FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kcheng
Staff
Staff
Article Id 340516
Description This article describes why the FortiGate FortiView widget 'FortiSandbox Files' does not display any records when the source has been configured to FortiGate Cloud.
Scope FortiGate, FortiSandbox Cloud, FortiGate Cloud.
Solution

FortiGate can be configured with an AntiVirus profile to submit files to FortiSandbox Cloud:

Using FortiSandbox post-transfer scanning with antivirus

Using FortiSandbox inline scanning with antivirus

 

When files are submitted to FortiSandbox Cloud, the FortiGate administrator will be able to check what files are being sent to FortiSandbox Cloud for inspection purposes:

 

Sandbox_cloud.png

 

In the FortiGate FortiView monitor widget, there is an option to show the scan result for files that have been submitted to FortiSandbox:

 

image.png

 

It is possible to configure multiple logging destinations on the FortiGate. In this setup, the FortiGate has been configured to save logs in the local disk and FortiGate Cloud. Hence, it is possible to obtain logs from both FortiGate or FortiGate Cloud:

 

image.png

 

When the source is selected as FortiGate Cloud, the FortiGate FortiView monitor returns an empty record and shows 'No results':

 

image.png

 

However, once the data source is changed to a local FortiGate disk, it is possible to retrieve the files submitted to be scanned:

 

image.png

 

image.png

 

This is an expected behavior as the FortiView 'FortiSandbox Files' monitor supports only local disk and FortiAnalyzer as its source. Cloud sources are not supported.

Contributors