system fortisandbox
Use this command to configure FortiWeb to submit all files that match your upload restriction rules to FortiSandbox.
FortiSandbox evaluates whether the file poses a threat and returns the result to FortiWeb. If FortiSandbox determines that the file is malicious, FortiWeb performs the following tasks:
- Generates an attack log message that contains the result.
- For 10 minutes after it receives the FortiSandbox results, takes the action specified by the file security policy. During this time, it does not re-submit the file to FortiSandbox.
To use this command, your administrator account’s access control profile must have either w
or rw
permission to the sysgrp
area. For details, see Permissions.
Syntax
config system fortisandbox
set cache-timeout <timeout_int>
end
Variable | Description | Default |
Specify whether FortiWeb submits files that match the upload restriction rules to a FortiSandbox physical appliance (or FortiSandbox-VM) or to FortiWeb Cloud Sandbox. The FortiWeb Cloud Sandbox option requires you to register your FortiWeb and a FortiWeb FortiGuard Sandbox Cloud Service subscription. |
fsa
|
|
Enter the IP address of the FortiSandbox to send files to. Available only when |
No default. | |
Enter how long FortiWeb waits before it clears the hash table entry for an uploaded file that was evaluated by FortiSandbox, in hours. |
72
|
|
Enter the email address that FortiSandbox sends weekly reports and notifications to. |
No default. | |
Enter a number that specifies how often FortiWeb retrieves statistics from FortiSandbox, in minutes. |
5
|
|
Enter so that FortiWeb will report event logs when it successfully submits files to FortiSandbox. |
|
Example
This example creates a connection to a FortiSandbox at 192.0.2.2
that retrieves statistics at the default interval (5 minutes) and sends a weekly report to admin@example.com.
config system fortisandbox
set server "192.0.2.2"
set ssl enable
set email "admin@example.com"
end