- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- New To FortiMail - Solution Options
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
New To FortiMail - Solution Options
I'm new to FortiMail. I have used the Anti-Spam feature in the FortiGate firewalls. I presume that the mail scanning features in the FortiGate are limited compared to the FortiMail solution.
How does FortiMail compare to commercial email scanning solutions designed for enterprise use that are available via the cloud? If you were going to recommend an inbound/outbound mail filtering/scanning option what would you recommend and why?
Solved! Go to Solution.
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Full disclosure, I am am a FTNT employee and PM for FortiMail. Lets tackle some of theses Q's in order:
Why FortiMail vs FortiGate
FortiGate implements FortiGuard AntiSpam techniques which are powerful, with a "good" catch rate / low false positive rate. Its limitations are that there are no dynamic outbreak detection methods supported, no quarantine, discard/tag are the only supported actions.
FortiMail
FortiMail supports multi layer spam protection including:
Outbreak Protection, Behavioral Analysis, SPF, DMARC & DKIM support, greylisting, Dynamic Heuristics, Full URI category scanning, FortiSandbox Integration (store and forward) and image analysis features that are not available on the FortiGate platform. It also supports full Mail Transfer Agent (MTA) features and can perform user-based antispam rules. In summary, if you want the highest possible accuracy and control in detecting spam then you want a FortiMail system.
This is bourne out by our top of the pack placings in independent VBSPAM (99.999% catch rate, 0% FP), ICSA testing and IDC reports.
We are happy to offer a trial for our cloud service, please reach out to your Fortinet account manager or reseller and we can get this set this up right away!
@emnoc wrote:
>FTNT has up its game with support specialist, but I found the FTNT partners seems to be way better >knowledgeable than FTNT 1st level support.
Fortinet NSE training is used to empower our partners so this is exactly how it should be and why we give trained highly trained/certified FTNT partners the ability to bypass 1st level support through the pin code scheme. However, in the last month we have taken feedback on board and reworked our support structure for Enhanced Tech products including FortiMail so that they are rerouted much sooner to the specialist team members in dedicated ET TACs. You should see a dramatic improvement for all ET products based on these changes.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
7 REPLIES 7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That's a loaded question.
1: let goes with the #1 leading issues :COST:. This seems to drive a lot of ORGs
The fortimail is affordable. It's not the leader of the pack, but it's not at the low-end of the scale either.
2: what would I use? & If budget was not a concern ? , the IronPort and then proofpoint and the reason why?
Theses seems to be the leaders & with regards to email security and then the reporting. I believe FTNT is a long way from both of these just from the pure reporting aspect. The support is very effective and quality in proofpt and ironport
The ironport solution with the M manager appliance, does allows for quick and effective email tracking and lookups. It's hard to challenge a cisco IronPort in this regards, and this was the best product-platform that CSCO has acquire imho in the last decade or so.
3: what you should realize all of the leaders and solutions are ALL accurate within 2-5% of each other, but the points you should really look at are the cost and support quality.
Microtrend and proofpoint support is way superior to FTNT , & based on my experience, but with that said FTNT has up its game with support specialist, but I found the FTNT partners seems to be way better knowledgeable than FTNT 1st level support.
Again based on my experience ( tw....... i've been using FML and IronPort for over 8+ years now or more .....so again based on my own experience and not just a simple statement )
4: FML compared to the FGT is hands down; " a no brainer ......FML! "
So bottom line define objects that you needs in the ESA solution 1st , and go do some homework.
cost
encryption
ease of operations
support
OPEX cost
etc.....
Don't go in blind , and request a POC from all vendors that you think you might want to look. Be advise to state your objectives equally between all vendors to have fair apple-2-apple comparisons.
Ken
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for that feedback. These are solutions that I was not aware of.
Are these both based on hardware solutions? What do you think of the cloud based spam filtering solutions?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Full disclosure, I am am a FTNT employee and PM for FortiMail. Lets tackle some of theses Q's in order:
Why FortiMail vs FortiGate
FortiGate implements FortiGuard AntiSpam techniques which are powerful, with a "good" catch rate / low false positive rate. Its limitations are that there are no dynamic outbreak detection methods supported, no quarantine, discard/tag are the only supported actions.
FortiMail
FortiMail supports multi layer spam protection including:
Outbreak Protection, Behavioral Analysis, SPF, DMARC & DKIM support, greylisting, Dynamic Heuristics, Full URI category scanning, FortiSandbox Integration (store and forward) and image analysis features that are not available on the FortiGate platform. It also supports full Mail Transfer Agent (MTA) features and can perform user-based antispam rules. In summary, if you want the highest possible accuracy and control in detecting spam then you want a FortiMail system.
This is bourne out by our top of the pack placings in independent VBSPAM (99.999% catch rate, 0% FP), ICSA testing and IDC reports.
We are happy to offer a trial for our cloud service, please reach out to your Fortinet account manager or reseller and we can get this set this up right away!
@emnoc wrote:
>FTNT has up its game with support specialist, but I found the FTNT partners seems to be way better >knowledgeable than FTNT 1st level support.
Fortinet NSE training is used to empower our partners so this is exactly how it should be and why we give trained highly trained/certified FTNT partners the ability to bypass 1st level support through the pin code scheme. However, in the last month we have taken feedback on board and reworked our support structure for Enhanced Tech products including FortiMail so that they are rerouted much sooner to the specialist team members in dedicated ET TACs. You should see a dramatic improvement for all ET products based on these changes.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Carl,
Thanks for the very helpful information. This is what I was looking for.
Can you contrast the FortiMail to the leading cloud hosted mail filtering solutions? One advantage of a cloud hosted solution might be the reduction in bandwidth loss from the receipt of spam. I resume that the FortiMail receives all email, valid as well as spam, then does its work. If the spam were eliminated before the email reached the business internet connection (FortiMail) that internet connection might be more effectively utilized.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We have been using fortimail for several years, first we had 100c now we have a fortimail VM01, we are not a huge company but get hit with a lot of spam and the fortimail rocks! I have seen 42messages per minute handled very easily with no affect to bandwidth, we did buy a cloud based sandbox solution which we are very happy with, and even sandboxing does not delay mail much.We did compare buying an appliance or using one of the cloud service like postini, but we decided to go with Fortigate because of reputation and support and I like the mail a little close to me, call me old fashion.
GL
IT
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the feedback. I'm glad that you have found success with the FortiMail.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
One remark regarding bandwidth consumption of an appliance vs. a cloud service. If you receive a lot of spam mails and the FML is configured to catch most of it, bw consumption mainly depends on when the spam verdict is determined and the action chosen.
On a very 'spammy' domain I see a catch/reject rate of the FortiGuard IP filter (blacklist) of 99%. Only for 1% of all incoming emails the FML needs to test further, via receiver verification, content filter and so on. Of course YMMV. The more spam you receive, and the earlier the FML can detect spam, the more bandwidth is preserved. OTOH, if your email stream does not contain any spam, you will not save any bandwidth at all.
The tricky part is to enable the most effective methods the earliest on in the detection.
One more point why I am prefering an onsite appliance: you get a whole set of tools to filter otherwise legitimate mail, with the goal to protect the company from security risks or to preserve the employees' time. I am not sure all cloud providers offer content inspection, sandboxing, content filtering by category to achieve this.
Ede
"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Related Posts
- Issue on our FortClient EWS MSSQL$FCEMS 300 Views
- Unable to upgrade Fortigate Firmware to... 360 Views
- Customizing release control website 225 Views
- Web Filter Rating - Timed Out... 252 Views
- Initial Fortimail configuration and tuning -... 386 Views
Labels
-
FortiGate
6,451 -
FortiClient
1,287 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
411 -
5.6
362 -
FortiSwitch
331 -
FortiAP
327 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
148 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
85 -
FortiCloud Products
82 -
FortiToken
69 -
Customer Service
69 -
IPsec
66 -
4.0MR3
64 -
Wireless Controller
58 -
SSL-VPN
54 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
FortiConverter
21 -
High Availability
20 -
Firewall policy
20 -
VLAN
18 -
FortiPortal
17 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
ZTNA
15 -
FortiMonitor
14 -
Certificate
14 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
DNS
11 -
Interface
11 -
BGP
10 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
Logging
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiAuthenticator
7 -
Admin
7 -
FortiGate v4.0 MR3
7 -
4.0
7 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSID
5 -
Security profile
5 -
Traffic shaping policy
5 -
Authentication
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
Static route
5 -
FortiManager v4.0
5 -
FortiDirector
4 -
SSL SSH inspection
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
packet capture
3 -
FortiToken Cloud
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiTester
3 -
Port policy
3 -
FortiDB
3 -
IPS signature
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
NAC policy
1 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
Zone
1 -
FortiManager-VM
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.