| Description | Technical discusses FortiSandbox Realtime Anti-Phishing Service. |
| Scope | FortiSandbox v4.2.0 and above. |
| Solution |
It is possible to enable the Realtime Anti-Phishing Service by executing the Following Command:
# anti-phishing -e
Once this is done, it will be possible to see the Following Option Under:
As well a New Option Under System –> FortiGuard will appear:
Note: As of now this service is available only in 'Global-Burnaby'.
Lastly, a New Option in Dashboard will appear to Show the Connectivity Status of the Anti-Phishing Service.:
The configuration can be set/unset on a standalone or primary unit. In cluster mode, this setting is synchronized to all nodes.
When the Realtime Anti-Phishing is enabled: If a URL job is scanned in any VM, it will also send a request to phishing server. The phishing server will return a score. But the final 'Rated By' will depend on the highest score the Job got.
Example: If VM Engine also gets the same score, the job will be rated by VM Engine.
If the URL is rated by the anti-phishing server, in job detail, the following will be visible: Rated By: Realtime Phishing. |
