The FortiSandbox, which was unveiled last summer, had been stymied by licensing talks with Microsoft, according to Fortinet executives. The appliance uses a virtual instance of Windows as a sandbox where suspicious files are detonated and observed. The launch is expected by the end of the first quarter, said Darren Turnbull, Fortinet's vice president of strategic solutions.
FortiSandbox is Fortinet's answer to Palo Alto Networks' WildFire sandboxing service and FireEye's line of sandboxing appliances. Designed to detect custom malware associated with so-called advanced threats, FortiSandbox uses a dual layered approach for malware detection. It attempts to filter out known malware and other threats and then move any remaining suspicious files into the virtual runtime environment for observation. The appliance can be on-premise or SaaS-based. Connectors are available to the FortiGuard next-generation firewall and the FortiMail antispam appliance.