. If the installation is successful, refresh the VM Settings page to view the VM in the Custom VMs list.

Configure a custom VM

Custom VM modification is supported on the appliance-based and private cloud. It is not supported on cloud deployments such as FortiSandbox on AWS and Azure and FortiSandbox Cloud. Admins must have "Read Write" privileges to modify a custom VM.

Note

Please refer to the FortiSandboxCustom VM Guide when developing your Custom VM. This guide is available to FortiSandbox customers with access to the Fortinet Developer Network or is available upon request from Customer Support.

A Custom VM requires a perpetual license. Once the license is registered with FortiCloud, download it from the support site and then upload it to FortiSandbox. If successful, the License widget in the Dashboard will display a green icon indicating the VM is enabled and ready to use.

To modify a custom VM:
  1. Go to Scan Policy and Object > VM Settings.
  2. Under Custom VMs, ensure the Clone # is zero.

  3. Click the Customize VM icon .
  4. Configure the VM settings that will be used for the VNC session only. FortiSandbox uses pre-defined VM resources for the Dynamic Scan.

    VM NameThe name cannot exceed 15 characters. Only letters and numbers are supported.
    CPU Cores

    Default is 1.

    Maximum of two cores are supported. Once VNC terminates the CPU value reverts to default.

    Memory

    Default is 1024.

    Maximum of 4096 MB memory is supported. Once VNC terminates the Memory value reverts to default.

  5. Click Start. The system starts an instance of the VM type. This may take some time to complete.

  6. Click Mount an ISO to install the software. Only ISO format is supported.

    The mounted ISO will be connected as CD drive. Alternatively, you can transfer files via file sharing site over the Internet. YOu should only visit a trusted site to avoid any unexpected changes on your VM.

  7. To allow the custom VM to connect to the Internet:
    • Set IP 192.168.56.31/24 on the interface with the last 3 and 4 digits of the Mac address being 38, for example, 00-15-5D-C8-38-20
    • Set IP 192.168.57.31/24 on another interface with the last 3 and 4 digits of the Mac address being 39, for example, 00-15-5D-C8-39-20
    • Set the default gateway as 192.168.57.1 .Set a valid DNS server
  8. Click Power Cycle to restart the instance.
  9. To save your modifications, shutdown first the custom VM instance via VNC.
    • Click the Save icon to save all changes.
    • Click the Save As icon to save changes and then assign the current instance under a new name.
  10. (Optional) Return to VM Settings and click the Download icon to download the VDI of all un-used custom VM(s).

Setting up a custom VM

Setting up a custom VM

Upload Custom VM

You can use the GUI to upload a Custom VM in appliance-based and private cloud FortiSandbox devices. Admins must have Read Write privileges to upload a custom VM.

Note

This feature is not supported on AWS, Azure, GCP and FortiSandbox Cloud.

Note

Please refer to the FortiSandbox Custom VM Guide when creating your Custom VM. This guide is available to FortiSandbox customers with access to the Fortinet Developer Network or is available upon request from Customer Support.

A Custom VM requires a perpetual license. Once the license is registered with FortiCloud, download it from the support site and then upload it to FortiSandbox. If successful, the License widget in the Dashboard will display a green icon indicating the VM is enabled and ready to use.

To upload a custom VM:
  1. Go to Scan Policy and Object > VM Settings.
  2. In the toolbar, click Upload Custom VM.
  3. Configure the Custom VM.

    Name

    The name cannot exceed 15 characters. Only letters and numbers are supported.

    CPU Cores

    Default is 1.

    Maximum of two cores are supported.

    Memory

    Default is 1024MB.

    Maximum of 4096 MB memory is supported. Using a large size of memory may result in not being able to run the maximum number of clones allowed.

    Activate VM

    If the VM is pre-activated, please select this option and input the system UUID of the Custom VM, otherwise the VM may not remain in an activated status after uploading.

    OS Type

    Default is Windows7.

    Options include: Windows7, Windows8, Windows10, Linux, etc.

    Select VM Image

    Select the Custom VM image file to be uploaded from the local folder. This should be a vdi file.

    NOTE: VDI is the officially supported VM image format. Other formats should be converted to VDI before upload. We recommend the following conversion tools: VBoxManage in Windows, Convert-VHD in Windows PowerShell and qemu-img in Linux.

  4. Click Upload VM Image. The system starts uploading VM images. Uplaod time will vary depending on your network.

  5. After the upload is complete, the system will automatically install the Custom VM. If the installation is successful, refresh the VM Settings page to view the VM in the Custom VMs list.

Configure a custom VM

Custom VM modification is supported on the appliance-based and private cloud. It is not supported on cloud deployments such as FortiSandbox on AWS and Azure and FortiSandbox Cloud. Admins must have "Read Write" privileges to modify a custom VM.

Note

Please refer to the FortiSandboxCustom VM Guide when developing your Custom VM. This guide is available to FortiSandbox customers with access to the Fortinet Developer Network or is available upon request from Customer Support.

A Custom VM requires a perpetual license. Once the license is registered with FortiCloud, download it from the support site and then upload it to FortiSandbox. If successful, the License widget in the Dashboard will display a green icon indicating the VM is enabled and ready to use.

To modify a custom VM:
  1. Go to Scan Policy and Object > VM Settings.
  2. Under Custom VMs, ensure the Clone # is zero.

  3. Click the Customize VM icon .
  4. Configure the VM settings that will be used for the VNC session only. FortiSandbox uses pre-defined VM resources for the Dynamic Scan.

    VM NameThe name cannot exceed 15 characters. Only letters and numbers are supported.
    CPU Cores

    Default is 1.

    Maximum of two cores are supported. Once VNC terminates the CPU value reverts to default.

    Memory

    Default is 1024.

    Maximum of 4096 MB memory is supported. Once VNC terminates the Memory value reverts to default.

  5. Click Start. The system starts an instance of the VM type. This may take some time to complete.

  6. Click Mount an ISO to install the software. Only ISO format is supported.

    The mounted ISO will be connected as CD drive. Alternatively, you can transfer files via file sharing site over the Internet. YOu should only visit a trusted site to avoid any unexpected changes on your VM.

  7. To allow the custom VM to connect to the Internet:
    • Set IP 192.168.56.31/24 on the interface with the last 3 and 4 digits of the Mac address being 38, for example, 00-15-5D-C8-38-20
    • Set IP 192.168.57.31/24 on another interface with the last 3 and 4 digits of the Mac address being 39, for example, 00-15-5D-C8-39-20
    • Set the default gateway as 192.168.57.1 .Set a valid DNS server
  8. Click Power Cycle to restart the instance.
  9. To save your modifications, shutdown first the custom VM instance via VNC.
    • Click the Save icon to save all changes.
    • Click the Save As icon to save changes and then assign the current instance under a new name.
  10. (Optional) Return to VM Settings and click the Download icon to download the VDI of all un-used custom VM(s).