Fortinet FortiSandbox Reviews

We are using Fortinet FortiSandbox to inspect and scan all our files. All the files inside our organization that is transferred through the company. The solution scans the files inside the PSVM because it has many VMs inside the FortiScan. It's working on zero-day attacks and not based on the signature of the threat. It's based on behavior analysis.

The dynamic behavior analysis is excellent. We have many attacks caught by the FortiSandbox as zero-day attacks. Additionally, the administration is simple and can be customized to fit your companies needs.

Fortinet FortiSandbox has manual scan features. We have other sandboxes solutions from other vendors but they don't have this feature. It allows you to interpret or intervene in the scan whatever you want. It is a SOC analyzer, and it is called Manual Scan or something similar. Comparing this feature to other vendors, it's very good.

The reporting tools could be improved in Fortinet FortiSandbox.

I have been using Fortinet FortiSandbox for approximately six years.

The stability of the solution is good.

We have not tried to scale the solution, it has been working fine for what we have been using it for at this time.

We have approximately 50 devices and 1,000 to 2,000 files being scanned daily.

We use the solution extensively.

We use similar sandbox solutions from Forcepoint and Palo Alto.

The installation of Fortinet FortiSandbox is very easy.

We did the implementation ourselves.

We are on an annual license to use the solution. We have an additional feature that is integrated with S5, which is working well.

I would recommend Fortinet FortiSandbox to others, it is the most comprehensive sandbox available.

I rate Fortinet FortiSandbox an eight out of ten.

The primary use case is to test our applications.

The UI is good.

Fortinet FortiSandbox is faster than other sandbox solutions.

Fortinet FortiSandbox integrates with other solutions.

I would like to have machine learning added to the solution in a future release.

I have been using the solution for almost three years.

Fortinet FortiSandbox is stable.

Fortinet FortiSandbox is scalable.

The technical support is good.

We previously used Check Point Sandblast.

The initial setup is straightforward.

The implementation was completed in-house with Fortinet support.

The solution is affordable. There is an additional cost for a support license.

We evaluated Palo Alto.

I give the solution an eight out of ten.

Compared to other sandbox solutions, Fortinet FortiSandbox is the most stable.

Fortinet FortiSandbox is used for threat protection. For example, in emails and the internet.

The most valuable features of Fortinet FortiSandbox are the analysis options, artificial intelligence, and the many interfaces it provides.

Fortinet FortiSandbox can improve by decreasing the time of analysis response. Other solutions have a better response time, such as WildFire.

I have been using Fortinet FortiSandbox for approximately one year.

I rate the stability of Fortinet FortiSandbox a four out of five.

I rate the scalability of Fortinet FortiSandbox a four out of five.

I rate the support of Fortinet FortiSandbox a four out of five.

Positive

I rate Fortinet FortiSandbox a nine out of ten.

I am using Fortinet FortiSandbox for security in the Fortinet fabric.

The most valuable features of Fortinet FortiSandbox are customization, ICAP protocol, and integration with other vendors. Additionally, the security work very well.

Fortinet FortiSandbox should improve its performance and security accuracy to keep competitive with other solutions, such as IBM.

I have been using Fortinet FortiSandbox for approximately six years.

Fortinet FortiSandbox is a stable solution.

The scalability of Fortinet FortiSandbox is good.

The support could improve their knowledge because they acquired other solutions and have yet to gain the knowledge to support them.

The initial setup of Fortinet FortiSandbox was easy. It can take a few days to complete.

The maintenance of Fortinet FortiSandbox is done by two IT managers.

The license for Fortinet FortiSandbox depends on the use case.

We evaluated other options before choosing Fortinet FortiSandbox.

I would recommend this solution to others.

I rate Fortinet FortiSandbox a seven out of ten.

We use Fortinet FortiSandbox to integrate FortiMail and FortiGate firewalls.

The use cases in Fortinet FortiSandbox are not good. It is difficult to upload a custom VM for Fortinet FortiSandbox. The integration of Fortinet FortiSandbox with other Fortinet or FortiGate firewalls is not good. VMs are already installed in the hardware and are working fine, but we tried to approve the custom VM many times but did not succeed.

Fortinet FortiSandbox is complex in uploading the custom VM. Fortinet FortiSandbox needs to improve the customization and the custom framework updates.

I have been using Fortinet FortiSandbox for approximately two years.

Fortinet FortiSandbox stability could improve.

Fortinet FortiSandbox is scalable.

We have approximately 300 users using this solution. We plan to increase usage of Fortinet FortiSandbox. We are moving to the next version soon.

The technical support of Fortinet FortiSandbox is good.

The initial setup of Fortinet FortiSandbox is easy, it took us a few days to do.

We used a third party to do the implementation of Fortinet FortiSandbox.

We have three engineers that are looking after the maintenance and are supporting the solution.

The price of Fortinet FortiSandbox is expensive.

Fortinet FortiSandbox is a leader in the market and they have good solutions.

I rate Fortinet FortiSandbox a seven out of ten.

FortiSandbox was a solution that we mainly sold for manual protection, however, in order to have a more compact environment, like you see the security fabric that has Fortinet, in many of our clients, we performed integration within solutions. Our clients are mainly ones that have had Fortinet solutions previously or want to test Fortinet solutions. We also encourage them to use integration with Security Fabric.

Clients mainly use it for documents, or, for example, programs or execute tools that are injected in the network through the perimeter or through the DNC and also for internal analysis. When any of the users reconnect to the network after some time it will perform a check through FortiClient. They also have interaction with FortiSandbox - everything new is put in quarantine during the user's use. These files or execute tools are analyzed in the FortiSandbox.It can also analyze for scripts between documents or inside documents - mainly office documents like Excel, PowerPoint, or PDF.

Integration is one of the solution's most valuable aspects. You can integrate even third-party solutions so that they can send the information or files they quarantine through the FortiSandbox. That's one of the main features every customer relies on or likes. 

The performance capacity is impressive. Normally, you will need a big solution, I would say, or big hardware so that you can handle all the processing you have to do. However, FortiSandbox is quite a good hardware in and of itself. You can handle it without any restrictions. 

With an on-premises solution, you can do all the analysis locally and not have the need to connect to the internet to depend on that service. 

The solution can scale, however, it needs to be planned ahead of time.

The technical support on offer is quite good.

With the 3000D we had some issues with the FortiOS version. I don't remember which one it was, however, there was an interaction problem or a performance issue. It might have been the FortiOS issue as it was a very particular, very specific issue and the performance was very high. All the indicators were in the highest levels and yet the equipment was not necessarily overloaded from doing analysis.

I haven't interacted directly with these solutions. I mainly use it for design and not how they work, and therefore I haven't interacted directly with them. It would be hard for me to comment on missing features in general.

The price just could be a little bit better, I would say, however, that depends a lot on the manufacturer. If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer. Those kinds of clients that don't have a very big budget or at least a medium one, need to rely on cloud solutions more than hardware, as hardware is expensive. 

It would be ideal if the product had the ability to, if it cannot detect something correctly, to be able to put it on hold until a new release. That would be very circumstantial, actually. However, it could help protect against unknown entities.

I can't really speak to the stability. I haven't checked the functionalities of how they work in the current databases. So I don't have too much info about it.

Part of the design is to know how the solution can scale. You normally try to leave some space. For example, you offer a customer the possibility to scale in the future, according to their needs, however, only if you know the customer is going to grow. If the customer doesn't have that need, it doesn't make any sense to offer them equipment with some space to grow or to have more processing capacity or more licenses in the future. I would say normally you would sell what the customer needs plus a 5% to 10% cushion for the future if needed. However, it would be a properly designed solution. 

We usually work with medium to large-scale organizations.

Technical support has been pretty good. I know they respond every time. It just takes a few hours. It doesn't take too much time to respond. They're helpful and you can count on them.

We are also a reseller of Palo Alto solutions.

In terms of the initial setup, I would say it is half straightforward and half complex. It depends on the scenario and it depends on the kind of things you want to do with the Sandbox, for example, the kind of files you want to analyze or which kind of OS or images you want to analyze. It also depends on the requirements. Sometimes it's harder to deploy due to the scenario, the use case.

Deployment times also vary, however, it takes, at minimum, 15 days to set everything up.

The solution is a rather sizable investment. That said, for those organizations with sensitive data, that feed to know they are protected, it's likely worth the price tag.

We are resellers of the product.

I worked as a systems engineer previously. I'm now a sales executive, however, previously, I was in charge of making all the designs and the architecture for the solutions, and therefore, I know the distribution of these products, how can they be used, and different scenarios. I know how to position, for example, a FortiGate inside of a network for network segmentation and also for perimeter protection. Working also for VPN solutions, we were using FortiClients in EMS. We can have a centralized solution for VPN and also endpoint protection.

In terms of versions we deployed, there was FortiSandbox 1000D and also FortiSandbox 3000D. 

We try to integrate solutions together so they can have some feedback on each other and they can work better to provide security and to also sharpen the attack services.

If you don't want to have any zero-day malware on your network, if you know that you will be literally exposed to those kinds of malware, it's good to have a solution such as this. That said, it's a big, big investment. It's a big investment for a business. If you really want to protect your information, if you're dealing with very, very delicate information, you need some kind of hardware or solution that can protect it from any kind of malware, especially those from zero-day. This Sandbox would be a must-have solution for those kinds of customers.

I'd rate the solution at a nine out of ten. That would be dependant on what types of third-party software a company has that the solution could integrate with effectively.

We mainly use it for incoming mail from all our domains because we have several of them. We are servicing many companies as the holding company. Every mail is passed to the Sandbox virtual machine. It is a VM. Occasionally, a link or a standalone file that we want to check is also passed to the Sandbox virtual machine.

The scanner office document as well as PDF are useful. The most valuable thing is that you can emulate different operating systems without having the danger of getting something infected. It emulates several operating systems, and as a result, you either get the file or you don't get the file. 

I don't know if it is viable to do an improvement like this. When there are passwords in the password-protected files, it can't scan them or do things like this. I don't know if an algorithm or something else could make it better. Nowadays, many legitimate office documents have passwords.

I have been using Fortinet FortiSandbox for about five to six years.

It is very stable. The only thing is that you have to manually check for some extensions. You have to do that mainly for the office documents because they change their extension. You have to manually add the new extension, but it is not a big problem. 

They are very responsive. At first, I had interacted with only the Greece branch of Fortinet, which has only pre-sales engineers, not the support engineers, and they were very helpful. For the last two and a half years, we have a contract with a dedicated team for support. They're getting bigger, better, and greater. 

It is very simple. You just specify the operating system that you want to emulate as well as the office version. It is pretty straightforward in terms of the procedure. It is easy to use and has a very useful interface.

Altogether, it is about €10,000 for the Sandbox and Email Gateway. 

I have used it within the Fortinet ecosystem. The whole Fortinet ecosystem collaborates very well. It is a standalone product as well, but I haven't tested it as a standalone product. If I had a choice, I would opt for the cloud version. I currently have the on-premises version.

I would rate Fortinet FortiSandbox a nine out of ten.

The primary use for FortiSandbox is to provide a good environment, a test environment for us to analyze any new threat in the market. Fortinet Cloud uses its technology to analyze those threats for us and we use the analysis engine. 

Our company is a service provider of Fortinet products, providing solutions based on the company's products. This can be anything from a UTM (Urchin Tracking Module) to a cloud solution depending on the requirements of the customer. It's not one specific model of the product that we have, rather we offer products based on the solutions required by the customer. We are resellers.

There are easily more than 1,000 or 2,000 people that would be using this product through our company because we get organizations where there are maybe 500 to 600 users and others with around 1,000. So I would have to say more than 2,000.

The analysis engine is a very valuable feature. It's quite up-to-date. However, I have not been able to compare it with another manufacturer's product so I'm not really sure whether it is the best. But we just use information that we get from Ratna, and the popularity of Fortinet itself.

I'm not sure whether anything needs improvement because I feel we need to have more experience with it. Perhaps if there were issues where customers complained, that's when I would be able to comment on what could be improved. So far, I haven't come across any specific features that need improving.

I'm content with the features of the product. If they plan to provide a feature that would make it easier for the customer to configure themselves, that would be appropriate. And possibly a user interface. As a service provider, the functionality is quite satisfactory.

I have confidence in the stability of the product. We've realized that quite a number of our customers really want Fortinet products. They might not understand all the FortiSandbox features until we show them how it all works but most customers look at the brand name and where it stands in the market.

The scalability is very good, it's easily expandable and I like that there is a uniform operating system, FortiOS, in all their products. Whenever you interact with either FortiSandbox or any other feature, the interface is the same. 

We have great support from Fortinet. We have our own research partner who can assist us with configuration and getting to know the product. They're easily available to inform us about new features, new rollouts, and the new operating system in the FortiOS. 

The setup of Fortinet is quite straightforward. If you're going to use their products, then you really need to know what to do technically. However, there's no great learning curve in the concept of setting it up, or at least not for anyone who's interested in applying themselves.

Most of our clients will opt for us to manage the setup for them because the security is fairly new. Most of our customers feel it is better to outsource the management of security services for their hardware so they can focus on the business. We have our own team of security experts that are fully trained in Fortinet. It's easier for them to carry out the setup for the customers.

The relationship between the customer and our company is by SNA (social network analysis), so there are fewer configuration errors and instances where the configuration hasn't been carried out correctly and the product is still not working well for the customer, so most companies prefer us to do it for them.

I would recommend that for customers looking for a security solution, FortiSandbox is a good option. It's available on different platforms, both on and off-premises. It's easier for the customer to plug in any other security solution they may need to cover security issues depending on their environment. It's very easy to plug-in additional new features as opposed to most other security products where you have to find compatibility with other elements of the customer environment. And those options are usually challenging and expensive.

I would rate this product eight out of 10.