Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Administration Guide

    Home FortiSandbox 5.0.0 Administration Guide
    5.0.0
    5.0.0
    4.4.6
    4.4.5
    4.4.4
    4.4.3
    4.4.2
    4.4.1
    4.4.0
    4.2.7
    4.2.6
    4.2.5
    4.2.4
    4.2.3
    4.2.2
    4.2.1
    4.2.0
    4.0.5
    4.0.4
    4.0.3
    4.0.2
    4.0.1
    4.0.0
    3.2.4
    3.2.3
    3.2.2
    3.2.1
    3.2.0
    3.1.5
    3.1.4
    3.1.3
    3.1.2
    3.1.1
    3.1.0
    3.0.7
    3.0.6

    Introduction

    Introduction

    This guide describes how to configure and manage your FortiSandbox system and the connected Fortinet Security Fabric devices. For documentation on Fortinet devices, such as FortiGate and FortiClient, see Fortinet Document Library.

    FortiSandbox overview

    Combating today’s Advanced Persistent Threats (APTs) demands a multi-layered strategy. FortiSandbox provides an exceptional blend of proactive defense, enhanced threat visibility, and thorough reporting. It’s more than just a sandbox; it incorporates Fortinet’s award-winning AI-based threat scanning technologies, dynamic sandboxing, and optional integrated FortiGuard cloud queries to counter advanced evasion techniques and deliver cutting-edge threat protection. FortiSandbox utilizes AI-based advanced detection and threat scanning technology to detect unknown Malware and Phishing, counter advanced evasion techniques and deliver cutting-edge threat protection. FortiSandbox works with your existing devices, such as FortiGate, FortiMail, FortiClient and several other security fabric devices to identify malicious and suspicious files and network traffic. It has a complete extreme antivirus database that will catch viruses that may have been missed.

    FortiSandbox executes suspicious files in the VM host module to determine if the file is High, Medium, or Low Risk based on the behavior observed in the VM sandbox module. The rating engine scores each file from its behavior log (tracer log) that is gathered in the VM module and, if the score falls within a certain range, a risk level is determined.

    What's new in FortiSandbox v5.0.0

    Advanced AI

    Advanced AI enhances detection coverage with next-generation static and dynamic scanning. Leveraging two scan engines, Advanced AI builds on FortiSandbox's already fast and reliable scanning abilities with ten-times faster verdicts and three-times detection and accuracy . For more information, refer to FortiGuard.

    Universal VM

    Universal VM provides access to multiple VMs with just a single license type. This new all-in-one license supports deployment on premise or cloud VMs for any supported OS. Deploy as many as 200 flexible VMs on a single unit, making ultra scalable and cost effective. For more information, refer to Scan Policy and Object > VM Settings.

    SOC assist

    SOC Assist emboldens your SOC teams' investigation and threat hunting abilities with FortiSandbox's enhanced Threat Enrichment, Job Reports, and Incident Assist. Threat Enrichment is correlated analysis to known outbreaks, threat actors and attack campaigns for more decisive investigations. The enhanced Job Report is an AI-generated summary of events with comprehensive behavior trees and detailed activity tables. The Incident Assist provides unified threat monitoring for daily review of detected threats from a single page view.

    Previous
    Next

    Related Videos

    sidebar video

    What's New in FortiSandbox 5.0

    • 438 views
    • 1 months ago

    Introduction

    Introduction

    This guide describes how to configure and manage your FortiSandbox system and the connected Fortinet Security Fabric devices. For documentation on Fortinet devices, such as FortiGate and FortiClient, see Fortinet Document Library.

    FortiSandbox overview

    Combating today’s Advanced Persistent Threats (APTs) demands a multi-layered strategy. FortiSandbox provides an exceptional blend of proactive defense, enhanced threat visibility, and thorough reporting. It’s more than just a sandbox; it incorporates Fortinet’s award-winning AI-based threat scanning technologies, dynamic sandboxing, and optional integrated FortiGuard cloud queries to counter advanced evasion techniques and deliver cutting-edge threat protection. FortiSandbox utilizes AI-based advanced detection and threat scanning technology to detect unknown Malware and Phishing, counter advanced evasion techniques and deliver cutting-edge threat protection. FortiSandbox works with your existing devices, such as FortiGate, FortiMail, FortiClient and several other security fabric devices to identify malicious and suspicious files and network traffic. It has a complete extreme antivirus database that will catch viruses that may have been missed.

    FortiSandbox executes suspicious files in the VM host module to determine if the file is High, Medium, or Low Risk based on the behavior observed in the VM sandbox module. The rating engine scores each file from its behavior log (tracer log) that is gathered in the VM module and, if the score falls within a certain range, a risk level is determined.

    What's new in FortiSandbox v5.0.0

    Advanced AI

    Advanced AI enhances detection coverage with next-generation static and dynamic scanning. Leveraging two scan engines, Advanced AI builds on FortiSandbox's already fast and reliable scanning abilities with ten-times faster verdicts and three-times detection and accuracy . For more information, refer to FortiGuard.

    Universal VM

    Universal VM provides access to multiple VMs with just a single license type. This new all-in-one license supports deployment on premise or cloud VMs for any supported OS. Deploy as many as 200 flexible VMs on a single unit, making ultra scalable and cost effective. For more information, refer to Scan Policy and Object > VM Settings.

    SOC assist

    SOC Assist emboldens your SOC teams' investigation and threat hunting abilities with FortiSandbox's enhanced Threat Enrichment, Job Reports, and Incident Assist. Threat Enrichment is correlated analysis to known outbreaks, threat actors and attack campaigns for more decisive investigations. The enhanced Job Report is an AI-generated summary of events with comprehensive behavior trees and detailed activity tables. The Incident Assist provides unified threat monitoring for daily review of detected threats from a single page view.

    Previous
    Next