Use Case: FSA Cloud Scan Automation
Amazon Elastic File System (Amazon EFS) provides simple, scalable file storage for use with Amazon EC2 instances in the AWS Cloud. EFS is used often in cloud migration such as dataset migration, on-demand backup or cloud bursting scenarios. You can mount your Amazon EFS file systems on your on-premises data center servers when connected to your Amazon VPC with AWS Direct Connect or through a FortiGate site-to-site secured connection. In the process, you can insert FortiSandbox on premises or in AWS, or you can perform malware analysis in the EFS-to-EFS backup solution to ensure clean file backup.
S3 Bucket Scanning
The other way to use FortiSandbox through NFS mount is to leverage AWS Storage Gateway. By mounting a file share and mapping it to an Amazon S3 bucket using AWS Storage Gateway, you can configure AWS S3 as the NFS or SMB network share for FortiSandbox malware analysis.
FortiSandbox leverages the AWS API to natively supports S3 bucket scanning. It can quarantine items according to analysis results, and move items into another S3 quarantine bucket based on the Risk level.
When used in conjunction with the Amazon S3 event notification feature, it enables you to receive notifications when certain file events occur in the bucket and use the AWS Lambda function to queue the file sample to FortiSandbox for malware analysis.
Other use cases such as preventing malware penetration in a closed/isolated network can be considered. Without any external malware signatures, FortiSandbox can help perform zero-day malware analysis instead. For more architecture discussion or if you need to clarify the use cases, email firstname.lastname@example.org.