FortiGuard Inline Sandbox

Service

Keeps malware out with real-time file analysis

Overview

To avoid slow-downs, traditional sandboxing solutions let suspicious files pass into the

organization while analysis for threats occurs offline. Then, if the file comes back as malicious,

security teams have to scramble to find the malware as it moves deeper into the organization. 

In FortiOS 7.2, we introduce the industry’s first inline sandbox to hold suspicious files—without

performance impact—by leveraging our cloud-scale malware analysis environment. Only files

that have been analyzed and determined to be safe are let into the network.

The Inline Sandbox Service attaches to a number of Fortinet products, integrating across the

Security Fabric, covering the network, endpoint, email, and more.


FortiGuard Security Services

All FortiGuard security services are natively integrated into the Fortinet Security Fabric. This

enables fast, coordinated detection and enforcement across the entire attack surface. Risk is

continually assessed and the Security Fabric automatically adjusts to counter the latest known and

unknown threats in real time.

FortiGuard Sandbox Detection and Prevention Service

The Sandbox Detection and Prevention Service is a new a-la-carte service for FortiGate

(available in Q2 2022), which includes inline blocking for sandbox and AI/NDR detection, plus

log enrichment for SOC teams.

Benefits:

 Optimizes security operations with SOCaaS log ingestion

 Secures the data center, branch, campus, and cloud

 Ideal for any size organization

 Available in North America, Europe, and Asia regions

Available for FortiGate, FortiClient, and  FortiMail


FortiGuard Sandbox Detection Service

This service is bundled with the Advanced Malware Protection (AMP) Service for FortiGate,

including antivirus, mobile malware, and other components. This service provides out-of-band

sandbox detection and log enrichment with a cloud-based SaaS portal for SOC admins.

Benefits:

 Out-of-band sandboxing, alerting, and reporting

 Log enrichment for SOC response

 Secures the data center, branch, campus, and cloud

 Ideal for any size organization

 Available in North America, Europe, and Asia regions

Available for FortiGate, FortiClient,  FortiMail ,  FortiWeb ,  FortiProxy , and  FortiADC


FortiSandbox Hosted

Fortinet-hosted sandbox is a subscription service. It includes FortiSandbox VM with dedicated

resources for high performance and centralization of reports. This service covers all FortiGate,

FortiClient, and FortiMail appliances in your network.

Benefits:

 Centralized alerting, reporting, and threat intelligence


 Secures the data center, branch, campus, and cloud

 Ideal for any size organization

 Available in North America and Europe regions

Available for FortiGate, FortiClient, and  FortiMail

FortiSandbox Hosted

Fortinet-hosted sandbox is a subscription service. It includes FortiSandbox VM with dedicated

resources for high performance and centralization of reports. This service covers all FortiGate,

FortiClient, and FortiMail appliances in your network.

Benefits:

 Centralized alerting, reporting, and threat intelligence


 Secures the data center, branch, campus, and cloud

 Ideal for any size organization

 Available in North America and Europe regions

Available for FortiGate, FortiClient, and  FortiMail


FortiSandbox Virtual Appliance (Private/Public Cloud)

FortiSandbox VMs natively integrate with the Security Fabric, Fabric Partners, adapters, APIs,

network share and sniffer to intercept and submit suspicious content to FortiSandbox. The

integration also provides timely remediation and reporting capabilities.

Benefits:

 Available for public cloud and private cloud deployments

 Out-of-box integration with Fortinet Security Fabric and third-party solutions

 Centralized sandboxing, alerting, and reporting

 Real-time threat intelligence sharing

Available for FortiGate, FortiClient,  FortiMail ,  FortiWeb ,  FortiProxy , and  FortiADC


FortiSandbox Hardware Appliance

FortiSandbox hardware appliances natively integrate with the Security Fabric, Fabric Partners,

adapters, APIs, network share and sniffer to intercept and submit suspicious content to

FortiSandbox. The integration also provides timely remediation and reporting capabilities to

those devices.

Benefits:

 Available in a range of performance levels to fit organizations of all sizes

  Out-of-box integration with Fortinet Security Fabric and third-party solutions

 Centralized sandboxing, alerting, and reporting

 Real-time threat intelligence sharing

Features and Benefits 
FAST TIME TO VERDICT

Machine learning and deep learning models enhance static and dynamic malware analysis and code analysis, supervised by FortiGuard Labs


INLINE BLOCKING

Inline sandboxing holds suspicious files, leveraging our cloud-scale malware analysis environment


BROAD INTEGRATION

Zero-day threat protection is extended to a next-generation firewall, secure email gateway, and endpoint protection platform


ACCELERATED THREAT INVESTIGATION

Built-in MITRE ATT&CK matrix identifies a variety of malware techniques


UNIFIED IT/OT ZERO-DAY THREAT PROTECTION 

Protects both IT and OT environments and assets from malware with one solution


UNBURDENS SECURITY TEAMS

Blocking unknown malware at the firewall, client, and mail levels results in fewer incidents and less investigation time and mitigation required.

Features and Benefits
APPLICATION RESILIENCE

Ensures highest level of application availability and performance over any WAN transport


INTEGRATED ADVANCED SECURITY

Converges the most advanced NGFW and routing to deliver consistent security on- and off-network


SCALABLE, HIGH PERFORMANCE

Transforms and secures SD-WAN at large scale with no performance impact thanks to the industry's only SD-WAN ASIC


MULTI-CLOUD ON-RAMP

Enables secure, fast connectivity and high performance to, in, and between cloud applications  


ZERO-TOUCH PROVISIONING

Enables large scale, faster deployment of Secure SD-WAN


CENTRALIZED ORCHESTRATION

SECURE INDUSTRIAL AND OT ENVIRONMENTS Deliver enterprise security for operational technology (OT) environments with FortiGate Rugged NGFWs. Gain full network visibility and threat protection.