I am using Fortinet FortiSandbox for security in the Fortinet fabric.
Senior Security Consultant at SEE "Systems Engineering of Egypt"
Useful customization, integrates well, but performance could improve
Pros and Cons
- "The most valuable features of Fortinet FortiSandbox are customization, ICAP protocol, and integration with other vendors. Additionally, the security work very well."
- "Fortinet FortiSandbox should improve its performance and security accuracy to keep competitive with other solutions, such as IBM."
What is our primary use case?
What is most valuable?
The most valuable features of Fortinet FortiSandbox are customization, ICAP protocol, and integration with other vendors. Additionally, the security work very well.
What needs improvement?
Fortinet FortiSandbox should improve its performance and security accuracy to keep competitive with other solutions, such as IBM.
For how long have I used the solution?
I have been using Fortinet FortiSandbox for approximately six years.
Buyer's Guide
Fortinet FortiSandbox
November 2024
Learn what your peers think about Fortinet FortiSandbox. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
Fortinet FortiSandbox is a stable solution.
What do I think about the scalability of the solution?
The scalability of Fortinet FortiSandbox is good.
How are customer service and support?
The support could improve their knowledge because they acquired other solutions and have yet to gain the knowledge to support them.
How was the initial setup?
The initial setup of Fortinet FortiSandbox was easy. It can take a few days to complete.
What about the implementation team?
The maintenance of Fortinet FortiSandbox is done by two IT managers.
What's my experience with pricing, setup cost, and licensing?
The license for Fortinet FortiSandbox depends on the use case.
Which other solutions did I evaluate?
We evaluated other options before choosing Fortinet FortiSandbox.
What other advice do I have?
I would recommend this solution to others.
I rate Fortinet FortiSandbox a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Senior Network Engineer at a tech services company with 1,001-5,000 employees
It's a reasonably priced solution for dealing with unknown threats
Pros and Cons
- "FortiSandbox helps us handle unknown threats. Every vendor is competing for who can detect an unknown threat the fastest. Fortinet is competitive in the market."
- "Sometimes, there are issues upgrading the version of the firewall or the SD-LAN box. After we upgrade to the latest version of the software, we still have the same box. I think it's the same for every vendor."
What is our primary use case?
FortiSandbox is a tool we use to secure our client's data. We implement FortiSandbox depending on an organization's requirements.
What is most valuable?
FortiSandbox helps us handle unknown threats. Every vendor is competing for who can detect an unknown threat the fastest. Fortinet is competitive in the market.
What needs improvement?
Sometimes, there are issues upgrading the version of the firewall or the SD-LAN box. After we upgrade to the latest version of the software, we still have the same box. I think it's the same for every vendor.
For how long have I used the solution?
We have used Fortinet for around one year.
What do I think about the stability of the solution?
FortiSandbox is stable.
What do I think about the scalability of the solution?
FortiSandbox is scalable.
How are customer service and support?
I rate Fortinet support eight out of 10.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We use different solutions depending on the client's requirements. Sometimes we implement Palo Alto. We need to discuss it with the client and select the product that's appropriate for their use case and environment.
How was the initial setup?
Setting up FortiSandbox is easy and takes about three weeks. You need to collect the asset management information and requirements to integrate FortiSandbox.
What's my experience with pricing, setup cost, and licensing?
I rate FortiSandbox eight out of 10 for affordability. It's competitive and reasonable.
What other advice do I have?
I rate Fortinet FortiSandbox eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Fortinet FortiSandbox
November 2024
Learn what your peers think about Fortinet FortiSandbox. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Architect of solutions at a comms service provider with 11-50 employees
Good performance and integration capabilities with good technical support
Pros and Cons
- "Integration is one of the solution's most valuable aspects. You can integrate even third-party solutions so that they can send the information or files they quarantine through the FortiSandbox"
- "If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer."
What is our primary use case?
FortiSandbox was a solution that we mainly sold for manual protection, however, in order to have a more compact environment, like you see the security fabric that has Fortinet, in many of our clients, we performed integration within solutions. Our clients are mainly ones that have had Fortinet solutions previously or want to test Fortinet solutions. We also encourage them to use integration with Security Fabric.
Clients mainly use it for documents, or, for example, programs or execute tools that are injected in the network through the perimeter or through the DNC and also for internal analysis. When any of the users reconnect to the network after some time it will perform a check through FortiClient. They also have interaction with FortiSandbox - everything new is put in quarantine during the user's use. These files or execute tools are analyzed in the FortiSandbox.It can also analyze for scripts between documents or inside documents - mainly office documents like Excel, PowerPoint, or PDF.
What is most valuable?
Integration is one of the solution's most valuable aspects. You can integrate even third-party solutions so that they can send the information or files they quarantine through the FortiSandbox. That's one of the main features every customer relies on or likes.
The performance capacity is impressive. Normally, you will need a big solution, I would say, or big hardware so that you can handle all the processing you have to do. However, FortiSandbox is quite a good hardware in and of itself. You can handle it without any restrictions.
With an on-premises solution, you can do all the analysis locally and not have the need to connect to the internet to depend on that service.
The solution can scale, however, it needs to be planned ahead of time.
The technical support on offer is quite good.
What needs improvement?
With the 3000D we had some issues with the FortiOS version. I don't remember which one it was, however, there was an interaction problem or a performance issue. It might have been the FortiOS issue as it was a very particular, very specific issue and the performance was very high. All the indicators were in the highest levels and yet the equipment was not necessarily overloaded from doing analysis.
I haven't interacted directly with these solutions. I mainly use it for design and not how they work, and therefore I haven't interacted directly with them. It would be hard for me to comment on missing features in general.
The price just could be a little bit better, I would say, however, that depends a lot on the manufacturer. If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer. Those kinds of clients that don't have a very big budget or at least a medium one, need to rely on cloud solutions more than hardware, as hardware is expensive.
It would be ideal if the product had the ability to, if it cannot detect something correctly, to be able to put it on hold until a new release. That would be very circumstantial, actually. However, it could help protect against unknown entities.
What do I think about the stability of the solution?
I can't really speak to the stability. I haven't checked the functionalities of how they work in the current databases. So I don't have too much info about it.
What do I think about the scalability of the solution?
Part of the design is to know how the solution can scale. You normally try to leave some space. For example, you offer a customer the possibility to scale in the future, according to their needs, however, only if you know the customer is going to grow. If the customer doesn't have that need, it doesn't make any sense to offer them equipment with some space to grow or to have more processing capacity or more licenses in the future. I would say normally you would sell what the customer needs plus a 5% to 10% cushion for the future if needed. However, it would be a properly designed solution.
We usually work with medium to large-scale organizations.
How are customer service and technical support?
Technical support has been pretty good. I know they respond every time. It just takes a few hours. It doesn't take too much time to respond. They're helpful and you can count on them.
Which solution did I use previously and why did I switch?
We are also a reseller of Palo Alto solutions.
How was the initial setup?
In terms of the initial setup, I would say it is half straightforward and half complex. It depends on the scenario and it depends on the kind of things you want to do with the Sandbox, for example, the kind of files you want to analyze or which kind of OS or images you want to analyze. It also depends on the requirements. Sometimes it's harder to deploy due to the scenario, the use case.
Deployment times also vary, however, it takes, at minimum, 15 days to set everything up.
What's my experience with pricing, setup cost, and licensing?
The solution is a rather sizable investment. That said, for those organizations with sensitive data, that feed to know they are protected, it's likely worth the price tag.
What other advice do I have?
We are resellers of the product.
I worked as a systems engineer previously. I'm now a sales executive, however, previously, I was in charge of making all the designs and the architecture for the solutions, and therefore, I know the distribution of these products, how can they be used, and different scenarios. I know how to position, for example, a FortiGate inside of a network for network segmentation and also for perimeter protection. Working also for VPN solutions, we were using FortiClients in EMS. We can have a centralized solution for VPN and also endpoint protection.
In terms of versions we deployed, there was FortiSandbox 1000D and also FortiSandbox 3000D.
We try to integrate solutions together so they can have some feedback on each other and they can work better to provide security and to also sharpen the attack services.
If you don't want to have any zero-day malware on your network, if you know that you will be literally exposed to those kinds of malware, it's good to have a solution such as this. That said, it's a big, big investment. It's a big investment for a business. If you really want to protect your information, if you're dealing with very, very delicate information, you need some kind of hardware or solution that can protect it from any kind of malware, especially those from zero-day. This Sandbox would be a must-have solution for those kinds of customers.
I'd rate the solution at a nine out of ten. That would be dependant on what types of third-party software a company has that the solution could integrate with effectively.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
CEO at a tech services company with 1-10 employees
Real-time analysis capability of FortiSandbox is beneficial for email analysis and is scalable for enterprise companies
Pros and Cons
- "The real-time analysis capability of FortiSandbox is beneficial for email analysis."
- "Not practical for real-time web traffic analysis because users won't wait for the FortiSandbox to complete its analysis before accessing content"
What is our primary use case?
We implemented FortiSandbox in three main steps: planning the infrastructure and topology, setting up dedicated Internet access for the sandbox, and configuring manual uploading and email forwarding. For email communication, we used either FortiMail or BCC/force mirroring solutions. FortiSandbox has successfully identified and blocked email attachments containing threats.
What is most valuable?
The real-time analysis capability of FortiSandbox is beneficial for email analysis, but it's not practical for real-time web traffic analysis because users won't wait for the FortiSandbox to complete its analysis before accessing content.
What needs improvement?
For how long have I used the solution?
I have experience working with Fortinet FortiSandbox, but it's been about one year since the first implementation.
What do I think about the stability of the solution?
It is stable
What do I think about the scalability of the solution?
The solution is scalable especially suitable for enterprise businesses.
How are customer service and support?
I haven't needed technical support, and while the pricing can be expensive, the performance and security it offers are commendable.
How was the initial setup?
I rate the initial setup of Fortinet FortiSandbox as a little bit difficult due to licensing issues,
What other advice do I have?
I would recommend FortiSandbox for high-security environments like financial or government sectors. Overall, I rate it an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Last updated: Apr 17, 2024
Flag as inappropriateCybersecurity Engineer at a transportation company with 10,001+ employees
Works fine and has a reasonable price, but it would be good to have more dashboards
Pros and Cons
- "Overall, it works fine. Its interface is also fine."
- "If we can have more dashboards, it would be good."
What is most valuable?
Overall, it works fine. Its interface is also fine.
What needs improvement?
If we can have more dashboards, it would be good.
For how long have I used the solution?
We have FortiSandbox and Fortinet firewalls. I have been using these solutions for three to four years.
What do I think about the stability of the solution?
It is stable.
What do I think about the scalability of the solution?
Scalability will always be there. Currently, I am the only user.
How are customer service and support?
Their support is good.
How was the initial setup?
Its setup is not that complex.
What about the implementation team?
It was done by a vendor.
What's my experience with pricing, setup cost, and licensing?
Fortinet is more reasonable than Palo Alto.
What other advice do I have?
I would recommend this solution. Others can use it, and there is no harm in that. I haven't used another Sandbox, so I cannot compare it with something else.
I would rate it a seven out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network and Server Engineer at AMiFN
A solution that has a very good GUI, is easy to set up, and offers good stability
Pros and Cons
- "he solution's GUI is good."
- "At least once a week we have a false alarm. This needs to be adjusted so that we get fewer of these occurrences."
What is most valuable?
The solution works very well for us. It's also fast, which is a very valuable aspect.
The solution's GUI is good.
What needs improvement?
At least once a week we have a false alarm. This needs to be adjusted so that we get fewer of these occurrences.
For how long have I used the solution?
I've been using the solution for less than one year.
What do I think about the stability of the solution?
The stability of the solution is okay.
What do I think about the scalability of the solution?
The scalability of the solution is good.
How was the initial setup?
The initial setup was straightforward.
What's my experience with pricing, setup cost, and licensing?
The pricing on the solution is okay; it's not too expensive.
What other advice do I have?
We're a reseller. We use the cloud deployment model of the solution.
I'd recommend the solution. The price point is decent and we've been satisfied with the results so far.
I'd rate the solution nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Detects new threats but could be faster and less complex
Pros and Cons
- "One of the valuable features is its ability to detect new threats."
- "The product is good but it could be speedier. In addition, it's quite complex."
What is our primary use case?
Securing mail is our primary use case.
How has it helped my organization?
We have seen a measurable decrease in the mean time to detect or respond to threats, on the order of 20 percent.
What is most valuable?
One of the valuable features is its ability to detect new threats.
What needs improvement?
We would like to see the solution open to third parties.
What do I think about the stability of the solution?
The stability is okay.
What do I think about the scalability of the solution?
It's scalable. You can scale it.
Which solution did I use previously and why did I switch?
We did not have a previous solution. Using this solution is part of the way we do business. If you don't invest in the future you could be stopping your business.
How was the initial setup?
The initial setup is quite complex. You have to really know the features by heart.
What's my experience with pricing, setup cost, and licensing?
There are no costs in addition to the standard licensing fees.
Which other solutions did I evaluate?
We did not evaluate other vendors.
What other advice do I have?
If you aren't sure about the solution, buy the cloud version first. You can use it in their cloud.
The solution is a seven out of ten. The product is good but it could be speedier. In addition, it's quite complex.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Analista de Segurança da Informação at a comms service provider with 11-50 employees
You have access to a report as to what behaviors the example file entered in the registry
Pros and Cons
- "You have access to a report as to what behaviors the example file entered in the registry."
- "For additional features, maybe a form of execution pain files in a non-virtual environment because it has threats that identify when it is being run in a virtual machine."
What is our primary use case?
I work at a college campus with the intention of understanding targeted attacks. If a file is hit or some pre files set as .exe, .pif, .zip, or .pdf among others and forwards to virtual machines and executes an action of the file changing a registry, it creates some backdoor or memory overflow guaranteeing access the machine.
How has it helped my organization?
Improved the security imagine if any hacker develops a file for invasion my antivirus, it will not have a vaccine where FortiSandbox enters.
What is most valuable?
You have access to a report as to what behaviors the example file entered in the registry. Windows changed this parameter in order to obtain a breach, and this is demonstrated by report.
What needs improvement?
At the moment, I do not see anything to improve.
For additional features, maybe a form of execution pain files in a non-virtual environment because it has threats that identify when it is being run in a virtual machine.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Fortinet FortiSandbox Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
Microsoft Defender for Office 365
ESET Endpoint Protection Platform
Palo Alto Networks WildFire
Trend Micro Deep Discovery
Trellix Network Detection and Response
Check Point SandBlast Network
Symantec Advanced Threat Protection
Trellix Advanced Threat Defense
SonicWall Capture Advanced Threat Protection
Ixia ThreatARMOR
Buyer's Guide
Download our free Fortinet FortiSandbox Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Fortinet FortiSandbox: cloud version vs on-premise one. Which is better and why?
- How much do independent test results affect your security purchases?
- Holding Security Vendors Accountable
- What can businesses do to improve their security posture?
- When evaluating Advanced Threat Protection, what aspect do you think is the most important to look for?
- What is your recommended cost-effective solution to detect and prevent APT attacks?
- Compromise Assessment vs Threat Hunting
- What are the main evaluation criteria for you when choosing the right vendor for brand protection services?
- Why is ATP (Advanced Threat Protection) important for companies?