Hi girls and guys,
I'm searching for a communication matrix where I can see which ports/protcols/destinations the FortiClient uses/needs when using Sandbox Cloud. Within a long Google search I've found a ton of articles that all mention different ports and/or are many years old.
Can someone assist me with this question? Thanks in advance.
Kind regards,
Dominik
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Dominik,
Does this help?
Kind Regards,
Andy.
Hi Andy,
thanks for your fast reply.
I've found that article too. In my eyes the article describes the communication with FortiSandbox on-prem. Because of that the KB isn't matching for FortiSandbox Cloud.
What do you think? Kind regards,
Dominik
Hi Dominik,
Yes, I see what you mean. Sorry for misunderstanding your question.
I'm running FortiSandbox cloud too so just had a quick look at my config. I think it uses the configured Fortiguard settings then (under Config->System->Fortiguard)?
Certainly the "Fortinet Service Communications" (at least in 6.4) suggests that the FortiGuard settings are used for FortiSandbox Cloud traffic. I get the sort of view shown in the 6.4 admin guide here:-
In my case I can see a few hundred kB of traffic to FortiSandbox Cloud (rather than the 0 shown in the above link).
The config guide shows the following for Fortiguard settings:-
https://docs.fortinet.com/document/fortigate/6.4.2/cli-reference/109620/system-fortiguard
And that also seems to state that the Fortiguard settings are also used for FortiSandbox Cloud.
Perhaps have a look at those and see if they help you?
Kind Regards,
Andy.
Hi Andy,
just took a look at your reply.
You're referencing on a FGT with Sandbox Cloud licensed. Regarding the KBs a FGT is using the FortiGuard servers for updating and/or FortiSandbox Cloud.
But what is with the FortiClient? Customers are most of their time behind a firewall that is blocking the most communications. If a FortiClient needs to communicate to FortiSandbox Cloud, which destinations does the FortiClient use?
In FortiClient EMS you are able to configure the FortiClient behaviour for Updates and FortiSandbox Cloud. For Updates you should always select FortiGuard, but for FortiSandbox Cloud you just can specifiy "use cloud server" and nothing more. There is no hint on what servers are used as you can see in the screenshot
Kind regards,
Dominik
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.