You can configure your use of the service and view analyzed files' results. Cloud Sandbox submits files to FortiGuard for threat analysis. The SandBox tab collects information that the Cloud Sandbox service compiles. SandBoxing is available in both free and paid FortiGate Cloud subscriptions. The console also provides data on time, user, and location of the infected file for forensic analysis. The FortiGate Cloud console enables administrators to view the status of any suspicious files uploaded: pending, clean, malware, or unknown. The behaviors that FortiGate Cloud Analytics considers suspicious change depending on the current threat climate and other factors. The turnaround time on Cloud SandBoxing and AV submission ranges from ten minutes for automated SandBox detection to ten hours if FortiGuard Labs is involved.įortiGuard Labs considers a file suspicious if it exhibits some unusual behavior, yet does not contain a known virus. The next time the FortiGate updates its AV database it has the new signature. If the file exhibits risky behavior or is found to contain a virus, a new virus signature is created and added to the FortiGuard AV signature database.
Once uploaded, the file is executed and the resulting behavior analyzed for risk. In a proxy-based AV profile on a FortiGate, the administrator selects Inspect Suspicious Files with FortiGuard Analytics to enable a FortiGate to upload suspicious files to FortiGuard for analysis. Cloud Sandbox is a service that uploads and analyzes files that FortiGate antivirus (AV) marks as suspicious.
0 kommentar(er)
