We implemented FortiSandbox in three main steps: planning the infrastructure and topology, setting up dedicated Internet access for the sandbox, and configuring manual uploading and email forwarding. For email communication, we used either FortiMail or BCC/force mirroring solutions. FortiSandbox has successfully identified and blocked email attachments containing threats.
We use this solution to stay updated on the latest vulnerabilities and attacks. It acts as a database for Fortinet customers to keep their equipment safe and secure.
My company uses Fortinet FortiSandbox to integrate with the email system named FortiMail. Fortinet FortiSandbox also helps with the integration of network infrastructure, allowing our company to extract some objects from the network and analyze them.
IT Project Management at a energy/utilities company with 11-50 employees
Real User
Top 5
2023-06-23T14:25:00Z
Jun 23, 2023
I have experience installing solutions with the sandbox, along with its functionality that is multifunctional. When some files are detected with viruses, they are placed in quarantine.
Fortinet FortiSandbox is a security-centric solution of Fortinet. The solution inspects all the predicted or suspicious files which are executed in the Fortinet FortiSandbox environment. It contains virtual machines of different types, such as Windows Server, and Windows Ubuntu. If the suspicious files are executed and there is an issue found. The user can request to discard it when the file is delivered to their system.
Consultant Business Development - Security at a comms service provider with 51-200 employees
Consultant
2022-02-22T21:41:22Z
Feb 22, 2022
I provide this solution in the FortiGate firewall as a cloud license. I'm in presales and I qualify the solution, so I don't install it or deploy it. I worked with Sandbox for one project two years ago, especially with FortiGate 200E. I worked with the customer and prepared the solution according to their needs, and we decided on the architecture and design to deploy this solution. We put the firewall in the front end design and we configured it so that every file will be downloaded through the HTTP, or HTTPS, and the file will be scanned and analyzed with the antivirus of FortiClient. This is checked with the signature of this antivirus. If it's not okay, we will configure it to be scanned and analyzed with Sandbox. There, we will configure, for example, a virtual machine for in the cloud that contains Windows Server or Windows Desktop, the version that the customer already has. We deploy some services like Active Directory, or the service that the customer uses. We try to send this file to the virtual cloud. Then we check it. If the file attains a certain score, we will block it. If not, we can make an event quarantine. We configure our event in the firewall or in the switch that connects in this firewall, and we will put it in quarantine until that administrator checks this file and where or not it contains malware or not. In general, we purchase the license and we configure it in the front end firewall, not in the internal or data center firewall. This is especially for downloading the files that we can receive. For the firewall, we were using the version FortiOS 7.0. The first version that we deployed was the 6.5 version. That includes this cloud license. The firewall is on-premise, but the license for FortiSandbox is on the cloud. There are 10 people using this solution in my company.
Senior Security Engineer at a computer software company with 1,001-5,000 employees
Real User
2022-01-04T21:29:00Z
Jan 4, 2022
We are using Fortinet FortiSandbox to inspect and scan all our files. All the files inside our organization that is transferred through the company. The solution scans the files inside the PSVM because it has many VMs inside the FortiScan. It's working on zero-day attacks and not based on the signature of the threat. It's based on behavior analysis.
Architect of solutions at a comms service provider with 11-50 employees
Reseller
2021-03-09T11:52:10Z
Mar 9, 2021
FortiSandbox was a solution that we mainly sold for manual protection, however, in order to have a more compact environment, like you see the security fabric that has Fortinet, in many of our clients, we performed integration within solutions. Our clients are mainly ones that have had Fortinet solutions previously or want to test Fortinet solutions. We also encourage them to use integration with Security Fabric. Clients mainly use it for documents, or, for example, programs or execute tools that are injected in the network through the perimeter or through the DNC and also for internal analysis. When any of the users reconnect to the network after some time it will perform a check through FortiClient. They also have interaction with FortiSandbox - everything new is put in quarantine during the user's use. These files or execute tools are analyzed in the FortiSandbox.It can also analyze for scripts between documents or inside documents - mainly office documents like Excel, PowerPoint, or PDF.
We mainly use it for incoming mail from all our domains because we have several of them. We are servicing many companies as the holding company. Every mail is passed to the Sandbox virtual machine. It is a VM. Occasionally, a link or a standalone file that we want to check is also passed to the Sandbox virtual machine.
Principal Cyber Security Architect at a comms service provider with 5,001-10,000 employees
Reseller
2019-10-27T06:19:00Z
Oct 27, 2019
The primary use for FortiSandbox is to provide a good environment, a test environment for us to analyze any new threat in the market. Fortinet Cloud uses its technology to analyze those threats for us and we use the analysis engine. Our company is a service provider of Fortinet products, providing solutions based on the company's products. This can be anything from a UTM (Urchin Tracking Module) to a cloud solution depending on the requirements of the customer. It's not one specific model of the product that we have, rather we offer products based on the solutions required by the customer. We are resellers. There are easily more than 1,000 or 2,000 people that would be using this product through our company because we get organizations where there are maybe 500 to 600 users and others with around 1,000. So I would have to say more than 2,000.
Senior Security Consultant at SEE "Systems Engineering of Egypt"
Real User
2019-10-06T16:38:00Z
Oct 6, 2019
Our primary use case of this solution is to view the texts from our clients to their lawyers. We look for unknown malware and then I also use FortiFabric for integration.
IT Manager at a international affairs institute with 11-50 employees
Real User
2019-10-02T11:08:00Z
Oct 2, 2019
This solution is used to connect to all of our other fabric, including Fortinet solutions such as FortiGate, FortiMail, and FortiClient. We have this solution deployed on a virtual machine.
Solutions Manager at a tech services company with 1,001-5,000 employees
Real User
2019-09-29T12:12:00Z
Sep 29, 2019
The primary use case of this solution is email and protection. We use FortiMail as well, and most of our environment is protected. We don’t have internet access for our users apart from email. This solution is deployed in the Cloud.
Fortinet FortiSandbox is a behavior-based threat detection solution that prevents and detects malicious code in files transferred within the organization. It is integrated with FortiGate firewalls and FortiMail for threat protection and can be used for monitoring and reporting. The solution inspects files in a virtual environment with different types of virtual machines and can block or quarantine files based on their score.
The most valuable features include dynamic behavior analysis,...
We implemented FortiSandbox in three main steps: planning the infrastructure and topology, setting up dedicated Internet access for the sandbox, and configuring manual uploading and email forwarding. For email communication, we used either FortiMail or BCC/force mirroring solutions. FortiSandbox has successfully identified and blocked email attachments containing threats.
We use this solution to stay updated on the latest vulnerabilities and attacks. It acts as a database for Fortinet customers to keep their equipment safe and secure.
We use Fortinet FortiSandbox to troubleshoot different software.
My company uses Fortinet FortiSandbox to integrate with the email system named FortiMail. Fortinet FortiSandbox also helps with the integration of network infrastructure, allowing our company to extract some objects from the network and analyze them.
I have experience installing solutions with the sandbox, along with its functionality that is multifunctional. When some files are detected with viruses, they are placed in quarantine.
Fortinet FortiSandbox is a multi-functional solution. When some files have been packed with viruses, the solution detects and quarantines them.
It's used to detect non-signature-based malware.
Our primary use case for Fortinet FortiSandbox is preventing malicious code and getting alerts for blocking malicious code and other things.
The primary use case is to test our applications.
FortiSandbox is a tool we use to secure our client's data. We implement FortiSandbox depending on an organization's requirements.
Fortinet FortiSandbox is a security-centric solution of Fortinet. The solution inspects all the predicted or suspicious files which are executed in the Fortinet FortiSandbox environment. It contains virtual machines of different types, such as Windows Server, and Windows Ubuntu. If the suspicious files are executed and there is an issue found. The user can request to discard it when the file is delivered to their system.
Fortinet FortiSandbox is used for threat protection. For example, in emails and the internet.
I am using Fortinet FortiSandbox for security in the Fortinet fabric.
We use Fortinet FortiSandbox to integrate FortiMail and FortiGate firewalls.
I provide this solution in the FortiGate firewall as a cloud license. I'm in presales and I qualify the solution, so I don't install it or deploy it. I worked with Sandbox for one project two years ago, especially with FortiGate 200E. I worked with the customer and prepared the solution according to their needs, and we decided on the architecture and design to deploy this solution. We put the firewall in the front end design and we configured it so that every file will be downloaded through the HTTP, or HTTPS, and the file will be scanned and analyzed with the antivirus of FortiClient. This is checked with the signature of this antivirus. If it's not okay, we will configure it to be scanned and analyzed with Sandbox. There, we will configure, for example, a virtual machine for in the cloud that contains Windows Server or Windows Desktop, the version that the customer already has. We deploy some services like Active Directory, or the service that the customer uses. We try to send this file to the virtual cloud. Then we check it. If the file attains a certain score, we will block it. If not, we can make an event quarantine. We configure our event in the firewall or in the switch that connects in this firewall, and we will put it in quarantine until that administrator checks this file and where or not it contains malware or not. In general, we purchase the license and we configure it in the front end firewall, not in the internal or data center firewall. This is especially for downloading the files that we can receive. For the firewall, we were using the version FortiOS 7.0. The first version that we deployed was the 6.5 version. That includes this cloud license. The firewall is on-premise, but the license for FortiSandbox is on the cloud. There are 10 people using this solution in my company.
We are using Fortinet FortiSandbox to inspect and scan all our files. All the files inside our organization that is transferred through the company. The solution scans the files inside the PSVM because it has many VMs inside the FortiScan. It's working on zero-day attacks and not based on the signature of the threat. It's based on behavior analysis.
FortiSandbox was a solution that we mainly sold for manual protection, however, in order to have a more compact environment, like you see the security fabric that has Fortinet, in many of our clients, we performed integration within solutions. Our clients are mainly ones that have had Fortinet solutions previously or want to test Fortinet solutions. We also encourage them to use integration with Security Fabric. Clients mainly use it for documents, or, for example, programs or execute tools that are injected in the network through the perimeter or through the DNC and also for internal analysis. When any of the users reconnect to the network after some time it will perform a check through FortiClient. They also have interaction with FortiSandbox - everything new is put in quarantine during the user's use. These files or execute tools are analyzed in the FortiSandbox.It can also analyze for scripts between documents or inside documents - mainly office documents like Excel, PowerPoint, or PDF.
We mainly use it for incoming mail from all our domains because we have several of them. We are servicing many companies as the holding company. Every mail is passed to the Sandbox virtual machine. It is a VM. Occasionally, a link or a standalone file that we want to check is also passed to the Sandbox virtual machine.
We primarily use the solution to allow us to pick up on any traffic that is suspicious.
The primary use for FortiSandbox is to provide a good environment, a test environment for us to analyze any new threat in the market. Fortinet Cloud uses its technology to analyze those threats for us and we use the analysis engine. Our company is a service provider of Fortinet products, providing solutions based on the company's products. This can be anything from a UTM (Urchin Tracking Module) to a cloud solution depending on the requirements of the customer. It's not one specific model of the product that we have, rather we offer products based on the solutions required by the customer. We are resellers. There are easily more than 1,000 or 2,000 people that would be using this product through our company because we get organizations where there are maybe 500 to 600 users and others with around 1,000. So I would have to say more than 2,000.
We use this solution on-premises and our primary use case is for end-point protection.
Our primary use case of this solution is to view the texts from our clients to their lawyers. We look for unknown malware and then I also use FortiFabric for integration.
This solution is used to connect to all of our other fabric, including Fortinet solutions such as FortiGate, FortiMail, and FortiClient. We have this solution deployed on a virtual machine.
The primary use case of this solution is email and protection. We use FortiMail as well, and most of our environment is protected. We don’t have internet access for our users apart from email. This solution is deployed in the Cloud.
The primary use case of this solution is for using FortiSandbox. The deployment model we are using is on-premises.
Securing mail is our primary use case.