Zero-day Protection for Your Cloud and Hybrid Workloads
FortiSandbox for Azure enables organizations to defend against advanced threats natively in the cloud, working alongside network, application, email, endpoint security, and other 3rd party security solutions, or as an extension to their on-premises security architectures to leverage cloud elasticity and scale.
- Broad Coverage of the Attack Surface with Security Fabric - Effective defense against advanced targeted attacks through a cohesive and extensible architecture working to protect network, application layers and endpoint devices from campus to cloud.
- Automated Zero-day, Advanced Malware Detection and Mitigation - Native integration and open APIs automate the submission of objects from Fortinet and third-party vendor protection points, and the sharing of threat intelligence in real time for immediate threat response.
- Certified and Top Rated - Constantly undergoes rigorous, real-world independent testing and consistently earns top marks.
- Protect DevOps repositories, and internal and external hosted content with native Azure Blob Storage scanning for zero-day threats.
FortiSandbox for Azure has the following admin ports enabled:
- 443 for web admin
- 22 for ssh admin
FortiSandbox uses a two-stage process to identify zero-day, advanced malware including ransomware, and share relevant threat intelligence in real-time with inline security control so automated mitigation is applied.
- Stage 1 - Pre-filtering is performed by an engine powered by Fortinet's threat intelligence maintained by our global research team, FortiGuard Labs.
- Stage 2 - Dynamic behavior analysis is performed on objects to determine if they are malicious. Rating verdicts are returned to the originating device in real-time to act upon, natively within Fortinet Fabric security products, third-party vendor security products via JSON API, or as a feed via STIX format.
Note - In the case of BYOL , the number of Windows VMs used for behavior analysis depends on the license where as PAYG plan is based on the CPU cores of the instance.
- 1 Core - maximum of 4 Windows VMs for behavior analysis
- 2 Cores - maximum of 8 Windows VMs for behavior analysis
- 4 Cores - maximum of 16 Windows VMs for behavior analysis
- 8 Cores - maximum of 32 Windows VMs for behavior analysis
- 16 Cores - maximum of 64 Windows VMs for behavior analysis