Fortinet black logo

Release Notes

Home FortiSandbox 4.0.0 Release Notes

New features and enhancements

4.0.0
4.4.5
4.4.4
4.4.3
4.4.2
4.4.1
4.4.0
4.2.7
4.2.6
4.2.5
4.2.4
4.2.3
4.2.2
4.2.1
4.2.0
4.0.5
4.0.4
4.0.3
4.0.2
4.0.1
4.0.0
3.2.4
3.2.3
3.2.2
3.2.1
3.2.0
3.1.5
3.1.4
3.1.3
3.1.2
3.1.1
3.1.0
3.0.7
3.0.6
3.0.5
3.0.4
3.0.3
3.0.2
3.0.1
3.0.0
Copy Link
Copy Doc ID 9cb106fe-998a-11eb-b70b-00505692583a:729476
Download PDF

New features and enhancements

The following is summary of new features and enhancements in version 4.0.0. For details, see the FortiSandbox4.0.0 Administration Guide in the Fortinet Document Library.

GUI

  • Redesigned menu layout and GUI Dashboard:
    • Implemented Connectivity and Services widget to show the operational status of the system.
    • Implemented Scan Performance widget to demonstrate the capabilities and capacity of the system.
    • Implemented Licenses widget to show the validity of contracts and services.
    • Implemented System Resources widget to show disk monitor information.
    • Implemented Favorites menu feature to customize and pick frequently used FortiSandbox features.

  • Introduced Cluster Management feature for administering HA-Cluster.
  • Implemented reset of FortiGuard setting to default.
  • Consolidated license upload of FSA-VM, Microsoft Windows, and Microsoft Office.
  • Display a warning message before downloading any samples or malicious content from FortiSandbox.
  • Display serial number or hostname if configured on the browser tab name.

Fabric integration

  • Implemented custom VM support in a separate Virtual Private Cloud (VPC) in AWS platform.
  • Implemented a separate port configuration for JSON REST API.
  • Implemented hostname on HTTP connect in the request URI of FortiGuard proxy.
  • Enhanced connectivity with FortiAnalyzer for secured logging.
  • Enhanced LDAP related configuration via JSON RPC API to list all configurations and include advanced fields.

Scan

  • Introduced new Adaptive Scan Profile feature that automatically adjusts the scan profile depending on the submission.
  • Introduced VM Scan Ratio feature that is a new scan logic to balance the efficiency by utilizing the VMs based on system load.
  • Introduced new dynamic scan module called PEXBox that emulates code for improved detection on Windows malware.
  • Introduced new Rating Engine Plus feature that utilizes the cloud's rating.
  • Implemented reset of prescan configuration back to default.
  • Implemented deletion of VM Job while on Interactive Scan.
  • Enhanced support on files with large filesize. Updated filesize limit and prescan CLI configuration.
  • Improved scan behavior and rating on websites that are not 200 OK, for example, not reachable, forbidden, and so on.
  • Improved scan flow for FortiMail Fabric Integration to return the result as soon as a known malware is detected.
  • Set the AI mode enabled by default for higher detection rate.
  • Implemented support for running multiple VM types at the same time for the same sample file or URL.

System & Security

  • Introduced an alert system for system health check when a threshold is reached.
  • Implemented FortiGuard as an available option for NTP server configuration.
  • Implemented support for configuring cluster IP on aggregate interface for the bandwidth and redundancy of file submission.
  • Implemented rescue mode feature on Hyper-V.
  • Merged support for FortiSandbox 3000F model.
  • Supported use of LACP interface on health check and MTA features.
  • Updated filename of backup configuration from device serial number to hostname.
  • Combined multiple rating engines for Windows, Android, and Linux into a single Sandbox Rating Engine.
    Tooltip

    Engines must be re-downloaded and might take several minutes. In HA-cluster, wait for each node to upgrade.

Logging & Reporting

  • Redesigned PDF report to add more information of the job, including:
    • List of extracted URLs and VM images.
    • Signature info of antivirus detection.
    • Job details information on BCC feature.
    • Snapshot of system information and Engine/DB versions.
    • Configuration of AI, embedded URL option, scan timeout, and Windows Cloud VM region.
    • Reference link to VirusTotal reference.
  • Implemented the Malware category field in the job event logs.
  • Implemented detected malware name in the Suspicious Indicator Detail table.
  • Implemented VM Category on the report as Default, Optional, or Custom.
  • Implemented submit condition to VM Scan either by Scan Profile or new Scan Ratio; added to Job details report changes.
  • Implemented logging of scan performance.

CLI

  • Implemented CLI configuration for prescan module called prescan-config.
  • Enhanced tac-report debug CLI command to include 4.0 features and to collectively run diagnose cli commands for monitoring and troubleshooting.
  • Enhanced test-network debug CLI command to check network speed.
  • Enhanced debug CLI command test-network to verify not only the cloud query but also cloud submission as part of the Community Cloud feature.
  • Enhanced status CLI command to show the file system state of the boot and data disks.
  • Display serial number or hostname if configured in the command prompt.
  • Renamed admin-pwd-reset CLI command to reset-admin-pwd.
Previous
Next

New features and enhancements

The following is summary of new features and enhancements in version 4.0.0. For details, see the FortiSandbox4.0.0 Administration Guide in the Fortinet Document Library.

GUI

  • Redesigned menu layout and GUI Dashboard:
    • Implemented Connectivity and Services widget to show the operational status of the system.
    • Implemented Scan Performance widget to demonstrate the capabilities and capacity of the system.
    • Implemented Licenses widget to show the validity of contracts and services.
    • Implemented System Resources widget to show disk monitor information.
    • Implemented Favorites menu feature to customize and pick frequently used FortiSandbox features.

  • Introduced Cluster Management feature for administering HA-Cluster.
  • Implemented reset of FortiGuard setting to default.
  • Consolidated license upload of FSA-VM, Microsoft Windows, and Microsoft Office.
  • Display a warning message before downloading any samples or malicious content from FortiSandbox.
  • Display serial number or hostname if configured on the browser tab name.

Fabric integration

  • Implemented custom VM support in a separate Virtual Private Cloud (VPC) in AWS platform.
  • Implemented a separate port configuration for JSON REST API.
  • Implemented hostname on HTTP connect in the request URI of FortiGuard proxy.
  • Enhanced connectivity with FortiAnalyzer for secured logging.
  • Enhanced LDAP related configuration via JSON RPC API to list all configurations and include advanced fields.

Scan

  • Introduced new Adaptive Scan Profile feature that automatically adjusts the scan profile depending on the submission.
  • Introduced VM Scan Ratio feature that is a new scan logic to balance the efficiency by utilizing the VMs based on system load.
  • Introduced new dynamic scan module called PEXBox that emulates code for improved detection on Windows malware.
  • Introduced new Rating Engine Plus feature that utilizes the cloud's rating.
  • Implemented reset of prescan configuration back to default.
  • Implemented deletion of VM Job while on Interactive Scan.
  • Enhanced support on files with large filesize. Updated filesize limit and prescan CLI configuration.
  • Improved scan behavior and rating on websites that are not 200 OK, for example, not reachable, forbidden, and so on.
  • Improved scan flow for FortiMail Fabric Integration to return the result as soon as a known malware is detected.
  • Set the AI mode enabled by default for higher detection rate.
  • Implemented support for running multiple VM types at the same time for the same sample file or URL.

System & Security

  • Introduced an alert system for system health check when a threshold is reached.
  • Implemented FortiGuard as an available option for NTP server configuration.
  • Implemented support for configuring cluster IP on aggregate interface for the bandwidth and redundancy of file submission.
  • Implemented rescue mode feature on Hyper-V.
  • Merged support for FortiSandbox 3000F model.
  • Supported use of LACP interface on health check and MTA features.
  • Updated filename of backup configuration from device serial number to hostname.
  • Combined multiple rating engines for Windows, Android, and Linux into a single Sandbox Rating Engine.
    Tooltip

    Engines must be re-downloaded and might take several minutes. In HA-cluster, wait for each node to upgrade.

Logging & Reporting

  • Redesigned PDF report to add more information of the job, including:
    • List of extracted URLs and VM images.
    • Signature info of antivirus detection.
    • Job details information on BCC feature.
    • Snapshot of system information and Engine/DB versions.
    • Configuration of AI, embedded URL option, scan timeout, and Windows Cloud VM region.
    • Reference link to VirusTotal reference.
  • Implemented the Malware category field in the job event logs.
  • Implemented detected malware name in the Suspicious Indicator Detail table.
  • Implemented VM Category on the report as Default, Optional, or Custom.
  • Implemented submit condition to VM Scan either by Scan Profile or new Scan Ratio; added to Job details report changes.
  • Implemented logging of scan performance.

CLI

  • Implemented CLI configuration for prescan module called prescan-config.
  • Enhanced tac-report debug CLI command to include 4.0 features and to collectively run diagnose cli commands for monitoring and troubleshooting.
  • Enhanced test-network debug CLI command to check network speed.
  • Enhanced debug CLI command test-network to verify not only the cloud query but also cloud submission as part of the Community Cloud feature.
  • Enhanced status CLI command to show the file system state of the boot and data disks.
  • Display serial number or hostname if configured in the command prompt.
  • Renamed admin-pwd-reset CLI command to reset-admin-pwd.
Previous
Next