Advanced Threat Protection - FortiSandBox


Sandbox is a key part of Fortinet’s innovative Advanced Threat Protection solution. Recommended by NSS Labs, FortiSandbox is designed to detect and analyze advanced attacks designed to bypass traditional security defenses. In independent NSS Labs testing, FortiSandbox demonstrated 99% Breach Detection effectiveness and due to Fortinet’s unique multi-layered sandbox analysis approach detected the majority of threats within one minute.

FortiSandbox, secured by FortiGuard, offers inspection of all protocols and functions in one appliance. It can integrate with your existing Fortinet infrastructure including FortiGate, FortiMail, and FortiGuard, fueling a security ecosystem that automatically protects, learns, and improves your overall threat protection. It delivers highly effective protection against advanced persistent threats that is affordable as well as simple and flexible to deploy and manage. Complement your established defenses with this cutting edge sandbox capability; analyzing files in a contained environment to identify previously unknown threats and uncovering the full attack lifecycle.



  • Protects against advanced threats: Scans files on the network, in emails, in URLs, in network file share locations, and on-demand. Protects against advanced email threats, Windows threats, Office threats, zip threats, pdf threats, mobile threats and more.
  • Inspects across all Operating Environments: Code emulation examines and runs instruction sets to assess intended activity independent of operating environment for broader security coverage.
  • Examines activity, rather than attributes: Executes objects within a secure virtual runtime environment (“sandbox”) to analyze activity- system changes, exploit efforts, site visits, subsequent downloads, botnet communications and more- to expose sophisticated threats.
  • Pre-filters to deliver fast results: leverage Fortinet’s proactive anti-malware (consistently top-rated in VB100 RAP tests) and extended database as well as additional patented advanced threat intelligence techniques to detect a large percentage of advanced threats without the time and effort of full “sandboxing”.
  • Provides rich threat intelligence: Uncover information related to the full threat lifecycle, not just initial code, to speed remediation. Opt in to share intelligence with FortiGuard Labs for automated security updates to boost the protection delivered through your entire Fortinet security ecosystem.
  • Delivers Officially Licensed Microsoft Components: Product comes with Microsoft Windows, Internet Explorer, and Office embedded licenses, confirmed approved for use in virtual environments unlike other sandbox solutions.



  FSA-1000D FSA-3000D
Form Factor

2 RU

2 RU

Total Network Interfaces

6x GE RJ45 ports,

2x GE SFP slots

4x GE RJ45 ports,

2x GE SFP slots

2x 10 GE SFP+ slots

Storage Capacity 4 TB (max. 8 TB) 8 TB (max. 16 TB)
Power Supplies 2x Redundant PSU 2x Redundant PSU
VM Sandboxing (Files/Hour) 160 560
AV Scanning (Files/Hour) 6.000 15.000
Number of VMs 8 28


Advanced Threat Protection Framework

The most effective defense against advanced targeted attacks is founded on a cohesive and cohesive and extensible protection framework. The Fortinet framework uses security intelligence across an integrated solution of traditional and advanced security tools for network, application and endpoint security, and threat detection to deliver actionable, continuously improving protection

Frotinet integrates the intelligence of FortiGuard Labs into FortiGate next generation firewalls, FortiMail secure email gateways, FortClient endpoint security, FortiSandbox advanced threat detection, and other security products to continually optimize and improve the level of security delivered to organizations with a Fortinet solution.