Optional: Installing custom VM
Prepare custom VM
How to create a custom VM:
Create the VHD image with a virtualization software solution. For example, VirtualBox. Refer to the custom VM section of the FortiSandbox Administration Guide for further details and instruction.
- When creating the VM, specify VHD as the disk image format.
- The disk controller must be IDE.
- The disk size must not over 20GB.
- The OS must have the PV Driver installed. (current ver, 7.4.6). https://s3.amazonaws.com/ec2-downloads-windows/Drivers/AWSPVDriverSetup.zip
Copy the FortiSandbox Tools folder to any location (e.g.
C:\) of the custom VM, and add the
FSALauncher_x64.exe for 64bit) to be an auto-startup program (using the Startup folder or Task Scheduler).
Windows should be configured to auto-login
- Before logging in, convert the saved
pemfile which you downloaded while creating the key pair to
- Log in to CLI using the Elastic IP you created by entering username as admin and with the
- In the CLI, run the
statuscommand to view the VM status.
Install via CLI
- To install the VM via the CLI, go to FSA firmware CLI.
- Import the VHD image using CLI command
For further information about the vm-customized command. Please refer to the FortiSandbox CLI Reference Guide available in the Fortinet Document Library.
Submit a test
- Navigate to Scan Input > File On-Demand > Submit File. The Submit File dialog box will open.
- Click on choose file and upload the file
fiddler2setup.exe, and submit. You should receive a Clean rating after you send the file to FortiSandbox if the uploaded file is clean and not harmful.
- Upload any file that might be harmful. For example the
fsa_dropper.vxefile. Click on Submit, you will be alerted by FortiSandbox that this file is harmful if it contains any malware.
- After uploading files, you can view File On-Demand page and select any file to check.
- Click the View File icon to view its details.
fsa_dropper.vxe, is a fake high-risk sample created by Fortinet. For harmful malicious behavior, FortiSandbox will detect them as High Risk.
To submit a file for risk analysis:
- Click on the View File icon of your submitted file for risk analysis.
- Click on the file.
- Click on Details.
- The High-Risk Dropper page will open.