Skip to Content

Solved: How do I send files from FortiGate to FortiSandbox for inspection?

The article describes how to send files from FortiGate to FortiSandbox for inspection by applying the Antivirus profile in the policy.

Solution

Step 1: Go to Security Profiles > Antivirus and select Create new/Edit.

Enable the following features:

  • Inspected Protocols: HTTP.
  • Select Send files to FortiSandbox for inspection: All Supported Files
  • Enable FortiSandbox database.

Go to Security Profiles > Antivirus and select Create new/Edit.

Step 2: Enable the Antivirus profile in the policy.

Enable the Antivirus profile in the policy.

Step 3: Test by downloading example Virus file. eicar: https://www.eicar.com/download-anti-malware-testfile/

Here is the log result example.

Logs show the file submitted to FortiSandbox and the inspection done by FortiSandbox to analyze the file.

Logs show the file submitted to FortiSandbox and the inspection done by FortiSandbox to analyze the file.

The above logs show the file submitted to FortiSandbox and the inspection done by FortiSandbox to analyze the file.