| Description | This article describes how to suppress the FortiClient APT scan pop-up when FortiSandbox is enabled. |
| Scope | FortiClient/FortiClient EMS 6.4.7 and above. |
| Solution |
By default, when the Sandbox endpoint profile is enabled and configured with the option 'Wait for FortiSandbox Results before Allowing File Access', an APT scan pop-up will be shown.
To suppress the APT scan pop-up dialog, access Endpoint Profiles -> Sandbox -> Edit the affected profile -> Select Advanced tab -> Other -> Select Notification Type as Lite or None.
Alternatively, the configuration can be applied via XML codes: Endpoint Profiles -> Sandbox -> Edit the affected profile -> XML -> Edit -> On the right pane, search for <notification_type>1</notification_type> tag and configure the value accordingly.
Below are explanations for each value:
0 (Lite): Shows bubble notification when FortiSandbox detects malware in file submission. 1 (Full): Shows APT scan pop-up in all file submissions to FortiSandbox. 2 (None): Does not display APT scan pop-up in scenarios including (Malware detection in file submission, file submissions to FortiSandbox, or in the event file is quarantined).
By default, the notification_type value is 0. |
