Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
hazim
Staff
Staff

Created on ‎09-28-2022 11:41 PM

Article Id 225236

Technical Tip: How to send files from FortiGate to FortiSandbox for inspection

Description The article describes how to send files from FortiGate to FortiSandbox for inspection by applying the Antivirus profile in the policy.
Scope Fortigate 6.4, 7.0 and 7.2.
Solution

Go to Security Profiles -> Antivirus  and select 'Create new/Edit'.

 

Enable the following features:

 

1) Inspected Protocols - > HTTP.

2) Select Send files to FortiSandbox for inspection -> All Supported Files

3) Enable FortiSandbox database.

 

hazim_3-1664431953468.png

 

Enable the Antivirus profile in the policy.

 

hazim_4-1664431997467.png

 

Test by downloading example Virus file. eicar: https://www.eicar.com/download-anti-malware-testfile/ 

 

Here is the log result example .

 

hazim_2-1664431899637.png

 

hazim_1-1664431525862.png

 

The above logs show the file submitted to FortiSandbox and the inspection done by FortiSandbox to analyze the file.
1357
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.