FortiMail: Email Security
Advanced, multi-layer protection against the full spectrum of email-borne threats
Overview
FortiMail Delivers Comprehensive, Top-rated Threat Protection
Email is a critical tool for everyday business communication and productivity. It’s also a popular attack vector among threat actors trying to steal credentials, obtain sensitive data or hold it for ransom, or steal funds by gaining access to banking information. As attackers mount more sophisticated multi-vector campaigns against their targets, email security must provide multi-layered protection.
With best-in-class performance validated by independent testing firms, FortiMail delivers advanced multi-layered protection against the full spectrum of email-borne threats. Powered by FortiGuard Labs threat intelligence and integrated into the Fortinet Security Fabric, FortiMail helps your organization prevent, detect, and respond to email-based threats including spam, phishing, malware, zero-day threats, impersonation, and Business Email Compromise (BEC) attacks.
Customer Reviews
Fortinet receives high praises from customers for our email security efficacy, integration with the Fortinet Security Fabric, and industry-leading cost to performance.
“An additional layer of security against volume-based and targeted cyber threats”
Project Manager in the Media Industry
“Best Email Gateway For Enterprise”
Network Engineer – Manufacturing Industry
“Brilliant Support And Security Functions”
CIO in the Manufacturing Industry
“There is not much configuration to do. All the default policies are enough to have a strong protection from spams, phishing and threats.”
Regional Server Administrator – Finance Industry
“Excellent Value For Money, An Honest Product That Does What It Promises”
Chief Information Officer (CIO) in the Retail Industry
Deployment Flexibility
Fortinet FortiMail solutions come in a variety of deployment models to best fit your email security needs. On-premises, cloud, or hybrid email environments can be managed by your team or managed by Fortinet in our data centers.
▼
FortiMail virtual machines and appliances for on-premise, cloud and hybrid email security use cases.
Virtual Machines
FortiMail virtual machines provide complete flexibility and portability for organizations wishing to deploy email security infrastructure into a private or public cloud setting. FortiMail virtual machines provide powerful scalability and ease-of-deployment.
- 6 models
- CPU and domain-based
- Perpetual licensing or On-Demand
Appliances
For organizations wishing to deploy email protection in an on-premise setting or for service providers who wish to extend email services to their customers, FortiMail appliances offer high performance email routing and robust features for high availability.
- 6 models
- Filter 30K to 2.0M messages per hour*
- Support for 10GE
FortiMail Cloud SaaS-based service for on-premise, cloud and hybrid email security use cases.
SaaS
Managed by Fortinet in our data centers, FortiMail Cloud allows organizations to focus on overall email management and monitoring.
- Fully-managed by Fortinet
- Per mailbox per year
- OPEX - No CAPEX requirements
Operating Modes
Fortinet FortiMail provides multiple operating modes to choose from including API support for Microsoft 365.
View by:
Gateway Mode
- Inbound and outbound MTA with application-layer security
- Requires a DNS MX record change or a destination NAT rule change
- All inbound email goes through FortiMail first, then is routed to a backend mail server
Microsoft 365 API Support/Clawback
- Operates out-of-line, scan and clawback threats directly from Microsoft 365 using the Graph API
- Can be used in conjunction with gateway mode
Transparent Mode
- DNS MX record, or DNAT rule changes aren’t required
- Physically located on the SMTP path
- Intercepts email, even though destination IP address isn’t FortiMail
Server Mode
- Full-featured mail server that has application-layer security
- Receives, inspects, and delivers email to user mailboxes stored in a local database
FortiMail and FortiMail Cloud Features
FortiMail email security solutions provide robust, integrated capabilities to protect your organization against the full spectrum of threats.
▼
FortiMail virtual machines and appliances for on-premise, cloud and hybrid email security use cases.
| Feature | Base Bundle | Enterprise Advanced Threat Protection Bundle | Ent. ATP with Microsoft 365 API Support Bundle |
|---|---|---|---|
| 99.7% Spam detection rate | ● | ● | ● |
| Advanced multi-layer malware detection | ● | ● | ● |
| Inbound and outbound filtering | ● | ● | ● |
| Integration with customer LDAP | ● | ● | ● |
| Secure message delivery (TLS and DANE) | ● | ● | ● |
| Message tracking | ● | ● | ● |
| Virus Outbreak Service | ● | ● | ● |
| Identity-Based Encryption (IBE) | ● | ● | ● |
| Reporting | ● | ● | ● |
| Email Data Loss Prevention | ● | ● | ● |
| Content Disarm and Reconstruction | ● | ● | |
| URL Click Protection | ● | ● | |
| Impersonation Analysis | ● | ● | |
| Cloud Sandboxing | ● | ● | |
| Real-time scanning of Microsoft 365 mailboxes | ● | ||
| Scheduled scanning of Microsoft 365 mailboxes | ● | ||
| Post-delivery clawback of newly discovered email threats | ● |
FortiMail Cloud SaaS-based service for on-premise, cloud and hybrid email security use cases.
| Feature | Cloud Gateway | Cloud Gateway Premium | Cloud Gateway Premium with Microsoft 365 API Support |
|---|---|---|---|
| Managed Service (infrastructure) | ● | ● | ● |
| 99.999% Service availability | ● | ● | ● |
| 99.7% Spam detection rate | ● | ● | ● |
| Advanced multi-layer malware detection | ● | ● | ● |
| Inbound and outbound filtering | ● | ● | ● |
| Integration with customer LDAP | ● | ● | ● |
| Secure message delivery (TLS and DANE) | ● | ● | ● |
| Message tracking | ● | ● | ● |
| Virus Outbreak Service | ● | ● | ● |
| Reporting | ● | ● | ● |
| Content Disarm and Reconstruction | ● | ● | |
| URL Click Protection | ● | ● | |
| Impersonation Analysis | ● | ● | |
| Cloud Sandboxing | ● | ● | |
| Identity-Based Encryption (IBE) | ● | ● | |
| Email Data Loss Prevention | ● | ● | |
| Real-time scanning of Microsoft 365 mailboxes | ● | ||
| Scheduled scanning of Microsoft 365 mailboxes | ● | ||
| Post-delivery clawback of newly discovered email threats | ● |
Email Continuity
Email Continuity for FortiMail Cloud is designed to protect valuable productivity by providing emergency mailbox services when organizations experience an outage in their email services.
- Mitigates the impacts of downtime by keep end users productive during business outages.
- Reduces recovery time to near zero as employees and users access queued email directly on FortiMail when email services are down.
- Queues emails up to 30 days and is available before or during an outage.
Performance in Independent Testing
Because email security is critically important for any organization to protect its business, employees, data and productivity, you need to know how your email security will perform. FortiMail posts high marks in performance with independent third-party testing firms.
99.9%
Detection of malicious emails across malware types and across malware families.
94%
Overall Detection Rate
91%
Protection and Legitimate Handling Rate
99.78%
Spam Catch Rate
100%
WildList Detection Rate
Advanced multi-layer security
FortiMail brings together advanced capabilities to address the full spectrum of email-borne threats faced by organizations today. It protects against:
- Known threats
- Suspected threats
- Unknown/zero-day threats
- Impersonation attempts
- Business Email Compromise (BEC)
FortiMail - The Future of Email Security Goes Beyond Email
The future of email security is fabric-enabled to counter the growing sophistication of threats and multi-vector campaigns. As part of a fabric, Indicators of Compromise and other telemetry can be shared for enhanced security across your entire security infrastructure. IT and security teams are able to more completely connect the dots to identify multi-vector campaigns by sophisticated actors. And intensive and repetitive workflows including response can be automated to reduce the burden on security operations teams.
Hands on or hands off
Which FortiMail solution is best for you?
Virtual Machines and appliances for teams who want total control over their infrastructure and email security.
Email security as a service for teams who just want to focus on monitoring and response.
Outages Happen
Outages and disruptions in email services do happen, even with Microsoft 365. Email continuity services for FortiMail Cloud help you safeguard valuable productivity while never sacrificing security.
Email Continuity
Key FortiMail Advantages
FortiMail delivers comprehensive, proven email threat protection at an industry-leading cost to performance. The solution offers flexible deployment options and operating modes for cloud-based, on-premises, or hybrid email environments, including managed solutions.
Comprehensive protection
FortiMail integrates advanced capabilities to protect against evolving threats such as phishing, malware, ransomware, impersonation, and BEC attacks. With FortiMail, you get:
- Powerful, integrated capabilities to prevent, detect, and respond to email-based threats
- Flexible deployment options to address on-premises, cloud, and hybrid email use cases
- Choice of operating modes including API support for Microsoft 365
Fabric-enabled email security
FortiMail is part of the Fortinet Security Fabric leveraging advanced capabilities from across the Security Fabric to enhance email security while sharing Indicators of Compromise (IoC) across your security infrastructure.
- Greater automation of operations workflows and response
- Sharing of insights and intelligence to bolster security beyond email
High performance validated by independent tests
Fortinet is the only vendor to consistently test, publish, and prove its efficacy with independent testing firms. We’ve achieved:
- 94% Total Detection Accuracy and AAA rating from SE Labs
- 99.84% Spam Capture Rate from Virus Bulletin
- 99.9% detection rate by ICSA Labs
Powered by threat intelligence from FortiGuard Labs
Telemetry gathered from 5.6+ million sensors deployed globally gives FortiGuard Labs exceptional visibility into real-world threats. FortiGuard experts analyze this information around the clock to deliver top threat intelligence that enables:
- 319,000 phishing attempts blocked per minute
- 595,000 malware programs neutralized per minute
- 790,000 malicious website accesses blocked per minute
- 30,000 spam events blocked per minute
"Excellent Value For Money, An Honest Product That Does What It Promises"
Chief Information Officer (CIO) in the Retail Industry
What's In Your Email?
If you have a problem with your employees clicking on malicious emails, you may also have a problem with how well your current security solution stops malicious emails in the first place. Get a free Email Risk Assessment. It’s easy and we provide you a detailed report outlining specific threats and risk email currently poses to your organization.
