DOCUMENT LIBRARY

EMS Administration Guide

Home FortiClient 6.0.8 EMS Administration Guide

6.0.8

Sandbox Detection

Sandbox Detection

Enable Sandbox Detection. Some options only display if you enable Advanced view. Enable or disable the eye icon to show or hide this feature from the end user in FortiClient. Configure the following options:

Options		Description
Sandbox Detection		Enable or disable Sandbox Detection.
Server
	FortiSandbox	Select the desired FortiSandbox from the list of FortiSandboxes configured on the Manage FortiSandboxes pane. See Managing FortiSandboxes.
	Wait for FortiSandbox Results before Allowing File Access	Have the endpoint user wait for FortiSandbox scanning results before being allowed access to files. Set the timeout in seconds. Disable to allow the endpoint user to access files before FortiSandbox results are provided.
	Deny Access to File When There Is No Sandbox Result	You have the option to: Deny Access to Downloaded Files If FortiSandbox Is Offline. Enter the Timeout value in seconds. File access is allowed if FortiSandbox results are not received when the timeout expires. Set to `-1` to infinitely restrict access to the file.
File Submission Options
	All Files Executed from Removable Media	Submit all files executed on removable media, such as USB drives, to FortiSandbox for analysis.
	All Files Executed from Mapped Network Drives	Submit all files executed from mapped network drives.
	All Web Downloads	Submit all web downloads.
	All Email Downloads	Submit all email downloads.
Remediation Actions
	Action	Choose Quarantine or Alert & Notify for infected files.
Exceptions
	Exclude Files from Trusted Sources	Exclude submitting files signed by trusted sources. Following is a list of sources trusted by FortiSandbox: Microsoft Fortinet Mozilla Windows Google Skype Apple Yahoo! Intel
	Exclude Specified Folders/Files	Exclude specified folders/files. You must also create the exclusion list.

Previous

Next

Sandbox Detection

Sandbox Detection

Enable Sandbox Detection. Some options only display if you enable Advanced view. Enable or disable the eye icon to show or hide this feature from the end user in FortiClient. Configure the following options:

Options		Description
Sandbox Detection		Enable or disable Sandbox Detection.
Server
	FortiSandbox	Select the desired FortiSandbox from the list of FortiSandboxes configured on the Manage FortiSandboxes pane. See Managing FortiSandboxes.
	Wait for FortiSandbox Results before Allowing File Access	Have the endpoint user wait for FortiSandbox scanning results before being allowed access to files. Set the timeout in seconds. Disable to allow the endpoint user to access files before FortiSandbox results are provided.
	Deny Access to File When There Is No Sandbox Result	You have the option to: Deny Access to Downloaded Files If FortiSandbox Is Offline. Enter the Timeout value in seconds. File access is allowed if FortiSandbox results are not received when the timeout expires. Set to `-1` to infinitely restrict access to the file.
File Submission Options
	All Files Executed from Removable Media	Submit all files executed on removable media, such as USB drives, to FortiSandbox for analysis.
	All Files Executed from Mapped Network Drives	Submit all files executed from mapped network drives.
	All Web Downloads	Submit all web downloads.
	All Email Downloads	Submit all email downloads.
Remediation Actions
	Action	Choose Quarantine or Alert & Notify for infected files.
Exceptions
	Exclude Files from Trusted Sources	Exclude submitting files signed by trusted sources. Following is a list of sources trusted by FortiSandbox: Microsoft Fortinet Mozilla Windows Google Skype Apple Yahoo! Intel
	Exclude Specified Folders/Files	Exclude specified folders/files. You must also create the exclusion list.

Previous

Next