The Mail Server page allows you to adjust the mail server settings. Go toSystem > Config > Mail Server to view theMail Server Settings page. In this page you can configure notifications for when a malicious file is detected and the weekly report global email list.
The following options can be configured:
SMTP Server Address Enter the SMTP server address.
Port Enter the SMTP server port number.
E-Mail Account Enter the mail server email account. This will be used as the from address.
Login Account Enter the mail server login account.
Password Enter the password.
Confirm Password Confirm the password.
Send notification mail to global email list when mali-cious file is detected
Select to enable this feature. When enabled, a notification email is sent to the global email list when a malicious file is detected.
What rating of job to send alert email
Select the rating of jobs that are included in the email alerts. Options include: Malicious, High Risk, Medium Risk, and Low Risk.
Global noti-fication mail receivers list (sep-arated by comma)
Enter the email addresses that comprise the global email list.
Notification mail subject template
Enter the subject line for the notification emails.
Send weekly PDF report to global email list
Select Yes to send a weekly report email to the global email list.
What rating of job to be included in the detail report
Select the rating of jobs that are included in the reports. Options include:
Malicious, High Risk, Medium Risk, Low Risk, and Clean.
Global email list to receive weekly summary report (separated by comma)
Enter the email addresses that comprise the weekly summary report global email list.
Global email list to receive weekly detail report (sep-arated by comma)
Enter the email addresses that comprise the weekly detail report global email list.
OK Select OK to apply any changes made the mail server configuration.
Send Test Select Send Test to send a test email to the global email list.
Restore Default Select Restore Default to restore the default mail server settings.
SNMP
SNMP is a method for a FortiSandbox system to monitor your FortiSandbox system on your local computer. You will need an SNMP agent on your computer to read the SNMP information.
Using SNMP, your FortiSandbox system monitors for system events including CPU usage, memory usage, log disk space, interface changes, and malware detection. Go toSystem > Config > SNMP to configure your FortiSandbox system’s SNMP settings.
SNMP has two parts - the SNMP agent or the device that is sending traps, and the SNMP manager that monitors those traps. The SNMP communities on the monitored FortiSandbox are hard coded and configured in the SNMP menu.
The FortiSandbox SNMP implementation is read-only — SNMP v1, v2c, v3 compliant SNMP manager applications, such as those on your local computer, have read-only access to FortiSandbox system information and can receive FortiSandbox system traps.
Configuring the SNMP agent
The SNMP agent sends SNMP traps that originate on the FortiSandbox system to an external monitoring SNMP manager defined in one of the FortiSandbox SNMP communities. Typically an SNMP manager is an application on a local computer that can read the SNMP traps and generate reports or graphs from them.
The SNMP manager can monitor the FortiSandbox system to determine if it is operating properly, or if there are any critical events occurring. The description, location, and contact information for this FortiSandbox system will be part of the information an SNMP manager will have — this information is useful if the SNMP manager is monitoring many devices, and it will enable faster responses when the FortiSandbox system requires attention.
Go toSystem > Config > SNMP to configure the SNMP agent.
Configure the following settings:
SNMP Agent Select to enable the FortiSandbox SNMP agent. When this is enabled, it sends FortiSandbox SNMP traps.
Description Enter a description of this FortiSandbox system to help uniquely identify this unit.
Location Enter the location of this FortiSandbox system to help find it in the event it requires attention.
Contact Enter the contact information for the person in charge of this FortiSandbox system.
SNMP v1/v2c Create new, edit, or delete SNMP v1 and v2c communities. You can select to enable or disable communities in the edit page. The following columns are displayed: Community Name, Queries, Traps, Enable
SNMP v3 Create new, edit, or delete SNMP v3 entries. You can select to enable or disable queries in the edit page. The following columns are displayed: User Name, Security Level, Notification Host, Queries.
Create a new SNMP v1/v2c community:
1. Go toSystem > Config > SNMP .
2. In the SNMP v1/v2c section of the screen selectCreate New from the toolbar. The SNMP Configuration page is displayed.
3. Configure the following settings:
Enable Select to enable the SNMP community.
Community Name Enter a name to identify the SNMP community.
Hosts The list of hosts that can use the settings in this SNMP community to monitor the FortiSandbox system.
IP/Netmask Enter the IP address and netmask of the SNMP hosts. Select the Add button to add additional hosts.
Queries v1 Enter the port number and select to enable. Enable queries for each SNMP version that the FortiSandbox system uses.
Queries v2c Enter the port number and select to enable. Enable queries for each SNMP version that the FortiSandbox system uses.
Traps v1 Enter the local port number, remote port number, and select to enable.
Enable traps for each SNMP version that the FortiSandbox system uses.
Traps v2c Enter the local port number, remote port number, and select to enable.
Enable traps for each SNMP version that the FortiSandbox system uses.
SNMP Events Enable the events that will cause the FortiSandbox unit to send SNMP traps to the community.
l CPU usage is high
l Memory is low
l Log disk space is low
l Interface IP is changed
l Malware is detected 4. SelectOK to create the SNMP community.
Create a new SNMP v3 user:
1. Go toSystem > Config > SNMP .
2. In the SNMP v2 section of the screen selectCreate New from the toolbar. The SNMP Configuration page is displayed.
3. Configure the following settings:
Username Enter the name of the SNMPv3 user.
Security Level Select the security level of the user. Select one of the following:
l None
l Authentication only
l Encryption and authentication
Authentication Authentication is required when Security Level is either Authentication only or Encryption and authentication .
Method Select the authentication method. Select either:
l MD5 (Message Digest 5 algorithm)
l SHA1 (Secure Hash algorithm)
Password Enter the authentication password. The password must be a minimum of 8 characters.
Encryption Encryption is required when Security Level is Encryption and authentication .
Method Select the encryption method, either DES or AES.
Key Enter the encryption key. The encryption key value must be a minimum of 8 characters.
Notification Hosts (Traps)
IP/Netmask Enter the IP address and netmask. Select the Add button to add additional hosts.
Query
Port Enter the port number. Select to Enable the query port.
SNMP V3 Events Select the SNMP events that will be associated with that user.
l CPU usage is high
l Memory is low
l Log disk space is low
l Interface IP is changed
l Malware is detected 4. SelectOK to create the SNMP community.
Archive
The Archive page allows you to adjust the archive location settings. Archiving job information is useful when processing job files and data with third party tools.
Go toSystem > Config > Archive to view the Archive Location page.
The following options can be configured:
Enabled Select to enable archive configuration.
Mount Type Select the mount type from the drop-down list. The following options are available:
l CIFS
l NFSv2
l NFSv3
l NFSv2
Server Name/IP Enter the server fully qualified domain name (FQDN) or IP address.
Share Path Enter the file share path
Username Enter a user name.
Password Enter the password.
Confirm Password Enter the password a second time for verification.
File Name Select the file name from the drop-down list. The following options are available:
l Scan Job ID as File Name
l Original File Name
Folder Structure Select the folder structure from the drop-down list. The following options are available:
l Save all files in the same folder
l Save file in folders of the scan finish time
l Save file in folders of ratings
Save meta data When selected, the job summary information will be saved.
Save tracer log When selected, the job's tracer log will be saved.
Save Malicious rating jobs When selected, this file type will be saved.
Save Suspicious rating jobs When selected, this file type will be saved.
Save Clean rating jobs When selected, this file type will be saved.
Maintenance
TheMaintenance page contains three sub menus: Backup/Restore , FortiGuard , and VM Status . The