FortiSandbox-VM – Ultra Detailed
Installation Guide with Explanations
1. Step 1: Log into https://support.fortinet.com with your FortiCare credentials.
→ Access the official Fortinet portal to download licensed VM images.
2. Step 2: Go to 'Download' > 'VM Images' and select 'FortiSandbox'.
→ FortiSandbox VM is listed under available product images.
3. Step 3: Choose the appropriate hypervisor format (VMware, KVM, or Hyper-V).
→ Pick the VM format that matches your virtualization environment.
4. Step 4: Download all required image files (OVF/VMDK, QCOW2, or VHD).
→ All components are required for successful deployment.
5. Step 5: Launch your virtualization platform (vSphere, virt-manager, or Hyper-V
Manager).
→ Use your hypervisor to begin virtual machine provisioning.
6. Step 6: Create a new virtual machine and attach the downloaded image.
→ Attach the disk image as the primary boot drive for the new VM.
7. Step 7: Allocate at least 4 CPUs, 8GB RAM, and 250GB disk space.
→ These are the minimum resource requirements for operation.
8. Step 8: Attach the VM to a management VLAN or switch with internet access.
→ VM needs to be reachable over the network to integrate with FortiGate.
9. Step 9: Power on the VM and open the console.
→ Booting initializes the operating system and starts system services.
10. Step 10: At the login prompt, enter 'admin' (no password).
→ Default credentials are required to access CLI for setup.
11. Step 11: Assign IP address to port1 via CLI:
→ Initial network access is configured on port1 interface.
12. config system interface
→ Enter CLI mode to begin interface configuration.
13. edit port1
→ Select port1 as the management interface.
14. set ip 192.168.1.250 255.255.255.0
→ Assign an IP address to be used for GUI access.
15. set allowaccess ping https ssh http
→ Enable protocols for remote access and communication.
16. end
→ Exit the configuration mode.
17. Step 12: Save configuration using 'execute backup config flash'.
→ Ensure config is saved permanently.
18. Step 13: Open a browser and connect to https://192.168.1.250.
→ Browser GUI allows license activation and full configuration.
19. Step 14: Accept the certificate warning and proceed.
→ SSL warning is expected due to self-signed cert.
20. Step 15: Log in again with admin and no password.
→ GUI uses the same default admin account.
21. Step 16: Upload license file (.lic) through GUI when prompted.
→ License must be uploaded to activate functionality.
22. Step 17: Wait for license validation and reboot if prompted.
→ Licensing unlocks features and may restart services.
23. Step 18: Log back in and set the admin password.
→ After reboot, system resumes GUI access.
24. Step 19: Navigate to System > Network and configure DNS and NTP settings.
→ You must change the default password for security compliance.
25. Step 20: Add FortiGate as a submitter device under Device > FortiGate > Create New.
→ DNS/NTP ensures system updates and log accuracy.
26. Step 21: On FortiGate, go to Security Fabric > Settings and add FortiSandbox IP.
→ FortiGate must be added as a trusted submission source.
27. Step 22: Enable Sandbox inspection in Antivirus and Web Filter profiles.
→ Sandbox IP is configured on FortiGate to submit suspicious files.
28. Step 23: In FortiSandbox, go to Monitor > Submissions to confirm file analysis.
→ Inspection policies must be set to use sandbox analysis.
29. Step 24: Test malware file submission using EICAR test file to ensure detection.
→ Monitoring confirms successful file submission from FortiGate.
30. Step 25: Review logs and quarantine actions to verify successful integration.
→ EICAR test file is used to simulate malware detection.
