In this recipe, you will learn how to authorize FortiMail in FortiSandbox.
In FortiMail 5.2.0 and later, you can configure your FortiMail device to send suspicious files and suspicious attachments to FortiSandbox for inspection and analysis. FortiSandbox is able to perform additional analysis on files that have been scanned by your FortiMail gateway.
Suspicious email attachments include:
- Suspicious files detected by the AV engine heuristic scan
- Executable files and executable files embedded in archive file types
- Type six hashes (binary hashes) of spam email detected by FortiGuard Antispam device
1. Check Default Port Information |
|
|
In general, FortiSandbox Port1 is reserved for device management, and Port3 is reserved for the Windows VM to communicate with the outside network. Depending on your FortiSandbox model, you can configure your FortiMail to communicate with your FortiSandbox on ports: 1, 2, 4, 5, 6, 7 and 8. You can find specific default port information under the Using the GUI section of the FortiSandbox Administration Guides available on the Fortinet Document Library. |
|
2. Integrate FortiSandbox into FortiMail |
|
|
Before you can authorize FortiMail in FortiSandbox, you will need to integrate FortiSandbox into FortiMail. See How Do I Integrate FortiSandbox Into FortiMail for more information on integrating FortiSandbox into FortiMail. |
|
3. Authorize FortiMail to send files to FortiSandbox |
|
|
After integrating your FortiSandbox into your FortiMail device, you will need to authorize FortiMail to be able to send files to FortiSandbox.
|
|
For further FortiSandbox information, refer to the FortiSandbox Administration Guides available on the Fortinet Document Library.
The post FortiSandbox: Authorizing FortiMail in FortiSandbox appeared first on Fortinet Cookbook.