Define Sandbox Service elements
To use Forcepoint Advanced Malware Detection, you must create a Sandbox Service element that defines the settings for the connection to the cloud sandbox or the local sandbox.
For more details about the product and how to configure features, click Help or press F1.
Steps
Next steps
Sandbox Service Properties dialog box
Use this dialog box to define Sandbox Service elements.
Option | Definition |
---|---|
Name | A unique name for the element. |
Data Centers | Represents the data center that the firewall contacts to request file reputation scans.
Note: If the data center that the firewall contacts does not match the home data center that is specified in the license, files are forwarded to the home data
center for analysis and stored in the home data center.
|
Host Name | The host name of the sandbox server. The host name is used to automatically generate the default values in the Server URL and Portal URL fields. |
Server URL (Optional) |
The URL of the sandbox server. The URL can contain a domain name or an IP address. If you do not enter a URL, the default value is automatically generated based on the host name. |
Portal URL (Optional) |
The URL of the portal where you can view analysis reports for files that have been analyzed by the
sandbox service. The URL can contain a domain name or an IP address. If you do not enter a URL, the default value is automatically generated based on the host name. Note: If you change this URL, make sure that the new URL
includes the [task_uuid] variable. The value of the variable is automatically resolved based on file filtering log
entries.
|
Portal Username (Optional) |
The account for which the file analysis reports are stored in the external portal. If you log on to the portal with the same portal user name, you can view the file analysis history stored for the account. |
API URL | The URL that the Secure SD-WAN Manager uses to query the sandbox service API to generate permanent links to sandbox analysis reports. We recommend that you use the default value. |
License Key (Optional) |
The license key for the connection to the sandbox server. This license key is used globally for all Engines for which Forcepoint Advanced Malware Detection is enabled. You can override this setting for individual Engines in the Engine Editor. If you do not enter the license key in the properties of the Sandbox Service element, you must enter the license key in the Engine Editor for each Engine for which Forcepoint Advanced Malware Detection is enabled. Note: The license defines the home data center where files are analyzed. Enter the key and license token for the data center that you want to use as the home data
center.
CAUTION: The license keys and license tokens allow access to confidential analysis reports. Handle the license key and license token
securely.
|
License Token (Optional) |
The license token for the connection to the sandbox server. This license token is used globally for all Engines for which Forcepoint Advanced Malware Detection is enabled. You can override this setting for individual Engines in the Engine Editor. If you do not enter the license token in the properties of the Sandbox Service element, you must enter the license token in the Engine Editor for each Engine Engine for which Forcepoint Advanced Malware Detection is enabled. |
TLS Profile | The TLS Profile element that defines the cryptographic suite, the trusted certificate authorities,
and other optional settings for the TLS connection to the sandbox service. To select the TLS Profile, click Select. |
Comment (Optional) |
A comment for your own reference. |
Category (Optional) |
Includes the element in predefined categories. Click Select to select a category. |