Sending Files for Sandbox Inspection
Sending files to the FortiSandbox appliance or to FortiSandbox Cloud does not block files immediately. Instead, the files assist in the discovery of new threats and the creation of new signatures to be added to the global FortiGuard AntiVirus database. Files deemed malicious are also immediately added to a custom Malware Package which is downloaded by the FortiGate every two minutes for live detection.
Enable Sandbox Inspection by going to Security Fabric > Settings. You can also configure the FortiSandbox type, server, and notifier email.
To see options for sending files for sandbox inspection, go to Security Profiles > AntiVirus. There are two options for sending files: None or All Supported Files. If All Supported Files is selected, users can withhold files from being submitted for inspection by type or name pattern.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!
Don't Forget To visit the YouTube Channel for the latest Fortinet Training Videos and Question / Answer sessions!
- FortinetGuru YouTube Channel
- FortiSwitch Training Videos