Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you tested the fortisandbox?
Hi,
Have anyone bought/tested the fortisandbox ?
If so please share your impressions.
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice,
60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail
100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B,
11C
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I can tell you that we did VERY well on the NSS Labs tests :)
http://www.fortinet.com/press_releases/2014/fortinet-earns-recommended-rating-fortisandbox-nss-labs.html
If you have any specific questions on what you' re looking for I can work internally to get you the answers. I know people that are experts on this product.
Cheers!
--
Sean Toomey, CISSP FCNSP
Consulting Security Engineer (CSE)
FORTINET— High Performance Network Security
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Do you know why it failed on packers, with 0% success?
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Ede,
It is really surprising that packers could be the root cause of detection failures.
Could you please elaborate about your testing plan and fortisandbox deployment mode used?
Regards,
Francois
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think Ede is referring to page 7 of this document: http://www.fortinet.com/sites/default/files/whitepapers/BDS-Fortinet-FortiSandbox-3000D.pdf
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That' s right, I got the statement from the report mentioned.
I only can imagine that support for packing algorithms is planned for a future release.
Apart from this the results are quite impressive.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi guys,
Thanks for the nss link. I know exactly what you refer to.
In fact the problem was two-fold.
1/ Avengine was unable to detect the virus when using some packers in the testing plan.
As the avengine detected nothing then the virus was send for analysis to the sandboxing...
2/ When the nss test was conduced our sandbox wasn' t able to detect the virus but it is now fixed :)
Regards,
Francois