FortiSandbox will store the file, but not inspect it until the administrator manually authorizes the new VDOM
Before generating traffic, the administrator can push the VDOM configuration from the FortiGate to the FortiSandbox. Then when FortiSandbox receives the file, FortiSandbox will inspect the file.
FortiSandbox can be pre-configured to automatically authorize the new VDOM and inspect the file.
FortiSandbox will store the file, but no inspect it until the administrator manually adds the new VDOM to the FortiSandbox configuration.
Microsoft Word documents (.docx) are not inspected.
Office 365 files are not supported.
Microsoft Office is not included. You must purchase it separately, then manually install it in the applicable VMs on FortiSandbox.
Office 2013 is installed in one of the VMs.
FortiGate sends the file name to FortiGuard. FortiGuard checks if a file with name has been already inspected.
FortiGate sends the file name to FortiSandbox. FortiSandbox checks if it has already inspected a file with the name
FortiGate sends a hash of the file to FortiSandbox. FortiSandbox checks if it has already inspected a file with that hash.
FortiGate searches its cache of a list of file names that it has already inspected.
Depending on the version indicated in the PDF file. FortiSandbox will scan using only one PDF reader (either AdobeReader 9 or Adobe Reader 11)
If there are no internet Explorer 10 installations on your network, you can safely disable the scaning of Adobe Flash with Microsoft Internet Explorer 10.
FortiSandbox will scan all Flash applications using Internet Explorer 10. This does not guarantee safety for Internet Explorer 8.
You can safely disable the PDF scanning with Acrobat Reader 9 because PDF scanning with Acrobat Reader 11 is enabled.
Contact Microsoft support
Restore a backup of the configuration taken before the licenses became locked.
Reinstall the license files.
Contact Fortinet Support.
Summary of the file activity
Changes to the FortiSandbox's configuration
Details about system files deleted or modified
Updates to the antivirus database
Suspicious website access
Applications that use excessive bandwidth
FortiGate HA synchronization
Windows 7 (64-bit)
Windows 7 (32-bit)
Windows XP (32-bit)
Mac OS X 10.10
Windows 8.1 (64-bit)
Internet Explorer 10
Internet Explorer 9
Firefox 41.0.1 (auto-updating)
GoogleChrome 45.0.2454 (auto-updating)
In Advance, the admiistrator can push the VDOM configuration from the FortiGate to the FortiSandbox so that it wil authorize the VDOM and FortiSandbox will inspect the file.
FortiSandbox will store the file, and not inspectit until the administrator manually adds the new VDOM to the FortiSandbox configuration
FortiSandbox will store the file, and not inspectit until the administrator manually authorize the new VDOM on FortiSandbox.
In Advance, the admiistrator can configure FortiSandbox to automaticaly authorize the new VDOM and inspect the file
A 5MB EXE file attached to an email, sent over POP3, detected as a known virus by the FortiGate
An 11 MB EXE file, sent HTTP, detected as suspicious by the FortiGate
A 7MB PDF attachment to an Email, sent over SMTP
A 3 MB archve that ecompress to 16 MB, sent over HTTP
A 3 MB Flash video, sent over HTTP