Fortinet black logo

CLI Reference

system fortisandbox

system fortisandbox

Use this command to configure FortiWeb to submit all files that match your upload restriction rules to (Undefined variable: FortinetVariables.ProductName20).

(Undefined variable: FortinetVariables.ProductName20) evaluates whether the file poses a threat and returns the result to FortiWeb. If (Undefined variable: FortinetVariables.ProductName20) determines that the file is malicious, FortiWeb performs the following tasks:

  • Generates an attack log message that contains the result.
  • For 10 minutes after it receives the (Undefined variable: FortinetVariables.ProductName20) results, takes the action specified by the file security policy. During this time, it does not re-submit the file to (Undefined variable: FortinetVariables.ProductName20).

To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

Syntax

config system fortisandbox

set type {fsa | cloud}

set server "<server_ipv4>"

set cache-timeout <timeout_int>

set email "<email_str>"

set interval <interval_int>

set elog {enable | disable}

end

Variable Description Default

type {fsa | cloud}

Specify whether FortiWeb submits files that match the upload restriction rules to a FortiSandbox physical appliance (or FortiSandbox-VM) or to FortiSandbox Cloud.

The FortiSandbox Cloud option requires you to register your FortiWeb and a FortiWeb FortiGuard Sandbox Cloud Service subscription.

fsa

server "<server_ipv4>"

Enter the IP address of the (Undefined variable: FortinetVariables.ProductName20) to send files to.

Available only when type is fsa.

No default.

cache-timeout <timeout_int>

Enter how long FortiWeb waits before it clears the hash table entry for an uploaded file that was evaluated by (Undefined variable: FortinetVariables.ProductName20), in hours.

The valid range is 1–168.

FortiWeb stores file evaluation results from (Undefined variable: FortinetVariables.ProductName20) in a hash table. Whenever a client uploads a file, FortiWeb looks for a table entry that matches it. If there is a matching entry, FortiWeb takes action based on the stored result. If there is no matching entry, FortiWeb sends the file to (Undefined variable: FortinetVariables.ProductName20) for evaluation.

72

email "<email_str>"

Enter the email address that (Undefined variable: FortinetVariables.ProductName20) sends weekly reports and notifications to.

No default.

interval <interval_int>

Enter a number that specifies how often FortiWeb retrieves statistics from (Undefined variable: FortinetVariables.ProductName20), in minutes.

5

elog {enable | disable}

Enter so that FortiWeb will report event logs when it successfully submits files to (Undefined variable: FortinetVariables.ProductName20).

disable

Example

This example creates a connection to a (Undefined variable: FortinetVariables.ProductName20) at 192.0.2.2 that retrieves statistics at the default interval (5 minutes) and sends a weekly report to admin@example.com.

config system fortisandbox

set server "192.0.2.2"

set ssl enable

set email "admin@example.com"

end

Related topics

system fortisandbox

Use this command to configure FortiWeb to submit all files that match your upload restriction rules to (Undefined variable: FortinetVariables.ProductName20).

(Undefined variable: FortinetVariables.ProductName20) evaluates whether the file poses a threat and returns the result to FortiWeb. If (Undefined variable: FortinetVariables.ProductName20) determines that the file is malicious, FortiWeb performs the following tasks:

  • Generates an attack log message that contains the result.
  • For 10 minutes after it receives the (Undefined variable: FortinetVariables.ProductName20) results, takes the action specified by the file security policy. During this time, it does not re-submit the file to (Undefined variable: FortinetVariables.ProductName20).

To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

Syntax

config system fortisandbox

set type {fsa | cloud}

set server "<server_ipv4>"

set cache-timeout <timeout_int>

set email "<email_str>"

set interval <interval_int>

set elog {enable | disable}

end

Variable Description Default

type {fsa | cloud}

Specify whether FortiWeb submits files that match the upload restriction rules to a FortiSandbox physical appliance (or FortiSandbox-VM) or to FortiSandbox Cloud.

The FortiSandbox Cloud option requires you to register your FortiWeb and a FortiWeb FortiGuard Sandbox Cloud Service subscription.

fsa

server "<server_ipv4>"

Enter the IP address of the (Undefined variable: FortinetVariables.ProductName20) to send files to.

Available only when type is fsa.

No default.

cache-timeout <timeout_int>

Enter how long FortiWeb waits before it clears the hash table entry for an uploaded file that was evaluated by (Undefined variable: FortinetVariables.ProductName20), in hours.

The valid range is 1–168.

FortiWeb stores file evaluation results from (Undefined variable: FortinetVariables.ProductName20) in a hash table. Whenever a client uploads a file, FortiWeb looks for a table entry that matches it. If there is a matching entry, FortiWeb takes action based on the stored result. If there is no matching entry, FortiWeb sends the file to (Undefined variable: FortinetVariables.ProductName20) for evaluation.

72

email "<email_str>"

Enter the email address that (Undefined variable: FortinetVariables.ProductName20) sends weekly reports and notifications to.

No default.

interval <interval_int>

Enter a number that specifies how often FortiWeb retrieves statistics from (Undefined variable: FortinetVariables.ProductName20), in minutes.

5

elog {enable | disable}

Enter so that FortiWeb will report event logs when it successfully submits files to (Undefined variable: FortinetVariables.ProductName20).

disable

Example

This example creates a connection to a (Undefined variable: FortinetVariables.ProductName20) at 192.0.2.2 that retrieves statistics at the default interval (5 minutes) and sends a weekly report to admin@example.com.

config system fortisandbox

set server "192.0.2.2"

set ssl enable

set email "admin@example.com"

end

Related topics