Try our new research platform with insights from 80,000+ expert users
Karim Sabry - PeerSpot reviewer
Cyber Security Presales Team Leader at Giza Systems
Real User
Top 10
Good product that detects non-signature-based malware
Pros and Cons
  • "The product is great. It can be deployed on the cloud or on-premises."
  • "It would be better if it had support for Mac and Linux."

What is our primary use case?

It's used to detect non-signature-based malware.

What is most valuable?

The product is great. It can be deployed on the cloud or on-premises. There's a virtual machine and a hardware appliance available, so it's quite versatile.

What needs improvement?

In future releases, it would be better if it had support for Mac and Linux.

For how long have I used the solution?

We have been using this solution since its release.

Buyer's Guide
Fortinet FortiSandbox
December 2024
Learn what your peers think about Fortinet FortiSandbox. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.

What do I think about the stability of the solution?

It doesn't crash as often as other vendors' products. So, yeah, I think it's a good product.

How was the initial setup?

It was pretty basic, nothing too complex.

What's my experience with pricing, setup cost, and licensing?

It's not very expensive. I would rate it around a five or six, somewhere in the middle.

What other advice do I have?

I would advise you to connect FortiSandbox with all available Fortinet appliances, such as the Endpoint Protection Suite, FortiGate firewall, FortiMail, and FortiWeb, as well as any other Fortinet appliance they have. It's important to ensure that the deployment is connected to the Sandbox.

Overall, I would rate the solution an eight out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
reviewer1740486 - PeerSpot reviewer
Senior Security Engineer at a computer software company with 1,001-5,000 employees
Real User
Effective behavior analysis, useful manual scan, and overall comprehensive features
Pros and Cons
  • "The dynamic behavior analysis is excellent. We have many attacks caught by the FortiSandbox as zero-day attacks. Additionally, the administration is simple and can be customized to fit your companies needs."
  • "The reporting tools could be improved in Fortinet FortiSandbox."

What is our primary use case?

We are using Fortinet FortiSandbox to inspect and scan all our files. All the files inside our organization that is transferred through the company. The solution scans the files inside the PSVM because it has many VMs inside the FortiScan. It's working on zero-day attacks and not based on the signature of the threat. It's based on behavior analysis.

What is most valuable?

The dynamic behavior analysis is excellent. We have many attacks caught by the FortiSandbox as zero-day attacks. Additionally, the administration is simple and can be customized to fit your companies needs.

Fortinet FortiSandbox has manual scan features. We have other sandboxes solutions from other vendors but they don't have this feature. It allows you to interpret or intervene in the scan whatever you want. It is a SOC analyzer, and it is called Manual Scan or something similar. Comparing this feature to other vendors, it's very good.

What needs improvement?

The reporting tools could be improved in Fortinet FortiSandbox.

For how long have I used the solution?

I have been using Fortinet FortiSandbox for approximately six years.

What do I think about the stability of the solution?

The stability of the solution is good.

What do I think about the scalability of the solution?

We have not tried to scale the solution, it has been working fine for what we have been using it for at this time.

We have approximately 50 devices and 1,000 to 2,000 files being scanned daily.

We use the solution extensively.

Which solution did I use previously and why did I switch?

We use similar sandbox solutions from Forcepoint and Palo Alto.

How was the initial setup?

The installation of Fortinet FortiSandbox is very easy.

What about the implementation team?

We did the implementation ourselves.

What's my experience with pricing, setup cost, and licensing?

We are on an annual license to use the solution. We have an additional feature that is integrated with S5, which is working well.

What other advice do I have?

I would recommend Fortinet FortiSandbox to others, it is the most comprehensive sandbox available.

I rate Fortinet FortiSandbox an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Fortinet FortiSandbox
December 2024
Learn what your peers think about Fortinet FortiSandbox. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
AANKITGUPTAA - PeerSpot reviewer
Consultant at Pi DATACENTERS
Real User
Effective threat protection, excellent support, and well integrated
Pros and Cons
  • "Fortinet FortiSandbox's most valuable feature is the security it provides against threats, such as ransomware. Additionally, it integrates well with APIs."
  • "The initial setup of Fortinet FortiSandbox is complex. You cannot only deploy Fortinet FortiSandbox without deploying the stack of Fortinet solutions. The implementation and integration are challenging tasks with the device and placement in the network. We needed to do POC and offloading testing."

What is our primary use case?

Fortinet FortiSandbox is a security-centric solution of Fortinet. The solution inspects all the predicted or suspicious files which are executed in the Fortinet FortiSandbox environment. It contains virtual machines of different types, such as Windows Server, and Windows Ubuntu. If the suspicious files are executed and there is an issue found. The user can request to discard it when the file is delivered to their system.

How has it helped my organization?

The solutions have extended our security posture which has helped the organization.

What is most valuable?

Fortinet FortiSandbox's most valuable feature is the security it provides against threats, such as ransomware. Additionally, it integrates well with APIs.

For how long have I used the solution?

Fortinet FortiSandbox for approximately three years.

What do I think about the scalability of the solution?

Fortinet FortiSandbox is scalable but you have to purchase additional licenses. 

Fortinet FortiSandbox is a network-based appliance and we have approximately 2,000 users being protected.

We do not plan to increase the usage of the solution because we are at capacity.

How are customer service and support?

I rate the support from Fortinet FortiSandbox a five out of five.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have not used another similar solution previously.

How was the initial setup?

The initial setup of Fortinet FortiSandbox is complex. You cannot only deploy Fortinet FortiSandbox without deploying the stack of Fortinet solutions. The implementation and integration are challenging tasks with the device and placement in the network. We needed to do POC and offloading testing.

What was our ROI?

This is a cyber security solution, it has a very good ROI in terms of maintaining the reputation and user safety in cybersecurity.

What's my experience with pricing, setup cost, and licensing?

The price of Fortinet FortiSandbox is not expensive. 

Which other solutions did I evaluate?

I did not evaluate other options.

What other advice do I have?

The solution requires one security engineer with operational knowledge of the solution. However, they are not needed for a day to day activities, but for all the tuning, performance, and monitoring, one LC administrator is required.

I would recommend this solution to others. It is helpful for monitoring and protecting users from different kinds of attacks. I advise others to use the on-premise or cloud version.

I rate Fortinet FortiSandbox a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Student at KL University
Real User
Top 10
A scalable tool to detect malware that offers its users good performance and security
Pros and Cons
  • "The most valuable feature of the solution is that the performance it offers to users is good, making it useful for us in our company."

    What is our primary use case?

    I use Fortinet FortiSandbox to detect malware in the system, especially when uploading or downloading files from the internet.

    What is most valuable?

    The most valuable feature of the solution is that the performance it offers to users is good, making it useful for us in our company. Fortinet FortiSandbox is more like a SASE solution.

    What needs improvement?

    The solution is unavailable at a lower cost and can be difficult to deploy. From an improvement perspective, I would like the solution to be made available to users at a cheaper price while making its deployment phase easier.

    For how long have I used the solution?

    I have experience with Fortinet FortiSandbox.

    What do I think about the stability of the solution?

    It is a stable solution. I can't rate the solution's stability since I am unaware of it.

    What do I think about the scalability of the solution?

    It is a scalable solution.

    Around 500 people in my institution use the solution.

    Which solution did I use previously and why did I switch?

    I have some previous experience with Check Point and NetScaler.

    How was the initial setup?

    The initial setup of Fortinet FortiSandbox is straightforward.

    The solution can be deployed on either a cloud or on-premises.

    What other advice do I have?

    Though I haven't worked with Fortinet FortiSandbox, it is a good solution based on the opinion of one of my colleagues who has worked with it. Fortinet FortiSandbox can be deployed on a cloud or on-premises.

    I recommend the solution to those who plan to use it. Fortinet FortiSandbox is a good security option for those who plan to use it.

    The overall solution is an eight to nine out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Vinicius Borges - PeerSpot reviewer
    IT Project Management at a energy/utilities company with 11-50 employees
    Real User
    Top 5
    A stable solution requiring an easy setup phase
    Pros and Cons
    • "The solution has the highest stability...The solution's setup is not complex as they are already included in Fortinet."
    • "In general, maybe they are not updated to cover risks."

    What is our primary use case?

    I have experience installing solutions with the sandbox, along with its functionality that is multifunctional. When some files are detected with viruses, they are placed in quarantine.

    What is most valuable?

    The solution puts the suspected file in quarantine, then analyzes if there is a risk by scanning it. If not, they remove it from the quarantine.

    What needs improvement?

    Improvement is needed considering that it could be a scenario where it is limited, especially it may be during those periods of time when they are not updated. In general, maybe they are not updated to cover other risks.

    For how long have I used the solution?

    I have experience with Fortinet FortiSandbox. My previous company had a partnership with Fortinet. In my current company, we don't have any partnerships with Fortinet. I work as an IT consultant.

    What do I think about the stability of the solution?

    The solution has the highest stability because a lot of clients have adopted Fortinet solutions with different variations. They didn't give me a report of its issues or problems. A lot of clients got Fortinet solutions without reporting any network or appliance availability problems, while it was different for other vendors. When implementing and designing Fortinet, around 80 percent of the solutions in Mexico were for Fortinet solutions.

    I rate the solution's stability a nine out of ten.

    What do I think about the scalability of the solution?

    There is a specific list of Fortinet products you can select from, and they offer a variety of user functionalities and performance levels that can cover our approach. It is easy to increase or change to another appliance that can support the growth of any of the factors. Therefore, it is easy to change it or increase it.

    How are customer service and support?

    I rate the solution's service and support an eight out of ten.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    The solution is not complex as they are already included in Fortinet. There is a special solution for sandboxing, but it increases the level of security. In that version, you can get more from that solution and more efficiency in using sandboxing.

    The initial setup is easy because I have been working with Juniper, and they have the same interface. The graphic interface is friendly and it is intuitive. For me, it is easy to configure.

    What other advice do I have?

    Overall, I rate the solution an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    IT Consultant at Vivaro
    Consultant
    Top 20
    A multi-functional solution that detects files packed with viruses and quarantines them
    Pros and Cons
    • "Fortinet FortiSandbox puts suspicious files in quarantine, analyzes for virus risks, and lets them out of quarantine if it detects no risk."
    • "If updated, Fortinet FortiSandbox could cover other risks."

    What is our primary use case?

    Fortinet FortiSandbox is a multi-functional solution. When some files have been packed with viruses, the solution detects and quarantines them.

    What is most valuable?

    Fortinet FortiSandbox puts suspicious files in quarantine, analyzes for virus risks, and lets them out of quarantine if it detects no risk.

    What needs improvement?

    The solution could be limited in some scenarios. If updated, Fortinet FortiSandbox could cover other risks.

    What do I think about the stability of the solution?

    Fortinet FortiSandbox is a very stable solution. In my experience, it has the most stability that I have seen because a lot of clients got the solution and didn't report any problems with the network or the availability of the appliance. Fortinet FortiSandbox is different from other vendors. Percentage-wise, 80% got Fortinet FortiSandbox solutions in Mexico.

    What do I think about the scalability of the solution?

    There is a specific list of Fortinet products you can select from, and they have a range of user functionalities and performance. So it's easy to increase it or to change to another appliance that can support the growth of any of the factors I mentioned. So it's easy to change it or increase it.

    How are customer service and support?

    Fortinet FortiSandbox could provide better customer support.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    Fortinet FortiSandbox's initial setup is easy because its graphic interface is very friendly and in 3D. I have been working with Juniper, and they have the same interface. The solution is easy to configure.

    What other advice do I have?

    There is a special solution in Fortinet for sandboxing that increases the level of security. In that solution, you could get more efficiency in using sandboxing.

    Overall, I rate Fortinet FortiSandbox an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Bruno Moreira - PeerSpot reviewer
    Network Security Consultant at SigmaTelecom
    Real User
    Top 5
    It can analyze process behavior and integrate well with other solutions by the same vendor
    Pros and Cons
    • "FortiSandbox analyzes the behavior of processes in a sandbox environment, which is useful for threat hunting. The solution has an excellent standard configuration, and you can prioritize the types of files of VMs you want to analyze. It also integrates seamlessly with other Fortinet solutions, like FortiGate, FortiMail, and FortiEMS."
    • "It should be easier to import custom virtual machines. Some of the VMs that are in FortiSandbox don't have the applications that we have in our environment. We need to import a VM with specific applications that we use in our environment. Have all the licenses because this is a real environment. You need a license for the Windows client you run on it. It's possible to import custom VMs, but it's a pain to do it. I would like a tool that simplifies the process."

    What is our primary use case?

    FortiSandbox is used to contain and prevent malware outbreaks. 

    How has it helped my organization?

    One of my clients was receiving malware in their email. Less than 1 percent of their email contained malware, but it was still too many. FortiSandbox prevented the malware from entering the broader network. FortiMail forwarded the files to be analyzed in FortiSandbox, which ran it on a Windows 10 machine with Office 365. The sandbox detected malicious behavior. One of the files tried to change the Windows registry, so FortiSandbox flagged it as malware and reported it to FortiMail, which blocked the email. 

    What is most valuable?

    FortiSandbox analyzes the behavior of processes in a sandbox environment, which is useful for threat hunting. The solution has an excellent standard configuration, and you can prioritize the types of files of VMs you want to analyze. It also integrates seamlessly with other Fortinet solutions, like FortiGate, FortiMail, and FortiEMS. 

    What needs improvement?

    It should be easier to import custom virtual machines. Some of the VMs that are in FortiSandbox don't have the applications that we have in our environment. We need to import a VM with specific applications that we use in our environment. Have all the licenses because this is a real environment. You need a license for the Windows client you run on it. It's possible to import custom VMs, but it's a pain to do it. I would like a tool that simplifies the process. 

    For how long have I used the solution?

    We have used FortiSandbox for three years. 

    What do I think about the stability of the solution?

    FortiSandbox is pretty stable. I don't remember a time when it crashed. We've had to restart the VMs, but not the sandbox itself. 

    What do I think about the scalability of the solution?

    There are limits to FortiSandbox because you must pay for a license for all the VMs you use.

    How was the initial setup?

    The setup is straightforward. Yeah. You only need to install the VM and configure the two interfaces. We use one FortiSandbox for external requests and another internally. Sometimes, the malware tries to access something on the Internet. you can block it on the sandbox or allow it, so you can gather more information about what it is trying to do. 

    But maybe you don't want the VM or the malware on the VM accessing the Internet from your environment. You need to configure that interface for that purpose. After that, you must authorize the FortiGate or the fabric devices on the FortiSandbox and create the VMs. If you are using the VMs Fortinet provides, you can download and provision them with one click. It will have the default configuration. The default policy may not work the way you intend, but it will protect out of the box. 

    What was our ROI?

    We've seen a return by preventing outbreaks and stopping zero-day threats. 

    What's my experience with pricing, setup cost, and licensing?

    FortiSandbox is pricey because we need to purchase three licenses, including one for the cloud and an on-prem license. We also have a sandbox that comes with a FortiGate UTM license, but you don't have access to the VMs. However, you can access the malware timeline from the cloud and see the information about the FortiSandbox services. Still, It doesn't block the threat immediately. If you are downloading malware, FortiGate will send it to the FortiGate cloud sandbox, but the download will finish, and you'll have malware in your host. As soon as the sandbox returns a verdict on that file, it will be blocked on the next download attempt if it's malware.

    What other advice do I have?

    I rate FortiSandbox 10 out of 10.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    IT Manager-Infrastructure at Southstar Drug
    Real User
    Top 10
    A stable solution that can be used to extract any file and check for malicious activity
    Pros and Cons
    • "The solution extracts an attached file before reaching the user and notifies the user if there's something malicious in the attachment received along with an email."
    • "When you reach the maximum capacity, you cannot upgrade the solution because its hardware is very expensive."

    What is our primary use case?

    We use Fortinet FortiSandbox for malware. Fortinet FortiSandbox is used before entering the firewall to extract any file and check for malicious activity.

    What is most valuable?

    The solution extracts an attached file before reaching the user and notifies the user if there's something malicious in the attachment received along with an email. The solution prevents such malicious content from entering your enterprise network.

    What needs improvement?

    When you reach the maximum capacity, you cannot upgrade the solution because its hardware is very expensive. All you can do is discard it and buy another.

    For how long have I used the solution?

    I have been using Fortinet FortiSandbox for five years.

    What do I think about the stability of the solution?

    We didn't face any issues with the solution's stability for the three years it was installed on-premises at our data center.

    How are customer service and support?

    The solution’s technical support is good.

    How was the initial setup?

    The solution’s initial setup is straightforward.

    What was our ROI?

    We have seen a return on investment with Fortinet FortiSandbox because it helped us a lot on the security part.

    What other advice do I have?

    If you're using Fortinet, it's best to use the solution when using FortiGate antivirus because it's all connected and easy to manage.

    Overall, I rate Fortinet FortiSandbox an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Fortinet FortiSandbox Report and get advice and tips from experienced pros sharing their opinions.
    Updated: December 2024
    Buyer's Guide
    Download our free Fortinet FortiSandbox Report and get advice and tips from experienced pros sharing their opinions.