Fortinet FortiMail: Product overview

Expert Karen Scarfone reviews the Fortinet FortiMail email security gateway product that is used for monitoring email messages on behalf of an organization.

Fortinet FortiMail is an email security gateway product that monitors email messages on behalf of an organization to identify messages that contain malicious content, including spam, malware and phishing attempts. When Fortinet FortiMail detects malicious content in an email, it stops that email from reaching its recipient, thus preventing the associated attack from succeeding. For most organizations, the majority of threats against them are email-based, so having an email security gateway has become a necessity to reduce the number of successful attacks that occur.

Product versions

Three deployment models are supported by Fortinet FortiMail: public cloud-based, local hardware appliance and local virtual appliance.

For the local hardware appliances, called FortiMail Email Security Appliances, there are five models currently available:

  • FortiMail-60D (0.5 TB of storage, maximum of two email domains)
  • FortiMail-200D (1 TB of storage, maximum of 20 email domains)
  • FortiMail-400C (2 TB of storage, maximum of 100 email domains)
  • FortiMail-1000D (4 TB of storage expandable to 8 TB, maximum of 800 email domains)
  • FortiMail-3000D (4 TB of storage expandable to 16 TB, maximum of 2000 email domains)

The local virtual appliances, known as the FortiMail Virtual Email Security Appliances, have four models:

  • FortiMail-VM01 (1 TB of storage, maximum of 20 email domains)
  • FortiMail-VM02 (2 TB of storage, maximum of 100 email domains)
  • FortiMail-VM04 (4 TB of storage, maximum of 800 email domains)
  • FortiMail-VM08 (8 TB of storage, maximum of 2000 email domains)

Security capabilities

The basic security capabilities typically provided by email security gateways are all supported by Fortinet FortiMail: antivirus, antimalware, antiphishing and antispam. In addition to these capabilities, Fortinet FortiMail also provides all the advanced capabilities offered by more sophisticated email security gateway products. This includes executable sandboxing and threat intelligence feed use -- which both help improve malicious content detection accuracy -- as well as data loss prevention (DLP) and email encryption, which can prevent unauthorized exfiltration of the organization's sensitive data via outbound emails.

Licensing

Licensing is dependent on the deployment model. For example, the FortiMail Email Security Appliances and FortiMail Virtual Email Security Appliances do not place any limits on the number of users or mailboxes; no additional licenses are required.

Conclusion

Fortinet FortiMail supports a wide range of deployment models, with public cloud-based services and appliances of various capacities. This allows Fortinet FortiMail to provide email security gateway technology for organizations of nearly any size. Few email security gateway products offer such a range of deployment options for organizations.

In addition, Fortinet FortiMail provides all of the fundamental security capabilities typically offered by email security gateways, plus all of the advanced security capabilities supported by the most sophisticated email security gateway products. Most email security gateway products do not support as many advanced security capabilities as Fortinet FortiMail does.

In summary, Fortinet FortiMail should be on the short list of products to consider in any email security gateway evaluation.

Next Steps

In part one of this series, learn the basics of email security gateways in the enterprise

In part two of this series, read about the enterprise use cases for email security gateways

In part three of this series, find out about the purchasing criteria for email security gateway products

In part four of this series, compare the best email security gateways in the industry

Dig Deeper on Threats and vulnerabilities