Skip to content Skip to navigation Skip to footer

FortiGuard Inline Sandbox Service

Keeps malware out with real-time file analysis  

FortiGuard Inline Sandbox Service banner background banner dots

Overview

To avoid slow-downs, traditional sandboxing solutions let suspicious files pass into the organization while analysis for threats occurs offline. Then, if the file comes back as malicious, security teams have to scramble to find the malware as it moves deeper into the organization. 

In FortiOS 7.2, we introduce the industry’s first inline sandbox to hold suspicious files—without performance impact—by leveraging our cloud-scale malware analysis environment. Only files that have been analyzed and determined to be safe are let into the network.

The Inline Sandbox Service attaches to a number of Fortinet products, integrating across the Security Fabric, covering the network, endpoint, email, and more.

FortiGuard Security Services

All FortiGuard security services are natively integrated into the Fortinet Security Fabric. This enables fast, coordinated detection and enforcement across the entire attack surface. Risk is continually assessed and the Security Fabric automatically adjusts to counter the latest known and unknown threats in real time. 

Service/Product

Type

Operated by

Inline Sandbox

Pricing

FortiGuard Sandbox Detection and Prevention Service

SaaS subscription

Fortinet

Yes

Subscription/product

FortiGuard Sandbox Detection Service

SaaS subscription

Fortinet

No

Subscription/product

FortiSandbox Hosted

PaaS subscription

Shared

 Coming soon

Sizing/account

FortiSandbox Virtual Appliance

VM subscription

Customer

Coming soon

Sizing/account

FortiSandbox Hardware

HW bundle + licenses

Customer

Coming soon

Sizing based/account

 

FortiGuard Sandbox Detection and Prevention Service

The Sandbox Detection and Prevention Service is a new a-la-carte service for FortiGate (available in Q2 2022), which includes inline blocking for sandbox and AI/NDR detection, plus log enrichment for SOC teams.

Benefits:

  • Optimizes security operations with SOCaaS log ingestion
  • Secures the data center, branch, campus, and cloud
  • Ideal for any size organization
  • Available in North America, Europe, and Asia regions

Available for FortiGate, FortiClient, and FortiMail

FortiGuard Sandbox Detection Service

This service is bundled with the Advanced Malware Protection (AMP) Service for FortiGate, including antivirus, mobile malware, and other components. This service provides out-of-band sandbox detection and log enrichment with a cloud-based SaaS portal for SOC admins.

Benefits:

  • Out-of-band sandboxing, alerting, and reporting
  • Log enrichment for SOC response
  • Secures the data center, branch, campus, and cloud
  • Ideal for any size organization
  • Available in North America, Europe, and Asia regions

Available for FortiGateFortiClient, FortiMail, FortiWeb, FortiProxy, and FortiADC

FortiSandbox Hosted

Fortinet-hosted sandbox is a subscription service. It includes FortiSandbox VM with dedicated resources for high performance and centralization of reports. This service covers all FortiGate, FortiClient, and FortiMail appliances in your network.

Benefits:

  • Centralized alerting, reporting, and threat intelligence
  • Secures the data center, branch, campus, and cloud
  • Ideal for any size organization
  • Available in North America and Europe regions

Available for FortiGateFortiClient, and FortiMail

FortiSandbox Virtual Appliance (Private/Public Cloud)

FortiSandbox VMs natively integrate with the Security Fabric, Fabric Partners, adapters, APIs, network share and sniffer to intercept and submit suspicious content to FortiSandbox. The integration also provides timely remediation and reporting capabilities.

Benefits:

  • Available for public cloud and private cloud deployments
  • Out-of-box integration with Fortinet Security Fabric and third-party solutions
  • Centralized sandboxing, alerting, and reporting
  • Real-time threat intelligence sharing

Available for FortiGateFortiClientFortiMailFortiWebFortiProxy, and FortiADC

FortiSandbox Hardware Appliance

FortiSandbox hardware appliances natively integrate with the Security Fabric, Fabric Partners, adapters, APIs, network share and sniffer to intercept and submit suspicious content to FortiSandbox. The integration also provides timely remediation and reporting capabilities to those devices.

Benefits:

  • Available in a range of performance levels to fit organizations of all sizes
  •  Out-of-box integration with Fortinet Security Fabric and third-party solutions
  • Centralized sandboxing, alerting, and reporting
  • Real-time threat intelligence sharing

Available for FortiGateFortiClientFortiMailFortiWebFortiProxy, and FortiADC

 

Service/Product

Anti-evasion Detection

C&C Detection

AV/IPS/Web Filtering

Threat Intelligence

FGD Sandbox Detection and Prevention Service

Y

Y

Y

Y

FGD Sandbox Detection Service

Y

Y

Y

Y

FortiSandbox Hosted

Y

Y

Y

Y

FortiSandbox Virtual Appliance

Y

Y

Y

Y

FortiSandbox Hardware

Y

Y

Y

Y

View by:

Fuse Community


Features and Benefits

icon artificial intelligent

FAST TIME TO VERDICT

Machine learning and deep learning models enhance static and dynamic malware analysis and code analysis, supervised by FortiGuard Labs

Icon automation

INLINE BLOCKING

Inline sandboxing holds suspicious files, leveraging our cloud-scale malware analysis environment

integration icon

BROAD INTEGRATION

Zero-day threat protection is extended to a next-generation firewall, secure email gateway, and endpoint protection platform

checkmark icon

ACCELERATED THREAT INVESTIGATION

Built-in MITRE ATT&CK matrix identifies a variety of malware techniques

Malware Protection

UNIFIED IT/OT ZERO-DAY THREAT PROTECTION 

Protects both IT and OT environments and assets from malware with one solution

icon benefit fortiattack

UNBURDENS SECURITY TEAMS

Blocking unknown malware at the firewall, client, and mail levels results in fewer incidents and less investigation time and mitigation required.