FortiSandbox Appliance vs FortiSandbox Cloud
FortiSandbox is available as a physical or virtual appliance (FortiSandbox Appliance), or as a cloud advanced threat protection service integrated with FortiGate (FortiSandbox Cloud).
To select the settings for Sandbox Inspection, such as the FortiSandbox type, server, and notifier email, go to Security Fabric > Settings.
The table below highlights the supported features of both types of FortiSandbox:
| Feature | FortiSandbox Appliance (including VM) | FortiSandbox Cloud |
| Sandbox inspection for FortiGate | Yes (FortiOS 5.0.4+) | Yes (FortiOS 5.2.3+) |
| Sandbox inspection for FortiMail | Yes (FortiMail OS 5.1+) | Yes (FortiMail OS 5.3+) |
| Sandbox inspection for FortiWeb | Yes (FortiWeb OS 5.4+) | Yes (FortiWeb OS 5.5.3+) |
| Sandbox inspection for FortiClient | Yes (FortiClient 5.4+ for Windows only) | No |
| Sandbox inspection for network share | Yes | No |
| Sandbox inspection for ICAP client | Yes | No |
| Manual File upload for analysis | Yes | Yes |
| Sniffer mode | Yes | Yes |
| File Status Feedback and Report | Yes | Yes |
| Dynamic Threat Database updates for FortiGate | Yes (FortiOS 5.4+) | Yes (FortiOS 5.4+) |
| Dynamic Threat Database updates for
FortiClient |
Yes (FortiClient 5.4 for Windows only) | Yes (FortiClient 5.6+ for Windows only) |
Note that FortiMail keeps its own Dynamic Threat Database. For more information, see the FortiSandbox documentation.
Hi
I am hoping you will help, not clued u with fortigate yet, still learning from you.
the below issue started popping up on the events, why is this happening and how can we fix this please?
“5 files were dropped by quard to FortiCloud-Sandbox: 5 reached max retries, 0 reached TTL.”