Fortinet FortiSandbox VM
Multi-layer proactive threat mitigation
FortiSandbox is a key part of Fortinet’s integrated and automated Advanced Threat Protection solution. Recommended by NSS Labs, FortiSandbox is designed to detect and analyze advanced attacks designed to bypass traditional security defenses. In independent NSS Labs testing, FortiSandbox demonstrated 97.3% Breach Detection effectiveness and due to Fortinet’s unique multi-layered sandbox analysis approach detected the majority of threats within one minute.
FortiSandbox, secured by FortiGuard, offers inspection of all protocols and functions in one appliance. It can integrate with your existing Fortinet infrastructure including FortiGate, FortiMail, and FortiClient, fueling a security ecosystem that automatically protects, learns, and improves your overall threat protection. It delivers highly effective protection against advanced persistent threats that is affordable as well as simple and flexible to deploy and manage. Complement your established defenses with this cutting edge sandbox capability; analyzing files in a contained environment to identify previously unknown threats and uncovering the full attack lifecycle.
Highlights
- Protects against advanced threats: Scans files on the network, in emails, in URLs, in network file share locations, and on-demand. Protects against advanced email threats, Windows threats, Office threats, zip threats, pdf threats, mobile threats and more.
- Inspects across all Operating Environments: Code emulation examines and runs instruction sets to assess intended activity independent of operating environment for broader security coverage.
- Examines activity, rather than attributes: Executes objects within a secure virtual runtime environment (“sandbox”) to analyze activity- system changes, exploit efforts, site visits, subsequent downloads, botnet communications and more- to expose sophisticated threats.
- Pre-filters to deliver fast results: Leverages Fortinet’s proactive anti-malware (consistently top-rated in VB100 RAP tests) and extended database as well as additional patented advanced threat intelligence techniques to detect a large percentage of advanced threats without the time and effort of full “sandboxing”.
- Provides rich threat intelligence: Uncovers information related to the full threat lifecycle, not just initial code, to speed remediation. Trigger automated and manual response in other Fortinet products to mitigate incidents. Dynamically generate custom threat intelligence and distribute to supporting Fortinet products.
- Delivers Officially Licensed Microsoft Components: Product comes with Microsoft Windows, Internet Explorer, and Office embedded licenses, confirmed approved for use in virtual environments unlike other sandbox solutions.