Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiSandbox 5.0.0 Administration Guide
    5.0.0
    5.0.0
    4.4.6
    4.4.5
    4.4.4
    4.4.3
    4.4.2
    4.4.1
    4.4.0
    4.2.7
    4.2.6
    4.2.5
    4.2.4
    4.2.3
    4.2.2
    4.2.1
    4.2.0
    4.0.5
    4.0.4
    4.0.3
    4.0.2
    4.0.1
    4.0.0
    3.2.4
    3.2.3
    3.2.2
    3.2.1
    3.2.0
    3.1.5
    3.1.4
    3.1.3
    3.1.2
    3.1.1
    3.1.0
    3.0.7
    3.0.6

    Configuring VM Settings

    Configuring VM Settings

    This topic contains information about the settings in the VM Settings page, as well as how to set the default browser, and how to view applications installed on a VM.

    Note

    Known issue:

    The newer CPU may not be fully compatible with the visualization of the FortiSandbox. For more information, see Troubleshooting cloning issues in the FortiSandbox Best Practice Guide.

    The Scan Policy and Object > VM Settings page displays the following information:

    VM Settings Information

    Description

    VM Usage

    Click View VM Usage to view usage for the past 24 hours.

    Installed Apps

    Click View Installed Applications to view applications installed on a VM. For more information, see Viewing applications installed on a VM.

    Name

    Name of the VM image. The name is unique in the system. If you upload a new VM image of the same name, the current installation is replaced.

    To see the VM’s usage chart, click the Chart icon beside the Name.

    Status

    VM image status such as:

    • In-Use

    • Activated

    • Installed

    • Initializing

    Clone#

    VM clone number. Double-click the number to edit it and then click the green checkmark to save the new number. Click Apply to apply the change. The VM system re-initializes.

    The total clone number of all VM images cannot exceed the number of installed Windows licenses. For example, for FSA-3000F, the maximum clone number is 72.

    We recommend applying more than 8+clone_number*3 of memory on your FSA unit.

    Browser

    Set the default browser in Local Windows and Custom VMs. The default browser is Microsoft Internet Explorer.

    File Types

    List of all the file types associated with the VM image. This means files of these types will be scanned by this VM if these types are determined to enter the job queue. The system decides if they need to be sandboxed.

    If the sandbox pre-filtering is turned:

    • Off for a file type, it will be scanned inside each associated VM type.
    • On, files of this file type will be statically scanned first by an advanced analytic engine and only suspicious files will be scanned inside associated VM types.

    You can define file type and VM association in Scan Policy and Object > Scan Profile. You can double-click the value to access the Scan Profile page to edit the list.

    When Windows Cloud VM is used in normal mode, file extensions can be modified and displayed. If it is used in overflow mode, only selected local windows VMs will be displayed.

    VM Settings Tools

    Description

    Add VMs from FortiGuard

    Download and install the published Default and Optional VMs from the FortiGuard image server and add the Remote VMs into the VM Settings.

    Upload Custom VM

    Upload a Custom VM image from the local. For more information, see Setting up a custom VM.

    View Running VMs

    Take and view a screenshot of a running VM. When the admin user clicks the View Running VMs menu, all currently running guest VM clones will be displayed. Click the Screenshot button, then the PNG Link button to view a screenshot of the running clones.

    Clicking on the Interaction button of the running VM clones will open the VM clone’s VNC monitor if the VNC feature is enabled by the CLI command: vm-vnc -e.

    This feature is useful to troubleshoot issues related to guest images.

    VM Clone Number Limit

    Description

    Local Clone Number

    Counts the number of local VM clones in-use and provides the limit. Local VMs include Default VMs, Optional VMs and Custom VMs. The simulator VM (LinuxOT) is not included.

    For example:

    • FSA-3000F: The maximum local clone number is 72.
    • FSA-1500G: The maximum local clone number is 28.
    • FSAVM00: The maximum local clone number is 8.

    Total number of clones

    The total number of clones in-use and the limit. The count includes both the local VM clones and remote VM clones. The simulator VM (LinuxOT) is not included.

    The limit is calculated by the number of VM Clone subscriptions.

    To expand the unit's scan power, you can purchase more clone subscriptions than the local clone limit and enable the remote WindowsCloudVM and remote MACOSX clones. Then files can be sent to Fortinet Cloud Sandboxing to scan.

    Set the default browser

    Set the default browser in Local Windows and Custom VMs. The default browser is Microsoft Internet Explorer.

    Supported Browsers and minimum required version:
    • Google Chrome v75.0.3770.80
    • Mozilla Firefox v90.0
    • Microsoft Edge v86.0.622.61
    • Microsoft Internet Explorer
    Local Windows VM:

    Chrome, FireFox and Edge are not listed if the installed version on the VM is lower than minimum required.

    Optional VM:

    The Browser setting is only available in the following Optional VMs. These VMs are only available in version 4.2:

    • WIN10O16V4
    • WIN7X86SP1O16V3

    • WIN10O19V1

    Download the applicable VM and apply a Windows license accordingly.

    Custom VM:

    All browsers are listed regardless of whether the browser is installed on the VM. If the configured browser is not installed, the URL will be opened by the default browser. If the configured browser is installed but does not meet the required version, the URL will opened but cannot be scanned properly.

    On the Job Detail, the browser used in the VM can be viewed in the Process Information under the Tree View tab.

    To set the default browser in a Custom VM:
    1. Go to Scan Policy and Object > VM Settings.
    2. In the Browser column, click the OriginalDefault dropdown, and select a browser from the list.

    Remote VM:

    This feature is not supported in Remote (Windows, MacOS and Android Cloud VMs) and Local Linux VMs.

    Viewing applications installed on a VM

    The applications list is available in Default VMs and Optional VMs by default. You can use a meta file to upload a list of applications installed on a custom VM.

    To view the applications list for Default and Optional VMs:

    1. Go to Scan Policy and Object > VM Settings. The Installed Apps: <vm-name> dialog opens.

    2. In the Default VMs or Optional VMs section, click View installed apps.

    To upload an applications list for Custom VMs:

    1. Go to Scan Policy and Object > VM Settings.

    2. In the Custom VMs section, click View installed apps. The Installed Apps: <vm-name> dialog opens.

    3. Click Browse and navigate to the meta file location.

      Meta file requirements:

      • Apostrophes (') and quotation marks (") are not supported.
      • The maximum number of characters in per line is120.
      • The maximum number of lines in a meta file is 50.
    4. Click Upload meta file. After uploading the application list will be displayed in the in theInstalled Apps: <vm-name> dialog.
    Tooltip

    The application list is also available in the VM Association tab.

    To view the list, go to Scan Policy and Object >Scan Profiles >VM Association and select a Custom VM.
    Previous
    Next

    Configuring VM Settings

    Configuring VM Settings

    This topic contains information about the settings in the VM Settings page, as well as how to set the default browser, and how to view applications installed on a VM.

    Note

    Known issue:

    The newer CPU may not be fully compatible with the visualization of the FortiSandbox. For more information, see Troubleshooting cloning issues in the FortiSandbox Best Practice Guide.

    The Scan Policy and Object > VM Settings page displays the following information:

    VM Settings Information

    Description

    VM Usage

    Click View VM Usage to view usage for the past 24 hours.

    Installed Apps

    Click View Installed Applications to view applications installed on a VM. For more information, see Viewing applications installed on a VM.

    Name

    Name of the VM image. The name is unique in the system. If you upload a new VM image of the same name, the current installation is replaced.

    To see the VM’s usage chart, click the Chart icon beside the Name.

    Status

    VM image status such as:

    • In-Use

    • Activated

    • Installed

    • Initializing

    Clone#

    VM clone number. Double-click the number to edit it and then click the green checkmark to save the new number. Click Apply to apply the change. The VM system re-initializes.

    The total clone number of all VM images cannot exceed the number of installed Windows licenses. For example, for FSA-3000F, the maximum clone number is 72.

    We recommend applying more than 8+clone_number*3 of memory on your FSA unit.

    Browser

    Set the default browser in Local Windows and Custom VMs. The default browser is Microsoft Internet Explorer.

    File Types

    List of all the file types associated with the VM image. This means files of these types will be scanned by this VM if these types are determined to enter the job queue. The system decides if they need to be sandboxed.

    If the sandbox pre-filtering is turned:

    • Off for a file type, it will be scanned inside each associated VM type.
    • On, files of this file type will be statically scanned first by an advanced analytic engine and only suspicious files will be scanned inside associated VM types.

    You can define file type and VM association in Scan Policy and Object > Scan Profile. You can double-click the value to access the Scan Profile page to edit the list.

    When Windows Cloud VM is used in normal mode, file extensions can be modified and displayed. If it is used in overflow mode, only selected local windows VMs will be displayed.

    VM Settings Tools

    Description

    Add VMs from FortiGuard

    Download and install the published Default and Optional VMs from the FortiGuard image server and add the Remote VMs into the VM Settings.

    Upload Custom VM

    Upload a Custom VM image from the local. For more information, see Setting up a custom VM.

    View Running VMs

    Take and view a screenshot of a running VM. When the admin user clicks the View Running VMs menu, all currently running guest VM clones will be displayed. Click the Screenshot button, then the PNG Link button to view a screenshot of the running clones.

    Clicking on the Interaction button of the running VM clones will open the VM clone’s VNC monitor if the VNC feature is enabled by the CLI command: vm-vnc -e.

    This feature is useful to troubleshoot issues related to guest images.

    VM Clone Number Limit

    Description

    Local Clone Number

    Counts the number of local VM clones in-use and provides the limit. Local VMs include Default VMs, Optional VMs and Custom VMs. The simulator VM (LinuxOT) is not included.

    For example:

    • FSA-3000F: The maximum local clone number is 72.
    • FSA-1500G: The maximum local clone number is 28.
    • FSAVM00: The maximum local clone number is 8.

    Total number of clones

    The total number of clones in-use and the limit. The count includes both the local VM clones and remote VM clones. The simulator VM (LinuxOT) is not included.

    The limit is calculated by the number of VM Clone subscriptions.

    To expand the unit's scan power, you can purchase more clone subscriptions than the local clone limit and enable the remote WindowsCloudVM and remote MACOSX clones. Then files can be sent to Fortinet Cloud Sandboxing to scan.

    Set the default browser

    Set the default browser in Local Windows and Custom VMs. The default browser is Microsoft Internet Explorer.

    Supported Browsers and minimum required version:
    • Google Chrome v75.0.3770.80
    • Mozilla Firefox v90.0
    • Microsoft Edge v86.0.622.61
    • Microsoft Internet Explorer
    Local Windows VM:

    Chrome, FireFox and Edge are not listed if the installed version on the VM is lower than minimum required.

    Optional VM:

    The Browser setting is only available in the following Optional VMs. These VMs are only available in version 4.2:

    • WIN10O16V4
    • WIN7X86SP1O16V3

    • WIN10O19V1

    Download the applicable VM and apply a Windows license accordingly.

    Custom VM:

    All browsers are listed regardless of whether the browser is installed on the VM. If the configured browser is not installed, the URL will be opened by the default browser. If the configured browser is installed but does not meet the required version, the URL will opened but cannot be scanned properly.

    On the Job Detail, the browser used in the VM can be viewed in the Process Information under the Tree View tab.

    To set the default browser in a Custom VM:
    1. Go to Scan Policy and Object > VM Settings.
    2. In the Browser column, click the OriginalDefault dropdown, and select a browser from the list.

    Remote VM:

    This feature is not supported in Remote (Windows, MacOS and Android Cloud VMs) and Local Linux VMs.

    Viewing applications installed on a VM

    The applications list is available in Default VMs and Optional VMs by default. You can use a meta file to upload a list of applications installed on a custom VM.

    To view the applications list for Default and Optional VMs:

    1. Go to Scan Policy and Object > VM Settings. The Installed Apps: <vm-name> dialog opens.

    2. In the Default VMs or Optional VMs section, click View installed apps.

    To upload an applications list for Custom VMs:

    1. Go to Scan Policy and Object > VM Settings.

    2. In the Custom VMs section, click View installed apps. The Installed Apps: <vm-name> dialog opens.

    3. Click Browse and navigate to the meta file location.

      Meta file requirements:

      • Apostrophes (') and quotation marks (") are not supported.
      • The maximum number of characters in per line is120.
      • The maximum number of lines in a meta file is 50.
    4. Click Upload meta file. After uploading the application list will be displayed in the in theInstalled Apps: <vm-name> dialog.
    Tooltip

    The application list is also available in the VM Association tab.

    To view the list, go to Scan Policy and Object >Scan Profiles >VM Association and select a Custom VM.
    Previous
    Next