반응형
SMALL
FortiSandbox Flow
Static Scan:
- Rule matched : Suspicious(High/Medium/Low) -> End
- Rule did not match : Clean -> Goto AV Scan
AV Scan:
- Signature matched : Malicious -> End
- Signature did not match : Clean -> Goto Cloud Query
Cloud Query:
- Hash matched with Suspicious : Suspicious(High/Medium/Low) -> End
- Hash matched with Clean : Clean -> End
- Hash did not match : Clean -> End(if not supporting VM Scan for the file) or Goto VM Scan(if supporting VM Scan for the file)
VM Scan:
- Suspicous behavior was detected : Suspicious(High/Medium/Low) -> End
- Suspicous behavior was not detected : Clean -> End
- Other : Unknown -> End
반응형
LIST
'업무이야기 > Security' 카테고리의 다른 글
| Fortigate IP Macbindging (0) | 2018.05.08 |
|---|---|
| Fortinet Open Ports Diagram (0) | 2018.05.08 |
| FortiSandbox Flow (0) | 2017.08.08 |
| FortiSandbox Clustering Setting (0) | 2017.08.08 |
| FortiSandbox Custom VM (0) | 2017.08.08 |