https://106c4.wpc.azureedge.net/80106C4/Gallery-Prod/cdn/2015-02-24/prod20161101-microsoft-windowsazure-gallery/fortinet.fortinet_fortisandbox_vmfortinet_fsa-vm.1.0.0/Icons/Large.png

Fortinet FortiSandbox Advanced Threat Protection

Fortinet
Zero-day Protection for Your Cloud and Hybrid Workloads
Support
Support

Fortinet FortiSandbox Advanced Threat Protection

Fortinet

Zero-day Protection for Your Cloud and Hybrid Workloads

FortiSandbox for Azure enables organizations to defend against advanced threats natively in the cloud, working alongside network, application, email, endpoint security, and other 3rd party security solutions, or as an extension to their on-premises security architectures to leverage cloud elasticity and scale.

Highlights:

  • Broad Coverage of the Attack Surface with Security Fabric - Effective defense against advanced targeted attacks through a cohesive and extensible architecture working to protect network, application layers and endpoint devices from campus to cloud.
  • Automated Zero-day, Advanced Malware Detection and Mitigation - Native integration and open APIs automate the submission of objects from Fortinet and third-party vendor protection points, and the sharing of threat intelligence in real time for immediate threat response.
  • Certified and Top Rated - Constantly undergoes rigorous, real-world independent testing and consistently earns top marks.

FortiSandbox for Azure has the following admin ports enabled:

  • 443 for web admin
  • 22 for ssh admin

FortiSandbox uses a two-stage process to identify zero-day, advanced malware including ransomware, and share relevant threat intelligence in real-time with inline security control so automated mitigation is applied.

  • Stage 1 - Pre-filtering is performed by an engine powered by Fortinet's threat intelligence maintained by our global research team, FortiGuard Labs.
  • Stage 2 - Dynamic behavior analysis is performed on objects to determine if they are malicious. Rating verdicts are returned to the originating device in real-time to act upon, natively within Fortinet Fabric security products, third-party vendor security products via JSON API, or as a feed via STIX format.