Advice Request Fortigate Fortisandbox

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

128BPM

Level 2
Thread author
Verified
Feb 21, 2018
90
Hi @ForgottenSeer 58943,

Maybe you can clarify this doubt. I have a relative who updated his equipment and left me his old Fortigate but I dont have the annual subscription.

My question is: Can I use Fortisandbox or do I have to pay something?

Thank you!
 
  • Like
Reactions: AtlBo
F

ForgottenSeer 58943

Which model? That's a crucial bit of information.

Lots of things go on without a license. But a Fortigate without a license is still a powerful policy based UTM. You can also enable AV/IPS and other features but it won't update the sigs, but the existing sigs will offer some nice extra protection even without updates. I can turn an unlicensed Fortigate into a fortress, so can you if you know your way around the GUI and CLI.

Also a bit of new information kids - ALL Fortigate's now come with the enterprise bundle. That's Sandbox+Mobile Malware Detection and some other goodies as no extra charge. Before that stuff could add up. Now it's part of any basic bundle. No license? FortiSandbox still works, but only to about 100 files a day. If you want more than 100 you need to pony up for a Sandbox license (about $80 a year ish)

If you don't have a valid license you can't find the firmware upgrade path and download the firmware to bring it up to date unless you know someone with access to the Fortinet FTP server. <wink> Then you can PM them and get the path. Provide the Model, existing firmware version to said person.
 
Last edited by a moderator:

128BPM

Level 2
Thread author
Verified
Feb 21, 2018
90
Which model? That's a crucial bit of information.

Lots of things go on without a license. But a Fortigate without a license is still a powerful policy based UTM. You can also enable AV/IPS and other features but it won't update the sigs, but the existing sigs will offer some nice extra protection even without updates. I can turn an unlicensed Fortigate into a fortress, so can you if you know your way around the GUI and CLI.

Also a bit of new information kids - ALL Fortigate's now come with the enterprise bundle. That's Sandbox+Mobile Malware Detection and some other goodies as no extra charge. Before that stuff could add up. Now it's part of any basic bundle. No license? FortiSandbox still works, but only to about 100 files a day. If you want more than 100 you need to pony up for a Sandbox license (about $80 a year ish)

If you don't have a valid license you can't find the firmware upgrade path and download the firmware to bring it up to date unless you know someone with access to the Fortinet FTP server. <wink> Then you can PM them and get the path. Provide the Model, existing firmware version to said person.


Now I know that my relative left active the sandbox in his own cloud and effectively you can upload 100 files/day free, for me is more than enough. By the way, I have installed Qihoo 360 TS and the FortiSandbox is blocking the download of an update file :eek:
 
  • Like
Reactions: oldschool and AtlBo
F

ForgottenSeer 58943

Now I know that my relative left active the sandbox in his own cloud and effectively you can upload 100 files/day free, for me is more than enough. By the way, I have installed Qihoo 360 TS and the FortiSandbox is blocking the download of an update file :eek:

Qihoo crap is all backdoored. Fortigate will eat it alive.
 

128BPM

Level 2
Thread author
Verified
Feb 21, 2018
90
Without the license can I activate the Webfilter?
Because in security profiles I only see activated: AV, APP, IPS, SSL
 
  • Like
Reactions: AtlBo
F

ForgottenSeer 58943

Without the license can I activate the Webfilter?
Because in security profiles I only see activated: AV, APP, IPS, SSL

Yes but it won't do anything without a sub and if you have it blocking if it can't get a rating it will totally shutoff your web browsing.
 
  • Like
Reactions: oldschool

128BPM

Level 2
Thread author
Verified
Feb 21, 2018
90
Yes but it won't do anything without a sub and if you have it blocking if it can't get a rating it will totally shutoff your web browsing.

Sub = Subnet?............mmm sounds complicated, maybe it would be better idea if I just install FortiClient and from there I get the Webfilter
 
  • Like
Reactions: oldschool
F

ForgottenSeer 58943

Well yeah. Fortigate's are very complicated. Sub=Subscription though in this case.
 
  • Like
Reactions: oldschool

128BPM

Level 2
Thread author
Verified
Feb 21, 2018
90
With FortiClient, is it possible to observe the logs in real time of the firewall/sandbox?
 
  • Like
Reactions: oldschool

128BPM

Level 2
Thread author
Verified
Feb 21, 2018
90
I have been playing with the Threat Feeds (external dynamic block lists) and apparently it works in a similar way to Pi-hole (DNS level). I've configured some domain lists and it block well: ads, trackers, some telemetry, etc.

Even in the Static Domain Filter settings you can add generic filters w/wildcards, e.g. ads.*, *.metrics.*, *-beacon.*


Have you experimented with that? As far as I know, it's a new function.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top