FortiSandbox Flow

Static Scan:
- Rule matched : Suspicious(High/Medium/Low) -> End
- Rule did not match : Clean -> Goto AV Scan

AV Scan:
- Signature matched : Malicious -> End
- Signature did not match : Clean -> Goto Cloud Query

Cloud Query:
- Hash matched with Suspicious : Suspicious(High/Medium/Low) -> End
- Hash matched with Clean : Clean -> End
- Hash did not match : Clean -> End(if not supporting VM Scan for the file) or Goto VM Scan(if supporting VM Scan for the file)

VM Scan:
- Suspicous behavior was detected  : Suspicious(High/Medium/Low) -> End
- Suspicous behavior was not detected : Clean -> End
- Other : Unknown -> End


저작자 표시 비영리 변경 금지
신고

'업무이야기 > Fortinet' 카테고리의 다른 글

FortiSandbox Flow  (0) 2017.08.08
FortiSandbox Clustering Setting  (0) 2017.08.08
FortiSandbox Custom VM  (0) 2017.08.08
Fortinet euc-kr 한글 지원 설정  (0) 2015.12.28
Fortigate Port Restricted  (0) 2015.12.28
Spam test  (0) 2015.12.28


티스토리 툴바