FortiGuard Inline Sandbox Service
Superior sandbox solutions to protect against zero-day and sophisticated cyberthreats.
Download Data SheetSuperior sandbox solutions to protect against zero-day and sophisticated cyberthreats.
Download Data SheetSandboxing solutions from Fortinet detect and analyze zero-day malware and other advanced file-based threats. The combination of service and product provides a comprehensive, coordinated, integrated, and scalable approach to advanced detection and protection from file-based zero-day threats. Inline sandboxing offers the industry’s first inline blocking on an NGFW. Flexible deployment options include Platform-as-a-Service, Software-as-a-Service, virtual machine, and hardware appliances to suit any use case and type of organization.
The FortiGuard Inline Sandbox Service combines multilayered advanced threat filtering. It uses AV, CPRL, AI/ML, dynamic analysis with deep neural networks, and FortiGuard threat intelligence to render verdicts in real time without impact on productivity or security overhead. The service is available globally.
FortiSandbox is the ultimate combination of AI-/ML-powered detection and threat filtering. It detects and remediates threats traditional approaches miss. Deploy as on-prem, cloud, or a hosted service for your enterprise, OT, or SOC needs.
The FortiGuard Inline Sandbox Service does not let any suspicious files pass into the organization. A combination of AV, advanced threat filtering, and AI/ML, narrows down file-based threats. This eliminates false positives to focus on unknown threats that can pose actual risk.
Inline blocking on the NGFW blocks unknown files and sends them to the inline sandbox.
Static and dynamic analysis of suspicious files results in sub-second malware detection and verdicts. If the file is clean, the NGFW will release the file to the user. Otherwise, the file will be blocked and quarantined for further action.
Advanced threat filtering optimizes file analysis while reducing false positives. Combining AV and techniques like AI/ML, CPRL, deep inspection, advanced threat filtering filters out the noise. It sends only select, higher risk zero-day files for deeper sandbox analysis.
Advanced threat filtering reduces file processing time and enables quicker time to verdict while maintaining a high security posture.
Advanced threat filtering delivers security without guess work.
Service/Product | Type | Description | Inline Blocking |
---|---|---|---|
FortiGuard AI-based Inline Sandbox Service | SaaS subscription | The FortiGuard AI-Based Inline Sandbox Service is a new a-la-carte service for FortiGate NGFWs. It includes inline blocking for sandbox and AI/NDR detection, plus log enrichment for SOC teams | Yes |
Cloud Sandbox Service | SaaS subscription | Available as part of Fortigate Cloud, is subscription sandbox service that protects against zero-day malware. | No |
FortiSandbox Hosted | PaaS subscription | Fortinet-hosted sandbox is a subscription service. It includes FortiSandbox VM with dedicated resources for high performance and centralization of reports. | Yes |
FortiSandbox Virtual Appliance | VM subscription | FortiSandbox VMs are offered as an alternative to hardware for greater deployment flexibility with same features. | Yes |
FortiSandbox Hardware | HW bundle + licenses | FortiSandbox hardware appliances natively integrate with the Security Fabric, Fabric Partners, adapters, APIs, network share and sniffer to intercept and submit suspicious content to FortiSandbox. The integration also provides timely remediation and reporting capabilities to those devices. | Yes |
The strength of Fortinet's platform-driven approach is to enable coordinated workflows including response while customers benefit from a globalized network effect across Fortinet’s worldwide install base. The FortiGuard Sandbox Service and related sandbox portfolio are integrated into the following Fabric solutions:
With a growing attack surface, organizations need protection against sophisticated, multi-vector, and multi-stage AI/ML- driven zero-day attacks. Sandboxing solutions from Fortinet detect and block zero-day and other advanced attacks from ever becoming threats. Key use cases include the following:
Block zero-day threats from entering your network with advanced threat filtering coupled with AI, ML, and global threat intelligence. Ensure security while keeping pace with enterprise traffic and reducing security overhead.
When integrated with Fortinet FortiMail, suspicious files in emails—including email-based ransomware—can be detonated and analyzed before reaching intended recipients.
IT/OT convergence coupled with a need for remote access has opened previously air-gapped OT networks to access by threat actors. Protect your manufacturing, plant, safety, facility, or other OT environments from targeted malware attacks that can bring operations to a halt.