FortiSandbox

Top-Rated Proactive Advanced Threat Detection

Determining if You've Outgrown your First-Gen Sandbox
Available in:
  • Appliance
  • Virtual Machine
  • Hosted
  • Cloud

FortiSandbox

With the increasing volume and sophistication of cyber-attacks, it takes only one threat to slip through security for a data breach to occur. CISOs have adopted sandboxing as an essential component of their security strategies to help combat previously unknown threats.

While attack surfaces are becoming more dynamic due to the rise of IoT and cloud-based services, a continuing shortage of cyber security talent is driving organizations to integrate sandboxing with greater controls and a high degree of automation.

 

 

 

FortiSandbox News

5/24/18: What to look for in a "next-generation" Sandbox?  Read here

4/05/2018: FortiSandbox software 2.5.2 is now available.  Learn more

4/2/2018: FortiSandbox for AWS has expanded its offering to include BYOL (Bring Your Own License) along with the existing On-Demand (pay-as-you-go) option.  See AWS marketplace listing for FortiSandbox.

 

 

FortiSandbox Videos

FortiSandbox, Fast and Effective Protection Against Advanced Threats

FortiSandbox, Fast and Effective Protection Against Advanced Threats

This short video describes how sandbox works to detect advanced threats and why only FortiSandbox can deliver an effective automated advanced threat protection solution.

Watch Now

FortiSandbox Product Details

Today’s threats are increasingly sophisticated and often bypass traditional malware security by masking their malicious activity. A sandbox augments your security architecture by validating threats in a separate, secure environment. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. It's also a key component of our Advanced Threat Protection solution.

 

Features and Benefits

top rate icon

Independently top-rated

NSS Labs "Recommended" for breach detection and breach prevention, and ICSA labs certified for advanced threat defense
checkmark icon

Broad integration

Extends advanced threat protection to your next-generation firewall, web application firewall, secure email gateway, and endpoint protection platform
intelligent icon

Intelligent automation

Speeds mitigation by sharing real-time updates to disrupt threats at the origin and subsequest immunization across the entire organization and the global community
simple icon

All-in-one

Simplifies deployment and reduces complexity by covering all protocols in a single common sandbox platform
flexible icon

Flexible deployment

Available as a physical or virtual appliance on premises, as well as a cloud-based or managed service
integration icon

Open extensibility

Flexible APIs for easy third-party integration and available day-zero integration with Fabric-Ready partners

FortiSandbox Models and Specifications

FortiSandbox broad form factor offering including physical, virtual appliance to public cloud and as a hosted service that supports various deployment options to fit any environment. 

Form Factor
2 RU
Effective real-world throughput (files/hr)
480
Ports
6x GE RJ45 ports, 2x GE SFP slots
Form Factor
2 RU
Effective real-world throughput (files/hr)
240 (upgradeable to 1,440)
Ports
4x GE RJ45 ports, 2x 10 GE SFP+ slots
Form Factor
2 RU
Effective real-world throughput (files/hr)
480 (upgradeable to 3,360)
Ports
4x GE RJ45 ports, 2x 10 GE SFP+ slots
Form Factor
3 RU
Effective real-world throughput (files/hr)
2,160 (upgradeable to 3,600)
Ports
20x GE RJ45 ports, 10x 10 GE SFP+ slots (4x GE RJ45 ports, 2x 10 GE SFP+ slots per node)
FortiSandbox VM supports VMware ESXi version 5.1 or later, and Linux KVM CentOS 7.2 or later. 

Effective real-world throughput (files/hr)
Hardware dependent
Ports
6 (minimum) virtual network interfaces
Effective real-world throughput (files/hr)
300 (upgradeable to 12,000)
Ports
6 (minimum) virtual network interfaces

As businesses move to the cloud, it is imperative to extend the security infrastructure to protect assets natively in the cloud against sophisticated threats. FortiSandbox support of public cloud includes Amazon Web Services (AWS) On-Demand (pay-as-you go) and BYOL (Bring Your Own License), allows organizations to build a comprehensive cloud security architecture that integrates FortiSandbox with FortiGate, FortMail, FortiWeb, FortiClient, and 3rd party solutions.

Please see the AWS Marketplace listings for more information:

FortiSandbox on AWS BYOL

FortiSandbox on AWS On-Demand

FortiSandbox Cloud offers an alternate deployment option to the FortiSandbox appliance for organizations searching for a turnkey solution. It delivers the same rapid detection and automated response, but in the cloud.  This provides unlimited flexibility to complement FortiGates in any deployment scenario such as distributed enterprise, data center, and more.

The FortiSandbox Cloud is available with the FortiGate next-generation firewall, FortiMail secure email gateway, and FortiWeb web application firewall, and FortiProxy secure web gateway.

If you are an existing FortiSandbox Cloud customer, please click here to access the service.

FortiGuard Security Services for FortiSandbox

FortiSandbox employs FortiGuard Threat Intelligence including an extended AV signature set, IPS, Web Filtering, emerging malware query, and sandbox engine updates to improve the robustness of threat detection as well as accelerate threat analysis and verdict determination. 

FG Antivirus

Antivirus

FortiGuard Antivirus protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content.

FG Intrusion Prevention

Intrusion Prevention

FortiGuard IPS protects against the latest network intrusions by detecting and blocking threats before they reach network devices.

FG Web Filtering

Web Filtering

Protects your organization by blocking access to malicious, hacked, or inappropriate websites.

FortiSandbox Alliance Partners

FortiSandbox provides integration with many leading IT vendors as part of the Fortinet Security Fabric.  Below is a list of current FortiSandbox Fabric-Ready API Alliance Partners:

 

Carbon Black

Carbon Black

Carbon Black leads a new era of endpoint security by enabling organizations to disrupt advanced attacks, deploy the best prevention strategies for their business, and leverage the expertise of 10,000 professionals from IR firms, MSSPs, and enterprises to shift the balance of power back to security teams.

  

SentinelOne

SentinelOne

SentinelOne is shaping the future of endpoint security with an integrated platform that unifies the detection, prevention and remediation of threats initiated by nation states, terrorists, and organized crime. SentinelOne’s unique approach is based on deep inspection of all system processes combined with innovative machine learning to quickly isolate malicious behaviors, protecting devices against advanced, targeted threats in real time.

  

Ziften

Ziften

Ziften delivers all-the-time visibility and control for any asset, anywhere - client devices, servers, and cloud VMs – whether on-network or remote; connected or not. Our unified systems and security operations (SysSecOps) platform empowers IT and security operations teams to quickly repair user impacting endpoint issues, reduce their overall risk posture, speed security threat response, and increase operations productivity. Ziften’s secure architecture delivers continuous, streaming endpoint monitoring and historical data collection for large and mid-sized enterprises, governments, and managed security service providers (MSSP). And Ziften helps extend the value of incumbent tools and fill the gaps between fragmented, siloed systems.

  

FortiSandbox

NSS Labs Breach Prevention Systems (BPS) Test 2017

NSS Labs introduced a new group test, BPS focused on detecting and blocking exploits, advanced malware, and evasions. This helps validate the advanced threat response cycle of prevent-detect-mitigate across a number of threat vectors including web, email, and endpoint. Fortinet's Security Fabric consisting of FortiSandbox, FortiGate, FortiMail, and FortiClient integrated together, earned a Recommended award by achieving a block rate of 99.6% and offering the lowest 3-year TCO.

NSS Labs Breach Detection Systems Test 2017 and SVM

According to Verizon's 2017 Data Breach Investigations Report, 99% of malware is delivered by email and the web. In the NSS Breach Detection System 2017 test, newly introduced FortiSandbox 2000E blocked 100% of advanced malware delivered over these two vectors and 99% overall offered at the lowest TCO, earning the NSS Labs “Recommended” rating.

ICSA Certified for Advanced Threat Defense

With data breaches continuing to make headlines, new product and solutions designed to detect and prevent the advanced attacks often at the root of these breaches have emerged. To help organizations assess the effectiveness of these new offerings, ICSA Labs, an independent division of Verizon (author or the annual Data Breach Investigations Report or DBIR), recently introduced a new independent, Advanced Threat Defense certification, and Email certification.

Product Demo

FortiSandbox Demo

Today's sophisticated zero day and targeted attacks won't be stopped by any one type of security. Advanced threat detection is key to preventing data breaches and other consequences of a successful attack. Check out the full working demo of our sandbox, FortiSandbox. Explore multiple deployment modes: sniffer, FortiGate integrated, and manual submission. See the rich reporting and actionable dashboards to speed response. You will quickly see the value of Fortinet's consolidated approach to inspecting all protocols and performing all functions on one, high-performance appliance.

Access the demo

Below are answers to common questions regarding FortiSandbox and related services:

Is FortiSandbox a point only solution?

FortiSandbox supports standalone and integrated deployment model. As a standalone, FortiSandbox can sniff packets via TAP/SPAN, scan files in a repository or accept files via on-demand submission, and via ICAP/JSON API. As an integrated solution, FortiSandbox accepts submission from FortiGate, FortiMail, FortiWeb, FortiProxy, FortiADC, FortiClient and Fabric-Ready partners and shares zero-day intelligence in real-time across integrated devices for rapid mitigation.

Does FortiSandbox fit my security infrastructure?

FortiSandbox form-factors range from a managed solution, appliance, VM, and public cloud that would meet a range of requirements from SMB to large enterprise to cloud-first organizations. 

How effective is FortiSandbox against advanced threats?

FortiSandbox has garnered Recommendations from NSS Labs Breach Detection TestBreach Prevention Test, and ICSA Advanced Threat Defense.

How fast can FortiSandbox be up and running?

Users can use Fortisandbox on day one by leveraging default VMs with pre-built OS and application license. Optionally, users can build a custom VM to replicate their standard end-user profile.

How do I test drive FortiSandbox?

A self-driven FortiSandbox demo can be found here. You may also request a threat assessment (with FortiSandbox) or request a live FortiSandbox demo by contacting us here.