In this 1-day class, you will learn the basics of FortiSandbox — how malware works, how virus writers try to avoid detection, and how you can regain the advantage in the battle to secure your network from zero-day threats.
In interactive labs, you will explore how to deploy FortiSandbox in integration with other Fortinet devices, and how to use the various available methods of inspection for both files and harmful web sites. You will also learn how to optimize sandboxing performance for your specific network, how to submit malware samples to Fortinet’s security research labs.
After completing these courses, you will be able to:
- Explain why antivirus engines can’t always catch zero-day exploits
- Describe how smart viruses try to avoid detection
- Compare the mechanisms of antivirus signatures, heuristics, and sandboxing
- Deploy a FortiSandbox
- Integrate other Fortinet devices such as FortiMail, FortiWeb, and FortiGate
- Validate the built-in Microsoft software licenses
- Leverage a FortiManager as a local FortiGuard server for your FortiSandbox
- Monitor new malware detections on your FortiSandbox
- Submit samples of new viruses to FortiGuard
- Understand the basics of an incident response plan
- Sandboxing Concepts
- Basic Setup
- Inline Deployment
- Sniffer Deployment
- Other File Submission Methods & URL Scanning
- Logs & Reports
Anyone who is responsible for day-to-day management and/or configuration of a FortiSandbox appliance.
NSE 4 and FortiMail Specialist certifications are recommended.