admin管理员组文章数量:1568582
2024年7月18日发(作者:)
ORDERING GUIDE
FortiSandbox
Available in
AI-powered sandbox malware analysis
Inline block breach protection
MITRE ATT&CK-based report
Hardware
Appliance
VM
Appliance
Public
Cloud
Fortinet-
Hosted
FortiSandbox is a third-generation malware sandbox powered by machine learning and deep learning that
integrates to any existing security infrastructure and enables automated protection across both IT and OT
environments.
FortiSandbox is offered from different cloud services and on-premise appliances:
• Sandbox As-a-service (SaaS): subscription services for FortiGate (and FortiMail and FortiClient) to
support either:
• Detection: out-of-band sandboxing, alerting, reporting, and log enrichment for SOC response.
• Detection and Prevention: prioritized and high capacity to support inline sandboxing plus SOCaaS
log ingestion.
• SOC Platforms: multiple form factors to aid SOC teams in detection, prevention, and threat hunting:
• Fortinet-hosted Cloud: subscription service (platform as-a-service (PaaS)) FortiSandbox with
dedicated VM resource for dedicated performance and centralization of reports and threat
intelligence across Fortinet estate.
• Public Cloud: cloud-based FortiSandbox on Azure/AWS/OCI/GCP cloud.
• Dedicated Appliance: on-premise FortiSandbox with guaranteed response time and detection.
AS-A-SERVICE
ADVANCED MALWARE
PROTECTION
FortiGate Integration
Detection
(Visibility and Log Enrichment)
Accelerated AI Prefilter
Prevention
(Inline Blocking)
Security Operations
SOC Integration
SaaS monitoring of threats plus
data (log) enrichment
Inline blocking of detected threats
plus data (log) enrichment
SOC PLATFORMS
CLOUD/APPLIANCES
INLINE MALWARE
PREVENTION
Supported
Advanced sandbox GUI including MITRE ATT&CK techniques, sandbox
execution timelines, and more
1
ORDERING GUIDE | FortiSandbox
PRODUCT OFFERINGS
Flexible FortiGate, FortiClient, and FortiMail Offerings
Sandbox Detection Service is bundled with the FortiGate’s Advanced Malware Protection (AMP) service, including antivirus,
mobile malware, and other components. This service provides out-of-band sandbox detection and log enrichment with a
cloudbased SaaS portal for SOC admins.
Sandbox Detection and Prevention Service is a new a la carte service, which includes inline blocking for sandbox and AI/NDR
detections, plus log enrichment for SOC teams.
Both services are currently available in the North America, Europe, and Asia regions. Similar service offerings are available for
FortiClient and FortiMail products.
AS-A-SERVICE
ADVANCED MALWARE PROTECTION
FortiGate Integration
Detection
(Visibility and Log Enrichment)
Accelerated AI Prefilter
Prevention
(Inline Blocking)
Security Operations
SOC Integration
System Performance
Sandboxing Throughput
(Files/Hr)
Total Capacity (Files/Hr)
Detection Capabilities
AI-based Static Behavior Analysis
Antievasion Detection
C&C Detection
AV, IPS, Web Filtering
Sandboxing VMs
Cloud VMs
Supported OS
Windows
2
Additional Services
24x7 Support
1 Integrated with FortiNDR’s Artificial Neural Network capability for fast pre-filtering.
2 Based on configured file types on the antivirus profile.
Prioritized
Accelerated
1
TBC
TBC
SaaS monitoring of threats, plus data (log) blocking of detected threats, plus data (log) enrichment
INLINE MALWARE PREVENTION
ORDER INFORMATION
The following table shows an example of the a la carte SKUs for the FortiGate-60F. The same SKUs are available for FortiGate
models.
SKU
Hardware and Support
FG-60F
24x7 FortiCare Support
A la Carte - FortiGuard Security Services
FortiGuard Advanced Malware Protection (AMP) Service
FortiGuard AI-based Inline Malware Prevention Service
FC-10-0060F-100-02-DD
FC-10-0060F-577-02-DD
FG-60F
FC-10-0060F-247-02-DD
2
ORDERING GUIDE | FortiSandbox
SOC AUGMENTATION
On-Premise, Cloud, and Hosted Options
FortiSandbox PaaS is a Fortinet-hosted platform available on a subscription basis, providing the same capabilities as hardware
and virtual appliances. It is currently available in the North America and Europe regions.
FortiSandbox Virtual Appliances are available for public cloud and private cloud deployments.
FortiSandbox Hardware Appliances are available in a range of performance levels for different size organizations.
CLOUD
FORTISANDBOX PAASPRIVATE/PUBLIC CLOUD
FortiGate Capabilities
Detection
(Visibility and Log Enrichment)
Accelerated AI Prefilter
Prevention
(Inline Blocking)
System Performance
Effective Sandboxing Throughput
1
(Files/Hr)
Static Analysis Throughput
2
(Files/Hr)
Dynamic Analysis Throughput
3
(Files/Hr)
FortiMail Throughput
4
(emails/hour)
Number of Users
5
MTA Adapter Throughput
(emails/hour)
Sniffer Mode Throughput (Gbps)
Detection Capabilities
AI-based Static Behavior Analysis
Antievasion Detection
C&C Detection
AV, IPS, Web Filtering
Sandboxing VMs
Default Local VMs
Local or Custom VM Expansion
Capacity
Cloud VM Expansion Capacity
Supported OS
Windows
MacOS, Linux, Android
Custom OS
OT Simulation
User-Defined
System Information
Type
1G RJ45
1G SFP
10G SFP+
Cloud Subscription
N/A
N/A
N/A
Virtual Machine
Hardware Dependent
Hardware Dependent
Hardware Dependent
1RU Appliance
1RU Appliance
2RU Appliance
Limited
8
/ —
1 - 200
0
8 (Private/BYOL)
128 (PAYG)
6
1 - 200
2
+12
5 - 200
2
+12
5 - 200
8
+64
5 - 2007
1
200 - 40,000
8 - 1,600
1,000 - 40,000
40 - 1,600
20 - 4,000100 - 1,00010,000
20,000
400
100,000
1,400
10,000
32,000
80,000
1,000
320,000
4,000
32,000
68,000
160,000
1,600
600,000
6,400
60,000
9.6
Supported
1
Supported
1
Supported
1
Supported
1
HARDWARE
500G1500G3000F
1 Tested based on files with 80% documents and 20% executables; measured based on v4.4.2. Includes both Static and Dynamic analysis with pre-filtering enabled.
2 Includes receiving, job handling, AV engine, Yara engine, Cloud Query.
3 Previously called “Sandboxing VM Throughput“.
4 Based on a ratio of one email with attachment to 10 emails.
5 Based on a ratio of one user per 25 emails on 10 hour period with 10% on Dynamic Scan.
6 Based on number of cores multiplied by 4.
7 Local Static Scan capacity can limit overall throughput for full cloud expansion.
8 Limited to Static Analysis only
3
ORDERING GUIDE | FortiSandbox
Note that all form factors include the same set of advanced detection capabilities below:
CLOUD
FORTISANDBOX PAAS
Security Services
Fortinet Security Fabric
Integration
Fabric Partners
Adapters, API, Network Share,
and Sniffer
Dynamic Analysis Time
AI-based Static Behavior
Analysis
Anti-evasion Detection
C&C Detection
AV, IPS, Web Filtering
Additional Services
24x7 Support
Via API only
3-5 minutes
CentralizedCentralized
3-5 minutes
Centralized
3-5 minutes
Centralized
3-5 minutes
Centralized
3-5 minutes
HARDWARE
500G1500G3000FPRIVATE/PUBLIC CLOUD
ORDER INFORMATION
The following table shows the SKUs for PaaS, VM subscriptions, and hardware appliances.
PaaS is simply licensed based on the capacity needed:
PAAS
Base
+1 Cloud Expansion (all supported OS)
+5 Cloud Expansion (all supported OS)
FortiCloud Premium (pre-requirement)
FC1-10-SACLP-433-01-DD
FC2-10-SACLP-433-01-DD
FC-15-CLDPS-219-02-DD
SKU
VM licensing is comprised of the base VM license combined with flexible expansion options:
VIRTUAL MACHINE
Base
Base License
Local VM Expansion and Add-Ons
+1 Microsoft Windows 10 VM License
+1 Microsoft Windows 11 VM License
1
+1 Microsoft Office 2019 License
+1 Microsoft Office 2021 License
2
+8 Custom VMs License
Cloud VM Expansion
+5 Cloud Expansion Windows
+2 Cloud Expansion MacOS
Subscriptions
Sandbox Threat Intelligence
FortiCare Premium Support Only
3
FC-10-FSV00-500-02-DD
FC-10-FSV00-248-02-DD
FC-10-FSA01-195-02-DD
FC-10-FSA01-192-02-DD
FSA-VM-WIN10-1
FSA-UPG-VM-WIN11-1
FSA-UPG-OFFICE2019-1
FSA-UPG-OFFICE2021-1
FSA-VM00-UPG-LIC-BYOL
FSA-VM00
SKU
1 Supported by FortiSandbox 4.4.0.
2 Supported by FortiSandbox 4.4.0.
3 For HA Cluster deployment setup, configured as a primary or secondary node used as a dispatcher only. Supported by FortiSandbox 4.2.1.
4
ORDERING GUIDE | FortiSandbox
Hardware can be purchased as fully-loaded bundles or customized as needed:
HARDWARE
Hardware Bundles
Local or Custom VM Base + Expansion Capacity
Hardware Bundle with Licensed VMs
2+12
FSA-500G
FSA-500G-UPG-WIN-LIC-2 (6)
FC-10-FS5HG-499-02-DD
FSA-500G
FSA-500G-UPG-LIC-BYOL
FC-10-FS5HG-499-02-DD
2+26
FSA-1500G
FSA-1500G-UPG-WIN-LIC-2 (13)
FC-10-FS15G-499-02-DD
FSA-1500G
FSA-1500G-UPG-LIC-BYOL
FC-10-FS15G-499-02-DD
8+64
FSA-3000F
FSA-3000F-UPG-LIC-32 (2)
FC-10-SA3KF-499-02-DD
FSA-3000F
FSA-3000F-UPG-LIC-BYOL
FC-10-SA3KF-499-02-DD
500G1500G3000F
Hardware Bundle with Custom VMs
Cloud VM Expansion
+5 Cloud Expansion Windows
Add-on Licenses
+1 Microsoft Windows 11 License
1
+1 Microsoft Office 2019 License
2
+1 Microsoft Office 2021 License
3
100-1000 Mailbox MTA License
1001-5000 Mailbox MTA License
5000+ Mailbox MTA License
Subscription
Renewal (Sandbox Threat Intelligence)
4
FC-10-FSA01-195-02-DD
FSA-UPG-HW-WIN11-1
FSA-UPG-OFFICE2019-1
FSA-UPG-OFFICE2021-1
FC1-10-FSA01-321-02-DD
FC2-10-FSA01-321-02-DD
FC3-10-FSA01-321-02-DD
FC-10-FS5HG-499-02-DDFC-10-FS15G-499-02-DDFC-10-SA3KF-499-02-DD
1 Supported by FortiSandbox 4.4.0.
2 Supported by FortiSandbox 4.2.1.
3 Supported by FortiSandbox 4.4.0.
4 Sandbox Threat Intelligence is a subscription service for Antivirus, IPS, Web Filtering, File Query, Industrial Security, Sandbox engine, plus 24x7 FortiCare.
FREQUENTLY ASKED QUESTIONS
What is the best strategy for sizing a sandbox deployment?
Following are suggested approaches when sizing the file throughput (files per hour):
• Estimate: based on FortiGate, FortiMail and FortiClient platform using average of actual customer submission count. See local CSEs for a sample report.
• Ideal: determined during POC or CTAP.
For best results, engage your regional CSEs. FortiSandbox supports clustering up to 99 devices to further increase VM capacity. See the FortiSandbox
Administration Guide.
What additional training services are available?
The following table summarizes training options for FortiSandbox:
TRAINING SERVICES
FortiSandbox Instructor Led Training
FortiSandbox On-demand Lab Access with a free self-paced course
FT-FSA
FT-FSA-LAB
Visit for more details
Copyright © 2023 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product
or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other
conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser
that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any
such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise
revise this publication without notice, and the most current version of the publication shall be applicable.
FSA-OG-R16-20231106
版权声明:本文标题:飞塔FortiSandbox订购指南说明书 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:https://www.elefans.com/dongtai/1721287235a869881.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论