Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Dominik
New Contributor

Created on ‎09-23-2020 08:10 AM

FortiClient Sandbox Cloud - Communication

Hi girls and guys,

 

I'm searching for a communication matrix where I can see which ports/protcols/destinations the FortiClient uses/needs when using Sandbox Cloud. Within a long Google search I've found a ton of articles that all mention different ports and/or are many years old.

 

Can someone assist me with this question? Thanks in advance.

Kind regards,

Dominik

3008
0 Kudos
4 REPLIES 4
andrewbailey
Contributor II

Created on ‎09-23-2020 08:27 AM

Hi Dominik,

 

Does this help?

 

https://docs.fortinet.com/document/fortigate/6.4.0/ports-and-protocols/367832/fortisandbox-open-port...

 

Kind Regards,

 

 

Andy.

1944
0 Kudos
Dominik
New Contributor
In response to andrewbailey

Created on ‎09-23-2020 09:40 AM

Hi Andy,

 

thanks for your fast reply.

I've found that article too. In my eyes the article describes the communication with FortiSandbox on-prem. Because of that the KB isn't matching for FortiSandbox Cloud.

 

What do you think? Kind regards,

Dominik

1943
0 Kudos
andrewbailey
Contributor II
In response to Dominik

Created on ‎09-23-2020 10:29 AM

Hi Dominik,

 

Yes, I see what you mean. Sorry for misunderstanding your question.

 

I'm running FortiSandbox cloud too so just had a quick look at my config. I think it uses the configured Fortiguard settings then (under Config->System->Fortiguard)?

 

Certainly the "Fortinet Service Communications" (at least in 6.4) suggests that the FortiGuard settings are used for FortiSandbox Cloud traffic. I get the sort of view shown in the 6.4 admin guide here:-

 

https://docs.fortinet.com/document/fortigate/6.4.2/administration-guide/873395/cloud-service-communi...

 

In my case I can see a few hundred kB of traffic to FortiSandbox Cloud (rather than the 0 shown in the above link).

 

The config guide shows the following for Fortiguard settings:-

 

https://docs.fortinet.com/document/fortigate/6.4.2/cli-reference/109620/system-fortiguard

 

And that also seems to state that the Fortiguard settings are also used for FortiSandbox Cloud.

 

Perhaps have a look at those and see if they help you?

 

Kind Regards,

 

 

Andy.

 

 

 

 

1943
0 Kudos
Dominik
New Contributor
In response to andrewbailey

Created on ‎09-23-2020 11:01 PM

Hi Andy,

 

just took a look at your reply.

You're referencing on a FGT with Sandbox Cloud licensed. Regarding the KBs a FGT is using the FortiGuard servers for updating and/or FortiSandbox Cloud.

But what is with the FortiClient? Customers are most of their time behind a firewall that is blocking the most communications. If a FortiClient needs to communicate to FortiSandbox Cloud, which destinations does the FortiClient use?

In FortiClient EMS you are able to configure the FortiClient behaviour for Updates and FortiSandbox Cloud. For Updates you should always select FortiGuard, but for FortiSandbox Cloud you just can specifiy "use cloud server" and nothing more. There is no hint on what servers are used as you can see in the screenshot

 

Kind regards,

Dominik

1943
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.