Fortinet black logo

Administration Guide

FortiGate devices

Copy Link
Copy Doc ID a5cce35c-eec7-11ea-96b9-00505692583a:356473
Download PDF

FortiGate devices

To verify the FortiGate is connected to FortiSandbox:

On your FortiSandbox device, go to Scan Input > Devices. Your FortiGate device and VDOMs will be listed on this page.

The communication protocol does not include a way for the FortiGate to notify FortiSandbox whether VDOMs are enabled. When VDOMs are disabled on the FortiGate, the files received from the FortiGate will be marked with vdom=root.

Since the FortiGate does not explicitly send a list of possible VDOMs to FortiSandbox, the FortiSandbox only learns about a VDOM once it receives a file associated with it. Each of the devices VDOMs listed on this page will only displayed after the first file has been received from that specific VDOM.

If VDOMs are enabled on your FortiGate, you can select the checkbox to have new VDOMs inherit authorization based on the device level setting. If the FortiGate authorization is disabled, all VDOMs under it will not be authorized even if authorization is enabled for a VDOM.

To edit FortiGate settings in FortiSandbox:
  1. On your FortiSandbox device, go to Scan Input > Device.

    This page lists all FortiGate devices and VDOMs.

  2. Click the device name to open the Edit FortiGate Settings page.
  3. Edit the following settings and then click OK.

    Device Status

    Serial Number

    The device serial number is displayed.

    Alias

    The host name of the FortiGate unit. This is a read-only value.

    IP

    The IP address of the FortiGate is displayed.

    Status

    The status of the device, either connected or not connected. This field cannot be edited.

    Last Modified

    The date and time that the FortiGate settings were last changed is displayed.

    Last Seen

    The date and time that the FortiGate last connected to the FortiSandbox is displayed.

    Permissions

    Authorized

    Select the checkbox to authorize the FortiGate device. If this field is not checked, files sent from the FortiGate will be dropped.

    The date and time that the authorization status was changed is displayed.

    New VDOMs/Domains inherit authorization

    Select the checkbox to have new VDOMs inherit the authorization setting configured at the device level.

    Email Settings

    Administrator Email

    The email address entered in the Notifier Email field configured on the FortiGate device at System > Config > FortiSandbox. You cannot edit this field on the FortiSandbox.

    Send Notifications

    Select the checkbox to send notifications. When notifications are enabled, you will receive email notifications when a file from your environment has been detected as potential malware. The email will contain a link to the scan job details page.

    To receive notification emails, you must configure a mail server and enable Send a notification email to the Device/Domain/Vdom email list when Files/URLs with selected rating are detected in System > Mail Server. Otherwise, a warning icon is displayed.

    Send Reports

    Select the checkbox to send job detail PDF reports. To receive reports and define report generation frequency, you must configure the mail server and enable Send scheduled PDF report about an individual VDOM/Domain to its email address in System > Mail Server. Otherwise, a warning icon displays.

To edit VDOM settings:
  1. On your FortiSandbox device, go to Scan Input > Device.

    This page lists all FortiGate devices and VDOMs.

  2. Click the VDOM name.
  3. Edit the following settings and then click OK.

    Device Status

    Domain/VDOM

    The device VDOM name. This field cannot be edited.

    Alias

    VDOM name is in the Device Name: VDOM name format.

    IP

    The IP address of the FortiGate. This field cannot be edited.

    Status

    The status of the device, either connected or not connected. This field cannot be edited.

    Files Transmitted

    The total number of files transmitted to FortiSandbox in the last seven days.

    Last Modified

    The date and time that the authorization status was changed. This field cannot be edited.

    Last Seen

    The date and time that the FortiGate VDOM last connected to the FortiSandbox. This field cannot be edited.

    Permissions & Policy

    Authorized

    Select the checkbox to authorize the FortiGate VDOM.

    Submission Limitation

    Limit the VDOM submission speed. Specify the number of submissions per Hour, Day, or Unlimited.

    When limitation is reached, FSA will send a signal to FGT to stop file submission. This will save resources on both sides.

    Email Settings

    If this field is checked, when submission limitation is reached, an alert email will be sent to VDOM email address. A mail server should be configured.

    Email

    Enter the Administrator Email address for the VDOM, separated by a comma.

    Send Notifications

    Select checkbox to send notifications when viruses or malware from this VDOM is detected.

    To receive notification emails, you must configure a mail server and enable Send a notification email to the Device/Domain/Vdom email list when Files/URLs with selected rating are detected in System > Mail Server. Otherwise, a warning icon is displayed.

    Send PDF Reports

    Select checkbox to send PDF reports of jobs. To receive reports and define report generation frequency, you must configure System > Mail Server page. Also the Send scheduled PDF report about an individual VDOM/Domain to its email address in that page should be checked. Otherwise, a warning icon is displayed.

    Send Reach Limit Alert Email

    When checked, an alert email is sent to the VDOM email address when limitation is reached.

FortiGate devices

To verify the FortiGate is connected to FortiSandbox:

On your FortiSandbox device, go to Scan Input > Devices. Your FortiGate device and VDOMs will be listed on this page.

The communication protocol does not include a way for the FortiGate to notify FortiSandbox whether VDOMs are enabled. When VDOMs are disabled on the FortiGate, the files received from the FortiGate will be marked with vdom=root.

Since the FortiGate does not explicitly send a list of possible VDOMs to FortiSandbox, the FortiSandbox only learns about a VDOM once it receives a file associated with it. Each of the devices VDOMs listed on this page will only displayed after the first file has been received from that specific VDOM.

If VDOMs are enabled on your FortiGate, you can select the checkbox to have new VDOMs inherit authorization based on the device level setting. If the FortiGate authorization is disabled, all VDOMs under it will not be authorized even if authorization is enabled for a VDOM.

To edit FortiGate settings in FortiSandbox:
  1. On your FortiSandbox device, go to Scan Input > Device.

    This page lists all FortiGate devices and VDOMs.

  2. Click the device name to open the Edit FortiGate Settings page.
  3. Edit the following settings and then click OK.

    Device Status

    Serial Number

    The device serial number is displayed.

    Alias

    The host name of the FortiGate unit. This is a read-only value.

    IP

    The IP address of the FortiGate is displayed.

    Status

    The status of the device, either connected or not connected. This field cannot be edited.

    Last Modified

    The date and time that the FortiGate settings were last changed is displayed.

    Last Seen

    The date and time that the FortiGate last connected to the FortiSandbox is displayed.

    Permissions

    Authorized

    Select the checkbox to authorize the FortiGate device. If this field is not checked, files sent from the FortiGate will be dropped.

    The date and time that the authorization status was changed is displayed.

    New VDOMs/Domains inherit authorization

    Select the checkbox to have new VDOMs inherit the authorization setting configured at the device level.

    Email Settings

    Administrator Email

    The email address entered in the Notifier Email field configured on the FortiGate device at System > Config > FortiSandbox. You cannot edit this field on the FortiSandbox.

    Send Notifications

    Select the checkbox to send notifications. When notifications are enabled, you will receive email notifications when a file from your environment has been detected as potential malware. The email will contain a link to the scan job details page.

    To receive notification emails, you must configure a mail server and enable Send a notification email to the Device/Domain/Vdom email list when Files/URLs with selected rating are detected in System > Mail Server. Otherwise, a warning icon is displayed.

    Send Reports

    Select the checkbox to send job detail PDF reports. To receive reports and define report generation frequency, you must configure the mail server and enable Send scheduled PDF report about an individual VDOM/Domain to its email address in System > Mail Server. Otherwise, a warning icon displays.

To edit VDOM settings:
  1. On your FortiSandbox device, go to Scan Input > Device.

    This page lists all FortiGate devices and VDOMs.

  2. Click the VDOM name.
  3. Edit the following settings and then click OK.

    Device Status

    Domain/VDOM

    The device VDOM name. This field cannot be edited.

    Alias

    VDOM name is in the Device Name: VDOM name format.

    IP

    The IP address of the FortiGate. This field cannot be edited.

    Status

    The status of the device, either connected or not connected. This field cannot be edited.

    Files Transmitted

    The total number of files transmitted to FortiSandbox in the last seven days.

    Last Modified

    The date and time that the authorization status was changed. This field cannot be edited.

    Last Seen

    The date and time that the FortiGate VDOM last connected to the FortiSandbox. This field cannot be edited.

    Permissions & Policy

    Authorized

    Select the checkbox to authorize the FortiGate VDOM.

    Submission Limitation

    Limit the VDOM submission speed. Specify the number of submissions per Hour, Day, or Unlimited.

    When limitation is reached, FSA will send a signal to FGT to stop file submission. This will save resources on both sides.

    Email Settings

    If this field is checked, when submission limitation is reached, an alert email will be sent to VDOM email address. A mail server should be configured.

    Email

    Enter the Administrator Email address for the VDOM, separated by a comma.

    Send Notifications

    Select checkbox to send notifications when viruses or malware from this VDOM is detected.

    To receive notification emails, you must configure a mail server and enable Send a notification email to the Device/Domain/Vdom email list when Files/URLs with selected rating are detected in System > Mail Server. Otherwise, a warning icon is displayed.

    Send PDF Reports

    Select checkbox to send PDF reports of jobs. To receive reports and define report generation frequency, you must configure System > Mail Server page. Also the Send scheduled PDF report about an individual VDOM/Domain to its email address in that page should be checked. Otherwise, a warning icon is displayed.

    Send Reach Limit Alert Email

    When checked, an alert email is sent to the VDOM email address when limitation is reached.