Fortinet Document Library

Version:


Table of Contents

FortiSandbox VM on AWS

3.1.0
Download PDF
Copy Link

Optional: Using a custom VM on AWS

This snippet is used in both FortiSandbox AWS and Azure Guide.

FortiSandbox AWS supports custom VMs. You can provide a VHD image of a custom VM and the FortiSandbox firmware can load the VM image and use it for sample analysis.

For information on setting up a custom VM on AWS, see the custom VM image section in the FortiSandbox Administration Guide to do the following:

  • Create a custom VHD image using virtualization software such as VirtualBox.
  • Prepare the OS installation package.
  • Install software and components on the custom VM image.
  • Set up the VM image environment.

Key components

Installing a custom VM using CLI

Convert the saved pem file which you downloaded while creating the key pair to a ppk file.

If you did not choose the without key pair option, log in using <InstanceID> as the password.

  1. Log in to CLI using the Elastic IP you created by entering username as admin and with the ppk file.

  2. In the CLI, run the status command to view the VM status.

To install the custom VM using CLI:
  1. Go to the FortiSandbox firmware CLI.
  2. Import the VHD image using the CLI command vm-customized.

For further information about the vm-customized command, see the FortiSandbox CLI Reference Guide in the Fortinet Document Library.

Test the installation

  1. Go to Scan Input > File On-Demand > Submit File. The Submit File dialog box will open.
  2. Select the file fiddler2setup.exe and click Submit.

    If the file you send to FortiSandbox is not harmful, you will receive a Clean rating.

  3. The file fsa_dropper.vxe is a fake high-risk sample created by Fortinet. FortiSandbox detects harmful, malicious behavior as High Risk.

  4. Upload and submit any file that might be harmful, or example, fsa_dropper.vxe.

    FortiSandbox alerts you if the file is harmful if it contains any malware.

  5. After uploading files, go to File On-Demand and select any file to check.
  6. Click the View File icon to view its details.
To submit a file for risk analysis:
  1. Click the View File icon of your submitted file for risk analysis.

  2. Click on the file.
  3. Click Details to open the High-Risk Dropper page.

Optional: Using a custom VM on AWS

This snippet is used in both FortiSandbox AWS and Azure Guide.

FortiSandbox AWS supports custom VMs. You can provide a VHD image of a custom VM and the FortiSandbox firmware can load the VM image and use it for sample analysis.

For information on setting up a custom VM on AWS, see the custom VM image section in the FortiSandbox Administration Guide to do the following:

  • Create a custom VHD image using virtualization software such as VirtualBox.
  • Prepare the OS installation package.
  • Install software and components on the custom VM image.
  • Set up the VM image environment.

Key components

Installing a custom VM using CLI

Convert the saved pem file which you downloaded while creating the key pair to a ppk file.

If you did not choose the without key pair option, log in using <InstanceID> as the password.

  1. Log in to CLI using the Elastic IP you created by entering username as admin and with the ppk file.

  2. In the CLI, run the status command to view the VM status.

To install the custom VM using CLI:
  1. Go to the FortiSandbox firmware CLI.
  2. Import the VHD image using the CLI command vm-customized.

For further information about the vm-customized command, see the FortiSandbox CLI Reference Guide in the Fortinet Document Library.

Test the installation

  1. Go to Scan Input > File On-Demand > Submit File. The Submit File dialog box will open.
  2. Select the file fiddler2setup.exe and click Submit.

    If the file you send to FortiSandbox is not harmful, you will receive a Clean rating.

  3. The file fsa_dropper.vxe is a fake high-risk sample created by Fortinet. FortiSandbox detects harmful, malicious behavior as High Risk.

  4. Upload and submit any file that might be harmful, or example, fsa_dropper.vxe.

    FortiSandbox alerts you if the file is harmful if it contains any malware.

  5. After uploading files, go to File On-Demand and select any file to check.
  6. Click the View File icon to view its details.
To submit a file for risk analysis:
  1. Click the View File icon of your submitted file for risk analysis.

  2. Click on the file.
  3. Click Details to open the High-Risk Dropper page.