Connecting FortiClient/EMS to Forti Sandbox, Checking FortiClient EMS authorization for Forti Sandbox scanning

Today cyber-attack increasing day by day. To prevent such attacks for sandboxing as an important component of their security policies to help prevent a threat.

Solution work-

FortiClient/EMS Version – 6.0.4 build 0158

Forti Sandbox  Version- v3.0.3, build0049 (GA)

Summary –

Connecting FortiClient/EMS to Forti Sandbox

FortiClient submit the file to Forti EMS and EMS will authorize and sent to Forti sandbox for scanning and analysis.

Open console of FortiEMS Management server.

Go to Endpoint Profiles > Local Profile > Select default profile (You can also select custom profile).

Click on Sandbox tab > enable Sandbox detection

Assign IP address for Forti Sandbox in Server Tab. You will see exclamatory mark beside IP address tab for not Authorize. Save the setting, now see that exclamatory mark there authorization request sent.

You can also add Forti Sandbox Connection from FortiEMS > Profile Component >Manage Forti Sandbox.

Now Login in the Forti Sandbox console,

Go to the Scan Input > Device > Search device serial number of Forti EMS server.

Click on authorize.

Check the Status in FortiEMS console now its showing connected.

FortiClient installation from Forti EMS server

https://netsecaddict.com/2018/12/08/deploying-forticlient-from-fortiems-management-server/

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.

Up ↑

%d bloggers like this: