Description | The article describes how to send files from FortiGate to FortiSandbox for inspection by applying the Antivirus profile in the policy. |
Scope | Fortigate 6.4, 7.0 and 7.2. |
Solution |
Go to Security Profiles -> Antivirus and select 'Create new/Edit'.
Enable the following features:
1) Inspected Protocols - > HTTP. 2) Select Send files to FortiSandbox for inspection -> All Supported Files 3) Enable FortiSandbox database.
Enable the Antivirus profile in the policy.
Test by downloading example Virus file. eicar: https://www.eicar.com/download-anti-malware-testfile/
Here is the log result example .
The above logs show the file submitted to FortiSandbox and the inspection done by FortiSandbox to analyze the file. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.