Sold by: Fortinet Inc.Â
Deployed on AWS
Zero-day Malware Protection for Your Cloud and Hybrid Workloads
Overview
FortiSandbox for AWS enables organizations to defend against Zero-day threats natively in the cloud, working alongside network, application, email, endpoint security, and other 3rd party security solutions, or as an extension to their on-premises security architectures to leverage cloud elasticity and scale.
The number of Windows VMs used for behavior analysis for BYOL plan is based on the license. While, for PAYG plan, that is based on the CPU cores of the instance. 1 Core - maximum of 4 Windows VMs for behavior analysis 2 Cores - maximum of 8 Windows VMs for behavior analysis 4 Cores - maximum of 16 Windows VMs for behavior analysis 8 Cores - maximum of 32 Windows VMs for behavior analysis 16 Cores - maximum of 64 Windows VMs for behavior analysis Both BYOL and PAYG plan can use the Fortinet-hosted Windows Cloud VMs . Alternatively, the Custom VMs can be deployed within the cloud but will incur additional charges as per infrastructure instance price.
Highlights
- AI-powered sandbox malware analysis - Two-stage AI-based Static and Dynamic analysis for fast and reliable detection of Zero-day Malware.
- Broad Coverage of the Attack Surface with Security Fabric - Effective defense against advanced targeted attacks through a cohesive and extensible architecture working to protect network, application layers and endpoint devices from campus to cloud.
- Automated Zero-day, Advanced Malware Detection and Mitigation - Native integration and open APIs automate the submission of objects from Fortinet and third-party vendor protection points, and the sharing of threat intelligence in real time for immediate threat response.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux 5.0.4
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c5.xlarge Recommended | $0.98 |
m4.2xlarge | $3.93 |
m5.2xlarge | $1.96 |
m4.xlarge | $1.96 |
m5.xlarge | $0.98 |
c4.xlarge | $1.96 |
c4.large | $0.98 |
c5.4xlarge | $3.93 |
c4.2xlarge | $3.93 |
c5.2xlarge | $1.96 |
Vendor refund policy
You may terminate the instance at anytime to stop incurring charges.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
After deploying the instance, click on Manage in AWS Console to see the running instance and public DNS address to continue the configuration of the FortiSandbox-VM. Connect to the secured Web UI via the public DNS address: https://<public DNS address>. For any CLI configuration/settings, SSH is required to log into the CLI. Default login credentials are with a username of admin and the AWS Instance ID value as the password. The FortiSandbox-VM AWS Install and Configure guide is located at https://docs.fortinet.com/document/fortisandbox-public-cloud/latest/fortisandbox-vm-on-aws/443751/overviewÂ
Resources
Support
Vendor support
https://support.fortinet.com This product is intended for On-Demand subscription. Please contact Customer Support with the following information : 1. The serial number of your FortiSandbox-VM instance 2. The email ID of your Fortinet account. If you do not have an account yet, please sign up at https://support.fortinet.com/login/CreateAccount.aspx .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
RocketML Credit card detection
By RocketML
Detects credit card, extracts credit card number and card type
Customer reviews
3.5
1 ratings
1 AWS reviews
|
37 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Computer Software
A good security investment that gives real value and steady protection
Reviewed on Sep 17, 2025
Review provided by G2
What do you like best about the product?
The best part is it takes a big load off our security team.
By catching threats early, it saves us both time and cleanup costs
By catching threats early, it saves us both time and cleanup costs
What do you dislike about the product?
It’s given us good results, but it isn’t budget-friendly.
For those not using other Fortinet tools, the price may be tough
For those not using other Fortinet tools, the price may be tough
What problems is the product solving and how is that benefiting you?
Before, a single infection meant hours of cleanup.
Now the sandbox blocks them upfront, saving IT work and keeping things running
Now the sandbox blocks them upfront, saving IT work and keeping things running
Urvish M.
After a smooth deployment, it has consistently safeguarded our network from advanced threats
Reviewed on Sep 17, 2025
Review provided by G2
What do you like best about the product?
I really like the endpoint integration. FortiClient silently sends unknown files to FortiSandbox in the background, and we don’t have to babysit it. Once we tuned the policies, it’s been running reliably without slowing down users, which is a big plus for productivity.
What do you dislike about the product?
It can be resource-hungry. We had to allocate more hardware than initially expected to keep the performance smooth, especially with FortiClient endpoints constantly sending samples. Once scaled properly it’s fine, but the upfront sizing needs careful planning.
What problems is the product solving and how is that benefiting you?
Before deploying it, we were constantly dealing with suspicious attachments slipping through email and reaching endpoints. Now FortiClient forwards anything unknown to FortiSandbox, and verdicts come back quickly. It’s cut down on user-reported incidents and allowed us to keep our environment clean without adding more endpoint load.
Laxman K.
Efficient and well-integrated sandboxing that enhances our incident response capabilities.
Reviewed on Sep 17, 2025
Review provided by G2
What do you like best about the product?
The automation between FortiClient and FortiSandbox has been a game-changer. When a new threat is detected on one endpoint, that information gets shared instantly to all others. It reduces manual response work for our team and keeps incidents contained before they spread.
What do you dislike about the product?
The reports are thorough but not very user-friendly. They contain a lot of technical detail, which is great for deep analysis, but not easy to quickly skim during an active incident. I usually end up summarizing them manually for the rest of the team.
What problems is the product solving and how is that benefiting you?
It has streamlined our incident response process. When FortiSandbox detects a new threat on one machine, it automatically shares the IOC with all other FortiClient endpoints. That stops the spread before we even get involved. It’s saved our team a lot of time and reduced response workloads dramatically.
Brijesh R.
A reliable and proactive solution that has strengthened our overall security posture.
Reviewed on Sep 17, 2025
Review provided by G2
What do you like best about the product?
The strongest part for me is how well it works with FortiClient on our endpoints. Whenever a suspicious file shows up, it’s automatically sent to FortiSandbox, and the verdict comes back quickly. If it’s malicious, FortiClient immediately blocks it and updates its signatures, it’s closed several gaps we used to worry about.
What do you dislike about the product?
The main drawback I’ve noticed is the occasional delay during peak load. When multiple suspicious files come in at once, analysis can take a bit longer, which slightly slows down our incident triage. It’s not frequent, but it’s something we’ve had to plan around.
What problems is the product solving and how is that benefiting you?
It’s helped us close the gap against zero-day and evasive malware that our traditional signature-based tools were missing. By sending suspicious files from FortiClient to FortiSandbox for behavioral analysis, we’re catching threats before they ever execute. This has greatly reduced infection incidents and strengthened our security posture.
Mohammed Hattari
Email scanning efficiency needs improvement alongside reliable file scanning
Reviewed on Nov 20, 2024
Review provided by PeerSpot
What is our primary use case?
The company came to us and provided a proof of concept (POC) for six or seven months for testing the machine and evaluating how we can use Fortinet FortiSandbox . Also, we use FortiSandbox for scanning files, like attachments.
What is most valuable?
Currently, there isn't a standout feature. We use Fortinet FortiSandbox for scanning files such as attachments, and we have not faced any issues so far. Up to now, it is performing well.
What needs improvement?
We sometimes face a delay in email scanning due to not having multiple virtual machines. Improvements could be made in dynamic scanning, scanning all email components such as URLs and attachments, and analyzing the Sandbox response. Additionally, better integration with cloud solutions and enhanced performance would be beneficial.
For how long have I used the solution?
I have been using FortiSandbox for six months, specifically for testing purposes on the Alibaba Cloud platform.
What do I think about the stability of the solution?
The solution is stable up to now because it is still new, just six months maximum.
What do I think about the scalability of the solution?
The solution's performance is fine and more improved compared to the last two months.
How are customer service and support?
As of now, I've primarily been in contact with the consultants for support and have only needed one ticket with Fortinet. I have no substantial experience with Fortinet's direct technical support.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I previously used Cisco, but Fortinet is much easier in terms of configuration and service time.
How was the initial setup?
The initial setup of Fortinet was easy, more so than other products. Even though I'm not directly involved, it has been very easy to work with Fortinet, especially compared to other solutions.
What about the implementation team?
It was a combined effort. A consultant from an external company worked alongside us on the implementation. Most of the integration and support involved consultants.
What's my experience with pricing, setup cost, and licensing?
I think it's affordable. For the six to seven months of usage, the cost has been reasonable.
What other advice do I have?
FortiSandbox is rated five out of ten. It meets the requirements but still has room for growth and improvements.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Alibaba