Appendix E - Create a Customized Virtual Machine Image Using Your Own ISO
The guest VM images published by Fortinet might not reflect the user's working environment. For example, on current Windows 8 and Windows 10 images, no Microsoft Office software is installed. FortiSandbox allows users to create their own guest image, install software running in their environment and upload the image to the unit to scan files. Specifically, users can create the guest image on top of their Golden Image or Master Image to best simulate their OS installations. This document provides step-by-step instructions on how to create and utilize them.
You can choose to use the VMs provided by Fortinet or create your own. If you would like to create a customized image using pre-configured VMs, see Appendix D - Create a Customized Virtual Machine Image Using Pre-Configured VMs.
There are seven steps to create a customized VM image using your own ISO:
1. Download and Install Oracle VM Virtual Box 5.0
2. Prepare the Operating System Installation Package
3. Create a Customized Image in Virtual Box
4. Install Software and Components on the Customized VM Image
5. Modify the VM Image Environment
6. Setup FortiSandbox Tracer Engine Launcher
7. Install the Customized VM Image to FortiSandbox and Apply It
1. Download and Install Oracle VM Virtual Box 5.0
VirtualBox 5.0 can be downloaded from https://fsavm.fortinet.net/vmtools/VirtualBox-5.0.26-108824-Win.exe. The checksum value can be found at https://fsavm.fortinet.net/vmtools/md5.txt
For help with VirtualBox installation and troubleshooting, please refer to The Virtual Box Manual.
|
VirtualBox is an open source software and licensed under GNU General Public License V2 license. The detailed information of its license can be found at https://www.virtualbox.org/wiki/Licensing_FAQ. Mac OS is not supported. |
2. Prepare the Operating System Installation Package
In FortiSandbox 3.0.3, the following operating systems can be used to build a customized VM image.
- Microsoft Windows XP 32 bit
- Microsoft Windows Server 2003 32 bit
- Microsoft Windows 7 32/64 bit
- Microsoft Windows 8.1 32/64 bit
- Microsoft Windows 10 32/64 bit
- Microsoft Windows Server 2008 32/64 bit
- Microsoft Windows Server 2012 64 bit
- Microsoft Windows Server 2016 64 bit
The installation package of above operating systems should be packaged as an ISO file. The ISO file should be copied to the host installed with VirtualBox.
|
|
The Windows Operating System is available from Microsoft and Microsoft Channel Partners. Fortinet does not provide their installation package, their support or their license rights. |
|
|
To support 64-bit operating systems, hardware virtualization must be enabled on motherboard BIOS on the host installed with VirtualBox. |
3. Create a Customized Image in Virtual Box
- Launch Virtual Box and click New.
- Enter a meaningful name for the new image. The name cannot be more than 15 characters.
In the Type field > Microsoft Windows > select the OS version.
The following VM image names are reserved by Fortinet and should not be used by customized images.
- WINXPVM
- WINXPVM1
- WIN7X86VM
- WIN7X64VM
- WIN7X64SP1
- WIN7X86SP1O16
- WIN7X86VMO16
- WIN8X64VMO16
- WIN81X86VM
- WIN81X64VM
- WIN81X64VMO16
- WIN10X86VM
- WIN10X64VM
- WIN10X64VMO16
- Click Next.
- In the Memory Size page, allocate the base memory size.
Windows XP, Windows Server 2003 32 bit
512MB
Windows 7, 8, 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2016
1024MB
- Click Next.
- In the Hard Drive page, select Create a virtual hard drive now and click Create.
- In the Hard drive file type page, select VirtualBox Disk Image (.vdi) format. Click Next.
- In the Storage on physical hard drive page, select Dynamically allocated. Click Next.
- In the File location and size page, set the path of the virtual disk file (optionally) and allocation 20GB virtual disk size for the VM. Click Create. The VM will be created and will appear in the left pane.
- Click the Settings button or right click on the VM image name to configure the VM image settings defined below:
- Go to General > Advanced, and apply the following settings:
- Go to System > Motherboard, and apply the following settings:
For Windows XP and Windows Server 2003 32 bit:
For Windows 7, Server 2008, 8, 10, Server 2012, Server 2016:
Processor Tab
Processor(s)
1
Execution Cap
100
Enable PAE/NX
Check the box
Acceleration Tab
Enable VT-x/AMD-C
Check the box
Enable Nested Paging
Check the box
- Go to Display, keep the default settings.
- Go to Storage, and apply the following settings:
If the operating system is Windows XP or Windows Server 2003 32 bit:
- Click Controller: IDE, set Type to PIIX 4 and enable Use host I/O cache.
- Click on the Empty Optical Drive node, make sure the CD/DVD Drive is set as the IDE Secondary Master.
- Click the
icon > Choose a virtual CD/DVD disk file, select the ISO file containing the operating system installation package.
If the operating system is Windows 7, Server 2008, 8, 10, Server 2012, Server 2016:
- Click Controller: SATA node, right click > Remove Controller to remove it.
- Right click in the Storage Tree panel, and choose Add IDE Controller.
- Click the
Add Hard Disk icon. The following prompt will appear:
- Click Choose Existing Disk and select the virtual disk file (*.vdi) that was created in the previous steps.
- Click Controller: IDE, set Type to PIIX4, and enable Use host I/O cache.
- Click on the Empty Optical Drive node, make sure the CD/DVD Drive is set as the IDE Secondary Master.
- Click the icon > Choose a virtual CD/DVD disk file, select the ISO file containing the operating system installation package.
- Go to Audio, and uncheck the Enable Audio checkbox.
- Go to Network, and apply the following settings:
If the operating system is Windows XP or Windows Server 2003 32 bit:
Adapter 1 Tab
Check the box
Attached to
NAT
Adapter Type
Intel PRO/1000T Server (82543GC)
Cable Connected
Check the box
Adapter 2 Tab
Network Adapter
Check the box
Attached to
NAT
Adapter Type
Intel PRO/1000T Server (82543GC)
Cable Connected
Check the box
If the Operating System is Windows 7, Server 2008, 8, 10, Server 2012, or Server 2016:
Adapter 1 Tab
Network Adapter
Check the box
Attached to
NAT
Adapter Type
Intel PRO/1000MT Server (82545EM)
Cable Connected
Check the box
Adapter 2 Tab
Network Adapter
Check the box
Attached to
NAT
Adapter Type
Intel PRO/1000MT Server (82545EM)
Cable Connected
Check the box
- Go to Serial Ports, keep the default settings.
- Go to USB, uncheck the Enable USB Controller checkbox.
- Go to Shared Folders, make sure no shared folders exist.
- Go to General > Advanced, and apply the following settings:
- Click OK to apply the settings.
- In the VirtualBox Manager page, click the
icon to turn on the image. The operating system will start installing. Follow the on-screen instructions to complete the installation.
4. Install Software and Components on the Customized VM Image
After a customized VM image is installed, the user can install applications and components required in their environment. They can be but not limited to the following list:
- .Net Framework
- Microsoft Office suite
- Adobe Acrobat Reader
There are two ways to install them:
- Put their installers on a computer in management network that VM image can download through http, ftp protocols or network share. This requires network settings of VM image to be configured to access hosting computer.
- Package their installation package as an ISO file in the VirtualBox Manager, select the VM image, click Settings button or right click on the VM image name to open Settings page.
Go to the Storage page > Empty optical drive node > disk icon > Chose a virtual CD/DVD disk file, select the ISO file. Then inside the VM image, go to drive D to install the software.
|
After installation of a software or component, go to Control Panel > Add or Remove Programs on Windows XP or Windows Server 2003 32 bit or Control Panel > Programs and Features in Windows 7, Server 2008, 8, Server 2012, Server 2016 and 10 to verify that the installation is successful. |
|
|
Automatic update of software should be disabled. For details, please refer to software's manual. For example, to disable automatic update on Acrobat Adobe Reader, refer to https://helpx.adobe.com/acrobat/kb/automatic-updates---acrobat-reader.html |
Use a text editor and create a meta file, enter in the installed applications for this VM image. The meta file will be used later and its content is displayed in the Scan Profile > Installed Applications of FortiSandbox.
|
|
Certain software needs to be configured to associate with the file types as the default application. For example, Adobe Reader needs to be launched after installation to be the default PDF application. |
|
|
All applications that are used during a job scan should be launched after installation to finish their initialization. This is especially important for software like web browsers such as Internet Explorer, Adobe Reader and Microsoft Office software. |
For Windows 10, the default web browser is Windows Edge which FortiSandbox does not currently support. It is recommended to change the default web browser to be Internet Explorer. To do that:
- Go to Start > Settings > System > Default apps.
- Click Web Browser in the right pane and select Internet Explorer.
|
|
Windows OS and other installed software should be activated. Fortinet is not responsible for software's support and their license rights. |
5. Modify the VM Image Environment
If the operating system is Windows XP or Windows Server 2003 32 bit:
- Go to Control Panel >Security Center and disable Windows Automatic Updates.
- Disable any installed antivirus software.
- Navigate to the Start Menu > right click on My computer > click Properties.
In Hardware tab, click Driver Signing button and select Ignore – Install the software anyway and don't ask for my approval.
In Advanced tab, click the Error Reporting button and check Disable the Error Reporting function. Also, uncheck But notify me when critical errors occur.
In System Restore tab, make sure the System Restore function is off.
- Make sure the built-in Administrator account is enabled. Open a command prompt and execute
net user Administrator /active: yes. - Setup Administrator auto-login:
- Open a command prompt and enter
control userpasswords2. This will open the User Accounts page. - Uncheck Users must enter a user name and password to use this computer to ensure the Administrator has automatic login privileges
- Click Apply.
- Use Administrator as the login account, password is optional.
- Go to the User Accounts > Advanced tab.
- Under Advanced User Manager > click the Advanced button to open the
lusrmgrpage. - Click the Users folder to select the Administrator and edit its properties.
- Make sure its password never expires.
For steps 4 and 5, the name of the Administrator account should be the localized version. For example, if the OS language is English, the name is Administrator; if the OS language is French, the name is Administrateur. Use the table below for reference.
Language
Administrator Name
Finnish Järjestelmänvalvoja French Administrateur Hungarian Rendszergazda Portuguese (Brazil) Administrador Portuguese (Portugal) Administrador Russian ÐдминиÑÑ‚ÑÐ°Ñ‚Ð¾Ñ Spanish
Administrador
Swedish
Administratör
- Open a command prompt and enter
- Open a command prompt and enter
powercfg –h offto disable host hibernation if it is supported. - Go to Control Panel > Display Properties, navigate to Screen Saver tab and select None from the Screen Saver dropdown menu.
- Go to Control Panel > Network Connection, and rename the following:
Local Area Connection 1
renamed to:
eth0Local Area Connection 2
renamed to:
eth1If there are network devices already named as
eth0andeth1, change them to different names first.The exact names showing in Network Connection page might not be Local Area Connection 1 or Local Area Connection 2. You may might need to swap
eth0andeth1names to make the customized image to work on FortiSandbox.If system doesn't allow rename to
eth0oreth1with messages like connectioneth0oreth1already exists, but they are not showing up in Network Connections page: - Go to the Start menu, execute Run¦ and enter
%TEMP%. This will open the%TEMP%folder. Delete everything in the folder.To maximize catch rate, it is recommended the Windows Firewall is disabled. To do that, go to Control Panel > Security Center > Windows Firewall and turn it off.
If the operating system is Windows 7 or Server 2008:
- Turn off Windows automatic update. Go to Control Panel > System and Security > Windows Update > Change. From the dropdown menu, select Never check for updates.
- Disable Windows Defender or any installed antivirus software. Go to Start menu and type Windows Defender to locate and launch it. Click Tools > Options > Administrator, uncheck Use this program check box, click Save.
- Go to Control Panel > System and Security > Action Center > Change Action Center settings, uncheck every item. Click Problem Reporting settings, check Never check for solution.
- Run a command prompt as the Administrator and enter
powercfg –h offto disable host hibernation. - Go to Control Panel > Appearance and Personalization > Change screen saver, select (None) from the Screen Saver dropdown list.
- Make sure Administrator account is enabled. Go to the Start menu, search command prompt. Right click on it and launch it as the Administrator. Execute
net user Administrator /active: yes. - Setup auto-login for the Administrator account.
- Open a command prompt and type in
control userpasswords2. This will open the User Accounts page. - Make sure the Administrator account has the automatically login privilege by un-checking option Users must enter a user name and password to use this computer.
- Click Apply.
- Use Administrator as the login account, and setup the password.
- Go to User Accounts > Advanced tab.
- Under the User Accounts > Advanced tab > Advanced User Management > click the Advanced button button to open the
lusrmgrpage. - Click on the Users Folder to select Administrator and edit its properties.
- Make sure its password never expires.
For steps 6 and 7, the name of the Administrator account should be the localized version. For example, if the OS language is English, the name is Administrator; if the OS language is French, the name is Administrateur. Use the table below for reference.
Language
Administrator Name
Finnish Järjestelmänvalvoja French Administrateur Hungarian Rendszergazda Portuguese (Brazil) Administrador Portuguese (Portugal) Administrador Russian ÐдминиÑÑ‚ÑÐ°Ñ‚Ð¾Ñ Spanish
Administrador
Swedish
Administratör
- Open a command prompt and type in
- Go to Control Panel > Network and Internet > Network and Sharing Center > Change Adapter settings, rename the following:
Ethernet 1
renamed to:
eth0Ethernet 2
renamed to:
eth1If there are network devices already named as
eth0andeth1, change them to different names first.The exact names showing in Network Connection page might not be Local Area Connection 1 or Local Area Connection 2. You may might need to swap
eth0andeth1names to make the customized image to work on FortiSandbox.If system doesn't allow rename to
eth0oreth1with messages like connectioneth0oreth1already exists, but they are not showing up in Network Connections page,a. Click Start > Run, type
cmd.exe, and then press ENTER.b. Type
set devmgr_show_nonpresent_devices=1, and then press ENTER.c. Type
Start DEVMGMT.MSC, and then press ENTER.d. Click View > Show Hidden Devices. Expand the Network Adapters tree. Right-click the greyed out network adapters, and click Uninstall.
- Go to the Start menu, execute Run¦ and enter
%TEMP%. This will open the%TEMP%folder. Delete everything in the folder to save disk space. - If the Windows Firewall is on, go to Control Panel > System and Security > Windows Firewall > Advanced Settings. If the Windows Firewall is off, the following steps are not necessary:
- Click on Inbound Rules > Add New Rule > click Program.
- Check This Program Path and type:
c:\Windows\System32\ftp.exe. Then, click Next. - Check Allow the Connection, then click Next.
- Provide a name for the rule such as Allow FTP.
- Click Finish.
Follow these steps to create Outbound Rules for the same executable.
To maximize the catch rate, it is recommended to configure the following settings:
-
Turn off Windows Firewall
Go to Control Panel > System and Security > Windows Firewall > Customize Settings page and turn it off for both private and public networks.
-
Turn off UAC (User Account Control Settings)
Search for UAC in Start menu, open the Change the User Account Control Setting, move the slider to Never, click OK.
-
Use public profile for all unidentified networks
Go to Control Panel > System and Security > Administrative Tools > Local Security Policy > Network List Manager Policies > right click on Unidentified Networks > Properties, change Location Type to Public, click OK.
-
Turn off system protection for hard drive
Go to the Start menu, right click on Computer > Properties > System protection > System Protection tab > Protection Settings > Local Disk (C:) > Configure, check Turn off system protection, click OK.
-
Turn off Windows Firewall
- If the Windows Firewall is off, execute the following commands in the command prompt:
sc config mpssvc start= demand
sc config wscsvc start= demand
net start wscsvc
net start mpssvc
netsh firewall set opmode disable
netsh advfirewall set allprofiles state off
The warning message about
netsh firewallcan be ignored
If the operating system is Windows 8, Server 2012, or Server 2016:
- Turn off Windows automatic update. Go to Control Panel > System and Security > Windows Update > Change Settings. Change the dropdown menu to Never Check for Updates.
- If the operating system is Windows 8, disable Windows Defender or any installed antivirus software. Go to the Start menu and type Windows Defender to locate and launch the program. Go to Settings > Real Time Protection and uncheck the Turn on Real-Time Protection.
- In the Control Panel > System Security > Action Center page, expand the Maintenance section. Click on the settings under the Check for solutions to problem reports, select Never check for solution to disable the Action Center notifications. In the Action Center > Change Action Center Settings page, uncheck every item and click OK.
- Command prompt as Administrator and enter
powercfg-h offto disable the host hibernation. - Right click on the Desktop and select Personalize. Navigate to the Screen Saver settings. Change the Screen Saver dropdown list to None to disable the Screen Saver.
- Make sure the Administrator account is enabled. Go to the Start Menu and search for the Command Prompt. Right click on it and launch it as the Administrator. Execute
net user Administrator /active: yes. - Set up auto-login for the Administrator account.
- Open a command prompt and enter
control userpasswords2. The User Accounts page will open. - Make sure the Administrator has automatically login privilege enabled by unchecking the Users must enter a user name and password to use this computer option.
- Click Apply.
- User the Administrator as the login account and setup the password.
- Go to User Accounts > Advanced tab.
- Go to Advanced User Management > click the Advanced button to open the
lusrmgrpage. - Click on the Users folder, and select Administrator to edit its properties
- Make sure its password never expires.
For steps 6 and 7, the name of the Administrator account should be the localized version. For example, if the OS language is English, the name is Administrator; if the OS language is French, the name is Administrateur. Use the table below for reference.
Language
Administrator Name
Finnish Järjestelmänvalvoja French Administrateur Hungarian Rendszergazda Portuguese (Brazil) Administrador Portuguese (Portugal) Administrador Russian ÐдминиÑÑ‚ÑÐ°Ñ‚Ð¾Ñ Spanish
Administrador
Swedish
Administratör
- Open a command prompt and enter
- Go to Control Panel > Network and Internet > Network Sharing > Change Adapter settings, rename the following:
Ethernet 1
renamed to:
eth0Ethernet 2
renamed to:
eth1If there are network devices already named as
eth0andeth1, change them to different names first.The exact names showing in Network Connection page might not be Local Area Connection 1 or Local Area Connection 2. You may might need to swap
eth0andeth1names to make the customized image to work on FortiSandbox.If system doesn't allow rename to
eth0oreth1with messages like connectioneth0oreth1already exists, but they are not showing up in Network Connections page,a. Click Start > Run, type
cmd.exe, and then press ENTER.b. Type
set devmgr_show_nonpresent_devices=1, and then press ENTER.c. Type
Start DEVMGMT.MSC, and then press ENTER.d. Click View > Show Hidden Devices. Expand the Network Adapters tree. Right-click the greyed out network adapters, and click Uninstall.
- Go to Start menu > enter Run...> enter
%TEMP%and press enter. The%TEMP%folder will appear. Delete everything in the folder. - Go to Control Panel > Appearance and Personalization > Taskbar and Navigation.
- In the Navigation tab, check When I sign in or close all apps on a screen, go to the desktop instead of start in the Start screen area checkbox. click OK to save the change.
To maximize the catch rate, it is recommended to configure the following settings:
-
Turn off Windows Firewall
Go to Control Panel > Windows Firewall. Select Turn off Windows Firewall for both public and private networks.
-
Turn off UAC (User Account Control Settings)
Search for UAC in Start menu, open the Change the User Account Control Setting, move the slider to Never, click OK.
-
If the operating system is Windows 8, use public profile for all unidentified networks
Go to Control Panel > System and Security > Administrative Tools > Local Security Policy > Network List Manager Policies > right click on Unidentified Networks > Properties, change Location Type to Public, click OK.
-
If the operating system is Windows 8, turn off system protection for hard drive
Go to Control Panel > System and Security > System, click Change Settings next to the Computer name, domain and workgroup settings section. Navigate to System Protection tab, select Configure..., and select Disable system protection.
-
Turn off Windows Firewall
- If the Windows Firewall is turned off, execute the following commands in the command prompt:
sc config mpssvc start= demand
sc config wscsvc start= demand (remove this line for Server 2012 and Server 2016 OS)
net start wscsvc (remove this line for Server 2012 and Server 2016 OS)
net start mpssvc
netsh firewall set opmode disable
netsh advfirewall set allprofiles state off
The warning message about
netsh firewallcan be ignored.
If the operating system is Windows 10:
- Disable Windows Defender or any installed antivirus software. Go to the Start > type Windows Defender to locate and launch the program. Go to Settings > Real-Time Protection and uncheck Turn on Real-Time Protection.
- Go to Start >execute Run... and enter
gpedit.mscand click OK. The Local Group Policy Editor will open. - In the left pane, go to Computer Configuration > Administrative Templates > Windows Components > Windows Defender. In the right pane, double click on the Turn off Windows Defender policy to edit it. Click OK to save the change.
- Go to Start > Settings > System > Notifications & Actions. Turn off all notifications.
- Open a command rompt as the Administrator, enter
powercfg-h offto disable hibernation. - Right click on the Desktop and select Personalize. Navigate to the Screen Saver setting and change the Screen Saver dropdown list to None to disable the Screen Saver.
- Make sure the Administrator account is enabled. Go to Start > search Command Prompt > right click on the application to launch it as the Administrator. Execute
net user Administrator /active: yes. - Setup auto-login for the Administrator account.
- Open the command prompt and type in
control userpasswords2. The User Accounts page will appear. - Make sure the Administrator account automatically login privilege enabled by unchecking the Users must enter a user name and password to use this computer option.
- Click Apply.
- Use Administrator as the login account; the password is optional.
- Go to Users Accounts > Advanced tab.
- Go to Advanced User Management > click the Advanced button to launch the
lusrmgrpage. - Click on the Users folder to select the Administrator to edit its properties.
- Make sure its password never expires.
For steps 7 and 8, the name of the Administrator account should be the localized version. For example, if the OS language is English, the name is Administrator; if the OS language is French, the name is Administrateur. Use the table below for reference.
Language
Administrator Name
Finnish Järjestelmänvalvoja French Administrateur Hungarian Rendszergazda Portuguese (Brazil) Administrador Portuguese (Portugal) Administrador Russian ÐдминиÑÑ‚ÑÐ°Ñ‚Ð¾Ñ Spanish
Administrador
Swedish
Administratör
- Open the command prompt and type in
- Go to Control Panel > Network and Internet > Network and Sharing Center > Change Adapter settings. Rename the following:
Ethernet 1
renamed to:
eth0Ethernet 2
renamed to:
eth1If there are network devices already named as
eth0andeth1, change them to different names first.The exact names showing in Network Connection page might not be Local Area Connection 1 or Local Area Connection 2. You may might need to swap
eth0andeth1names to make the customized image to work on FortiSandbox.If system doesn't allow rename to
eth0oreth1with messages like connectioneth0oreth1already exists, but they are not showing up in Network Connections page,- Click Start > Run, type
cmd.exe, and then press ENTER. - Type
set devmgr_show_nonpresent_devices=1, and then press ENTER. - Type
Start DEVMGMT.MSC, and then press ENTER. - Click View > Show Hidden Devices. Expand the Network Adapters tree. Right-click the greyed out network adapters, and click Uninstall.
- Click Start > Run, type
- Go to Start > execute Run... > enter
%TEMP%. The%TEMP%folder will appear. Delete everything in the folder.To maximize the catch rate, it is recommended to configure the following settings:
-
Turn off Windows Firewall
Go to Control Panel > System and Security > Windows Firewall. Select Turn off Windows Firewall for both public and private networks.
-
Turn off UAC (User Account Control Settings)
Search for UAC in Start menu, open the Change the User Account Control Setting, move the slider to Never, click OK.
-
Use public profile for all unidentified networks
Go to Control Panel > System and Security > Administrative Tools > Local Security Policy > Network List Manager Policies > right click on Unidentified Networks > Properties, change Location Type to Public, click OK.
-
Turn off system protection for hard drive
Go to Control Panel > System and Security > System, click Change Settings next to the Computer name, domain and workgroup settings section. Navigate to System Protection tab, select Configure..., and select Disable system protection.
-
Turn off Windows Firewall
- If Windows Firewall was turned off, execute the following commands in a command prompt:
sc config mpssvc start= demand
sc config wscsvc start= demand
net start wscsvc
net start mpssvc
netsh firewall set opmode disable
netsh advfirewall set allprofiles state off
The warning message about
netsh firewallcan be ignored
6. Setup FortiSandbox Tracer Engine Launcher
- Open an editor, such as Notepad and type in the following scripts:
@echo off
:checker
if not exist d:\launcher.bat (
echo Wait for d:\launcher.bat
rem sleep 5
ping -n 5 127.0.0.1 >nul
goto checker
)
start /min d:\launcher.bat
- Save the file as
autorun.baton your Desktop. - Find the
autorun.batfile on your Desktop, and Right-click > Cut. - On Windows XP and Windows 7 or Windows Server 2003 or 2008, go to Start > All Programs > Startup > Right-click > Open All Users. Windows Explorer will open. Paste the
autorun.batfile.On Windows 8 and Windows 10, go to Start > Run..., enter
shell:startupto open the startup folder. paste theautorun.batfile.The
D:\directory for theautorun.batfile is created after the VM image is uploaded.
7. Install the Customized VM Image to FortiSandbox and Apply It
- Put the VM image's
.vdifile and its meta file from Step 4 to a server that supportsftporscpprotocol. -
In the FortiSandbox CLI interface:
- execute CLI command
vm-customizedas follows:vm-customized -cn –t<ftp|scp> –s<server_ip> –u<username> -p<password> -f</vdi_file_path/vdi_file_name> -vo<Windows_type> –vn<custom_vm_name> -d<Machine uuid> -k<MD5_of_vdi_file_in_lowercase>
Tip:
Machine uuidcan be found in<Machine>section of.vbox fileof the image build directory, such asC:\Users\user_name\VirtualBox VMs\vm_name\ - If a customized VM image of the same name exists on the unit, the installation will fail. Go to the VM Image page and set its clone number to
0. Click Apply to disable existing images. Use–rto replace the existing one with new one. The Scan Profile settings for the image will be inherited. - The installation process can take up to one hour, depending on unit model and network speed. If installation fails or stops unexpectedly, execute the command again.
- It is optional to upload the meta file. The information in the meta file will be displayed in the Installed Applications area in Scan Profile page of the FortiSandbox. To install it, execute CLI command
vm-customizedas follows:vm-customized -cf -mproduct.list –t<ftp|scp> –s<server_ip> –u<username> -p<password> -f</meta_file_path/meta_file_name> –vn<custom_vm_name> -mproduct.list
The
custom_vm_nameshould be the same as step a. - The unit will reboot after installation.
- execute CLI command
- After unit reboots, user can enable it by setting up its clone number to be more than
0in the VM Image page and associate file types in the Scan Profile page to scan files.
For example, the above is a Windows 7 customized image. It has an image file editor called FastStone Image Viewer and it is associated to open JPG files. The user can create a User defined extension for JPG files and associate it to this customized image. Subsequently, all JPG files will be scanned by this customized image and opened by the FastStone Image Viewer.