Fortinet FortiSandbox Reviews

FortiSandbox is used to contain and prevent malware outbreaks. 

One of my clients was receiving malware in their email. Less than 1 percent of their email contained malware, but it was still too many. FortiSandbox prevented the malware from entering the broader network. FortiMail forwarded the files to be analyzed in FortiSandbox, which ran it on a Windows 10 machine with Office 365. The sandbox detected malicious behavior. One of the files tried to change the Windows registry, so FortiSandbox flagged it as malware and reported it to FortiMail, which blocked the email. 

FortiSandbox analyzes the behavior of processes in a sandbox environment, which is useful for threat hunting. The solution has an excellent standard configuration, and you can prioritize the types of files of VMs you want to analyze. It also integrates seamlessly with other Fortinet solutions, like FortiGate, FortiMail, and FortiEMS. 

It should be easier to import custom virtual machines. Some of the VMs that are in FortiSandbox don't have the applications that we have in our environment. We need to import a VM with specific applications that we use in our environment. Have all the licenses because this is a real environment. You need a license for the Windows client you run on it. It's possible to import custom VMs, but it's a pain to do it. I would like a tool that simplifies the process. 

We have used FortiSandbox for three years. 

FortiSandbox is pretty stable. I don't remember a time when it crashed. We've had to restart the VMs, but not the sandbox itself. 

There are limits to FortiSandbox because you must pay for a license for all the VMs you use.

The setup is straightforward. Yeah. You only need to install the VM and configure the two interfaces. We use one FortiSandbox for external requests and another internally. Sometimes, the malware tries to access something on the Internet. you can block it on the sandbox or allow it, so you can gather more information about what it is trying to do. 

But maybe you don't want the VM or the malware on the VM accessing the Internet from your environment. You need to configure that interface for that purpose. After that, you must authorize the FortiGate or the fabric devices on the FortiSandbox and create the VMs. If you are using the VMs Fortinet provides, you can download and provision them with one click. It will have the default configuration. The default policy may not work the way you intend, but it will protect out of the box. 

We've seen a return by preventing outbreaks and stopping zero-day threats. 

FortiSandbox is pricey because we need to purchase three licenses, including one for the cloud and an on-prem license. We also have a sandbox that comes with a FortiGate UTM license, but you don't have access to the VMs. However, you can access the malware timeline from the cloud and see the information about the FortiSandbox services. Still, It doesn't block the threat immediately. If you are downloading malware, FortiGate will send it to the FortiGate cloud sandbox, but the download will finish, and you'll have malware in your host. As soon as the sandbox returns a verdict on that file, it will be blocked on the next download attempt if it's malware.

I rate FortiSandbox 10 out of 10.

It's used to detect non-signature-based malware.

The product is great. It can be deployed on the cloud or on-premises. There's a virtual machine and a hardware appliance available, so it's quite versatile.

In future releases, it would be better if it had support for Mac and Linux.

We have been using this solution since its release.

It doesn't crash as often as other vendors' products. So, yeah, I think it's a good product.

It was pretty basic, nothing too complex.

It's not very expensive. I would rate it around a five or six, somewhere in the middle.

I would advise you to connect FortiSandbox with all available Fortinet appliances, such as the Endpoint Protection Suite, FortiGate firewall, FortiMail, and FortiWeb, as well as any other Fortinet appliance they have. It's important to ensure that the deployment is connected to the Sandbox.

Overall, I would rate the solution an eight out of ten. 

Fortinet FortiSandbox is a security-centric solution of Fortinet. The solution inspects all the predicted or suspicious files which are executed in the Fortinet FortiSandbox environment. It contains virtual machines of different types, such as Windows Server, and Windows Ubuntu. If the suspicious files are executed and there is an issue found. The user can request to discard it when the file is delivered to their system.

The solutions have extended our security posture which has helped the organization.

Fortinet FortiSandbox's most valuable feature is the security it provides against threats, such as ransomware. Additionally, it integrates well with APIs.

Fortinet FortiSandbox for approximately three years.

Fortinet FortiSandbox is scalable but you have to purchase additional licenses. 

Fortinet FortiSandbox is a network-based appliance and we have approximately 2,000 users being protected.

We do not plan to increase the usage of the solution because we are at capacity.

I rate the support from Fortinet FortiSandbox a five out of five.

Positive

I have not used another similar solution previously.

The initial setup of Fortinet FortiSandbox is complex. You cannot only deploy Fortinet FortiSandbox without deploying the stack of Fortinet solutions. The implementation and integration are challenging tasks with the device and placement in the network. We needed to do POC and offloading testing.

This is a cyber security solution, it has a very good ROI in terms of maintaining the reputation and user safety in cybersecurity.

The price of Fortinet FortiSandbox is not expensive. 

I did not evaluate other options.

The solution requires one security engineer with operational knowledge of the solution. However, they are not needed for a day to day activities, but for all the tuning, performance, and monitoring, one LC administrator is required.

I would recommend this solution to others. It is helpful for monitoring and protecting users from different kinds of attacks. I advise others to use the on-premise or cloud version.

I rate Fortinet FortiSandbox a ten out of ten.

We use Fortinet FortiSandbox for malware. Fortinet FortiSandbox is used before entering the firewall to extract any file and check for malicious activity.

The solution extracts an attached file before reaching the user and notifies the user if there's something malicious in the attachment received along with an email. The solution prevents such malicious content from entering your enterprise network.

When you reach the maximum capacity, you cannot upgrade the solution because its hardware is very expensive. All you can do is discard it and buy another.

I have been using Fortinet FortiSandbox for five years.

We didn't face any issues with the solution's stability for the three years it was installed on-premises at our data center.

The solution’s technical support is good.

The solution’s initial setup is straightforward.

We have seen a return on investment with Fortinet FortiSandbox because it helped us a lot on the security part.

If you're using Fortinet, it's best to use the solution when using FortiGate antivirus because it's all connected and easy to manage.

Overall, I rate Fortinet FortiSandbox an eight out of ten.

We use this solution to stay updated on the latest vulnerabilities and attacks. It acts as a database for Fortinet customers to keep their equipment safe and secure.

In future releases, I would like to see more automation capabilities. 

I have a little experience with this solution. We recently purchased new equipment to upgrade from the old range to the new range. 

We previously used FortiGate 100D and upgraded to FortiGate 100S now. 

It is a stable solution.  

FortiSandbox is scalable. We have more than 1200 users across branch offices and headquarters.

Whenever we reach out to Fortinet, they give a response in time. Till now, we have had positive interactions.

We connect with FortiGate through qualified vendors, especially regarding SLA and responsiveness.

I have experience with other solutions like Sophos and CheckPoint. 

We have an IT department managing the solution. There are around 30 people in the team. 

FortiSandbox is a subscription that can be purchased from Fortinet directly. Only using FortiSandbox as features purchased as a subscription in the cloud.

We purchased the bundle. So, we got one price for the package. It was a unified package. 

Overall, I would rate the solution an eight out of ten. 

We use Fortinet FortiSandbox to troubleshoot different software.

Performance is a valuable feature.

The delivery feature in my country is extremely bad.

I have been using Fortinet FortiSandbox for three months.

It is a stable solution. 

It is a scalable solution. 

We have the support to set it up. It took a few months to deploy it. We integrate the solution and the support takes care of the solution after that. Almost three to four people are required for the maintenance.

It is an expensive solution. 

I would rate the overall solution an eight out of ten. 

Fortinet FortiSandbox is a multi-functional solution. When some files have been packed with viruses, the solution detects and quarantines them.

Fortinet FortiSandbox puts suspicious files in quarantine, analyzes for virus risks, and lets them out of quarantine if it detects no risk.

The solution could be limited in some scenarios. If updated, Fortinet FortiSandbox could cover other risks.

Fortinet FortiSandbox is a very stable solution. In my experience, it has the most stability that I have seen because a lot of clients got the solution and didn't report any problems with the network or the availability of the appliance. Fortinet FortiSandbox is different from other vendors. Percentage-wise, 80% got Fortinet FortiSandbox solutions in Mexico.

There is a specific list of Fortinet products you can select from, and they have a range of user functionalities and performance. So it's easy to increase it or to change to another appliance that can support the growth of any of the factors I mentioned. So it's easy to change it or increase it.

Fortinet FortiSandbox could provide better customer support.

Positive

Fortinet FortiSandbox's initial setup is easy because its graphic interface is very friendly and in 3D. I have been working with Juniper, and they have the same interface. The solution is easy to configure.

There is a special solution in Fortinet for sandboxing that increases the level of security. In that solution, you could get more efficiency in using sandboxing.

Overall, I rate Fortinet FortiSandbox an eight out of ten.

The primary use case is to test our applications.

The UI is good.

Fortinet FortiSandbox is faster than other sandbox solutions.

Fortinet FortiSandbox integrates with other solutions.

I would like to have machine learning added to the solution in a future release.

I have been using the solution for almost three years.

Fortinet FortiSandbox is stable.

Fortinet FortiSandbox is scalable.

The technical support is good.

We previously used Check Point Sandblast.

The initial setup is straightforward.

The implementation was completed in-house with Fortinet support.

The solution is affordable. There is an additional cost for a support license.

We evaluated Palo Alto.

I give the solution an eight out of ten.

Compared to other sandbox solutions, Fortinet FortiSandbox is the most stable.