Shift to Proactive Security
See how Fabric-enabled Email Security not only stops advanced email attacks, but also moves the entire organization to a more proactive security posture.
Watch NowEmail remains the most critical communications tool for business. Unfortunately, that also makes email the top threat vector, with the volume and sophistication of attacks ever-increasing. At the same time, customers are increasingly moving to cloud email providers, like Microsoft 365 and Google G-Suite, and are struggling to secure their email traffic. The built-in, native security tools available in these platforms are by themselves insufficient to guard against attacks, protect valuable data, and ensure compliance objectives are met.
SEGs provide the front line of defense for the organization's largest attack surface: email. Email is a mission-critical communications channel, and attacks using email are growing both in volume and sophistication. For example, Verizon’s Data Breach Investigations Report notes that more than 90% of malware is distributed via email. And it is common to see phishing emails masquerading as legitimate files or links to attempt to steal login credentials, which can lead to account takeovers or data breaches.
Users face a myriad of inbound e-mail-based threats, including spam, ransomware, business email compromise, advanced and zero-day exploits, plus outbound threats stemming from data leaks and compliance violations. SEGs are expected to provide a broad range of capabilities to protect and secure all inbound and outbound email traffic. This remains important even as organizations move from on-premise email servers to cloud providers, like Microsoft 365 (M365) or G-Suite, whose native security is insufficient on its own.
At the heart of any SEG is a message transfer agent (MTA), or API-based integration for email scanning and enforcement of policies. Scanning technologies are expected to provide a baseline of content analysis, anti-spam and anti-malware capabilities, marketing newsletter and graymail classifications, as well as personalized controls for end-user message management.
Advanced features available in many SEGs include capabilities for deeper analysis using sandboxing technology or content disarm, and reconstruction targeting file attachments. To address URL-based threats, some SEGs also offer URL rewrite and time-of-click analysis or complementary remote browser isolation technology. It is also common for SEGs to offer capabilities to address email spoofing and impersonation attempts.
To address threats facing outbound email or email-in-transit, SEGs commonly include features for data leak prevention (DLP), message archiving, and encryption. Especially for customers in highly-regulated industries, such as retail, financing or healthcare, some SEGs include pre-defined policies geared to address compliance requirements including HIPAA, PCI-DSS, and GDPR, among others. Lastly, users are increasingly selecting SEG vendors who not only offer on-premise physical and virtual appliance options but also have a cloud-ready version of their solution in the form of a Software-as-a-Service solution or flexible deployment into public clouds, such as AWS, Azure or GCP.
FortiMail is a proven, best-in-class secure email gateway solution used tens of thousands of customers worldwide to protect well over a hundred million mailboxes. FortiMail has been independently validated for high catch-rates, leading accuracy and excellent overall security efficacy by testing firms including SE Labs, VB Labs, ICSA, and NSS, among others. For example, FortiMail was recently awarded a ‘AAA rating’, the top rating a vendor can receive, by SE Labs. (The full ‘Email Security Services Protection’ report is available for download.)
FortiMail is designed to address both inbound traffic, to detect and prevent inbound threats, as well as outbound traffic to enforce policies related to compliance or protecting valuable data assets. Most importantly, the solution works seamlessly with any existing email infrastructure investment, whether on-premise like Exchange or hosted in the cloud, like M365 or G-Suite. In addition, a wide range of deployment options and consumption models are available to address any customer requirement, including the FortiMail Cloud SaaS.
FortiMail can operate in-line as a traditional MTA requiring an MX record change, or out-of-band leveraging APIs to plug seamlessly into M365 environments. This API integration allows customers to perform real-time and internal scanning of email traffic, as well as post-delivery clawback if a message is identified to contain a threat or maps to a defined policy, such as a confidential document.
One of the advantages that separates FortiMail from other products is the backing of it by FortiGuard Labs, including the powerful visibility and real-time threat intelligence feeds provided through this integration. FortiGuard Labs has tremendous insights on global traffic patterns and the evolving threat landscape; each day, for example, FortiGuard Labs has visibility into more than 100 million unique emails. This allows FortiMail customers to benefit from the latest and greatest protection, since spam and virus outbreaks can be identified and stopped as quickly as possible.
FortiMail also distinguishes itself through its multi-layered approach to email security. For example, to identify and stop spam and phishing attacks, multiple techniques are employed in the solution to address this undesirable traffic. Additional capabilities are available to guard against business email compromise and spoofing, like a bad actor impersonating a C-level executive.
To address malware that can cripple an organization, FortiMail has rich features to detect malware including viruses and ransomware, as well as advanced techniques to address targeted attacks and risky files. To address weaponized attachments, FortiMail can block executables or use content disarm and reconstruction for active content. And since threats continue to quickly evolve, FortiMail can prevent zero-day and advanced threats—the unknown risks—using sandbox integration to perform the deepest levels of analysis.
Increasingly, an area of concern for customers is the treatment of uncategorized or potentially suspicious URLs embedded in emails. FortiMail offers the ClickProtect feature to revalidate a URL at the time the user actually tries to visit the URL or website, as the site may have gone from uncategorized initially to now a known phishing URL for example. To take this to the next level, FortiMail integrates with FortiIsolator to isolate this traffic using a container-based approach so users can visually interact with URL but not take the dangerous step of actually download the content and executing in their local browser.
For outbound email defense, FortiMail offers many capabilities including compliance-specific polices to help with HIPAA, SOX, GLBA and others, plus techniques to prevent data leaks related to sensitive data or IP assets. FortiMail also supports email archival or identity-based encryption so security can be extended outside of the organization.
Since email is often part of a larger communications and collaboration toolbox organizations rely upon, Fortinet also offers complementary solutions including FortiCASB, the Fortinet Cloud Access Security Broker solution, that pair nicely with FortiMail. FortiCASB supports key SaaS apps including M365, G-Drive, Box, Dropbox and Salesforce using an API-based approach to provide critical visibility, data protection and threat prevention. This is particularly important for cloud storage and file sharing applications. (More information on FortiCASB can be found here.)
As the criticality of email communications meets the ever-growing threat landscape, many SEGs are not up for the task. This Fortinet blog post covers some of the things customers can expect when it comes to the threats facing email in the year ahead.
Unfortunately, customers are often saddled with solutions that deliver poor catch-rates, high false-positives or have waning vendor support that are unable to handle these threats. Unfortunately, customers are often saddled with solutions that deliver poor catch-rates, high false-positives or have waning vendor support that are unable to handle these threats. This is a common issue with a number of traditional email security vendors.
In other cases, as customers transition to cloud providers like M365 or G-Suite for their email, they are being forced to re-evaluate their email security decisions and network architecture. This is compounded further by recommendations from testing labs and industry analysts, like SE Labs and Gartner, recommending customers supplement the built-in, native email security offered in these platforms with best-of-breed options, like FortiMail, for the best protection.
Following a global shift to teleworking given the ongoing COVID-19 pandemic, more attention is also being placed on securing remote workers. This is driving customers to take a second look at their email security and related investments. This recent Fortinet blog post on top considerations for critical applications in the age of teleworking provides guidance.
One of the ways many customers get started in any email security project is by first doing an email security assessment. The Fortinet Cyber Threat Assessment Program is a free, no-obligation and low-impact program that works with a customer’s existing email network to determine the effectiveness of the existing solutions, as well as identifying areas for improvement. After the two-week assessment, Fortinet provides a final report that provides clear visibility on ‘missed’ emails and potential risk, as well as detailed recommendations for remediation. This report is something many Fortinet customers take to their executives to justify an email security investment or more formal evaluation. Click here to sign-up for your personal email security assessment and get started today.
See how Fabric-enabled Email Security not only stops advanced email attacks, but also moves the entire organization to a more proactive security posture.
Watch NowTop-rated Antispam and Antiphishing
Independently certified advanced threat defense
Integrated data protection
FortiMail can be deployed on premise as physical or virtual appliances as well as in the cloud; either public cloud infrastructure such as Microsoft Azure or Amazon Web Services, or hosted by Fortinet in our datacenters as a SaaS offering. This ensures that, large or small, FortiMail can fit seamlessly in to your exact on-premise or cloud environment.
Throughput- Email Routing (msg/hr) |
50K |
Throughput- AS + AV (msg/hr) |
40K |
Ports |
4 x RJ45 |
Recommended for |
Small businesses, branch offices, and organizations |
Throughput- Email Routing (msg/hr) |
250K |
Throughput- AS + AV (msg/hr) |
200KA |
Ports |
4 x RJ45 |
Recommended for |
Small to midsized organizations |
Throughput- Email Routing (msg/hr) |
800K |
Throughput- AS + AV (msg/hr) |
500K |
Ports |
4 x RJ45 2 x SFP |
Recommended for |
Mid to large enterprise, education and government departments |
Throughput- Email Routing (msg/hr) |
1.1M |
Throughput- AS + AV (msg/hr) |
900K |
Ports |
4 x RJ45 2 x SFP |
Recommended for |
Large organizations |
Throughput- Email Routing (msg/hr) |
1.8M |
Throughput- AS + AV (msg/hr) |
1.5M |
Ports |
4 x RJ45 2 x SFP |
Recommended for |
Very large organizations and service providers |
Throughput- Email Routing (msg/hr) |
1.8M |
Throughput- AS + AV (msg/hr) |
1.5M |
Ports |
4 x RJ45 2 x SFP |
Recommended for |
Very large organizations and service providers |
Throughput- Email Routing (msg/hr) |
34K |
Throughput- AS + AV (msg/hr) |
26K |
vCPU |
1 |
Recommended for |
Medium locations with <400 users |
Throughput- Email Routing (msg/hr) |
67K |
Throughput- AS + AV (msg/hr) |
52K |
vCPU |
2 |
Recommended for |
Medium locations with <1,000 users |
Throughput- Email Routing (msg/hr) |
306K |
Throughput- AS + AV (msg/hr) |
225K |
vCPU |
4 |
Recommended for |
Mid-to-Large locations with <3,000 users |
Throughput- Email Routing (msg/hr) |
675K |
Throughput- AS + AV (msg/hr) |
585K |
vCPU |
8 |
Recommended for |
Large organizations |
Throughput- Email Routing (msg/hr) |
875K |
Throughput- AS + AV (msg/hr) |
758K |
vCPU |
16 |
Recommended for |
Large organizations |
Throughput- Email Routing (msg/hr) |
1.2M |
Throughput- AS + AV (msg/hr) |
1.0M |
vCPU |
32 |
Recommended for |
Very large organizations |
There are many reasons to reconsider your current SEG solution including: a move to cloud email systems like Microsoft Office 365 or Google G-Suite, concern about advanced threats getting through current controls, consolidation of email security components − like antispam, DLP and email encryption − that were added over time and more.
One reason that organizations are increasingly selecting Fortinet FortiMail is its consistently top-rated effectiveness against traditional and advanced threats. The improved protection is readily apparent in 3rd party testing and customer PoCs. Another is success customers have had with our flagship FortiGate and its FortiGuard security services, the same services powering FortiMail. And a third is the positive experience that others in the industry have had and passed along.
To see what recent customers have to say about the most independently tested SEG in the industry, check out our reviews on Gartner Peer Insights. Here are just a handful of recent headline comments.
“Management Is Easy, Artificial Intelligence Analysis Is Good”
System Specialist, Gov't/PS/ED <5,000 Employees
“Management is easy, compared with other products. There are serious differences in analysis. Thanks to its artificial intelligence, it makes a more accurate analysis than its competitors.”
“Fantastic Support, Great Feature Set, Online Documentation Could Be Better”
IT Services Manager, Education, <5,000 Employees
“We were receiving high numbers of unwanted email through O365 and even after applying filtering rules was unable to quarantine or block SPAM and phishing attempts. Since the implementation of FortiMail we not only have much more visibility of organisation email, unwanted, high-risk emails are now being filtered.”
“Reliable and Functional, Good Price Range”
Deputy Head of Department, $50M - $250M Finance Company
“I first got acquainted with the solutions of this vendor last year as part of the project to implement the protection of mail gateways of my organization. Several solutions were considered, but the choice was made in favor of this vendor. The main factors are functionality, the highest compliance with the technical specifications, a high level of support during testing.”
Head of Information Security Department, $500M - $1B Manufacturing Company
“It's working good. Nearly 2000 e-mails blocked per day. A simple solution in management and configuration.”
“Strong Security, Easy Control and Operation”
Operations Engineer, $500M-1B Communications Company
“The FortiMail is a device that performs very good security controls, validates the integrity of the email, identity of the sender and the recipient, validates that the domains are authentic, performs scanning of the attachments in search of a malicious file, performs validations of the body of the mail and above all has very good features of number of emails which makes it a robust device. "
Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences, and do not represent the views of Gartner or its affiliates.
FortiGuard Antispam provides a comprehensive and multi-layered approach to detect and filter spam processed by organizations. Dual-pass detection technology can dramatically reduce spam volume at the perimeter, giving you unmatched control of email attacks and infections.
FortiGuard Antivirus protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content.
FortiGuard Virus Outbreak Protection Service (VOS) closes the gap between antivirus updates with FortiSandbox Cloud analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization. OS initiates a real-time look-up to our Global Threat Intelligence database.
Content Disarm & Reconstruction (CDR) strips all active content from files in real-time, creating a flat sanitized file. All active content is treated as suspect and removed. CDR processes all incoming files, deconstructs them, and removes all elements that do not match firewall policies.
FortiSandbox Cloud Service is an advanced threat detection solution that performs dynamic analysis to identify previously unknown malware. Actionable intelligence generated by FortiSandbox Cloud is fed back into preventive controls within your network—disarming the threat.
Base
Get top-rated protection from traditional and emerging threats with Antispam, Antivirus and Outbreak Protection services, along with the integrated data loss prevention, email encryption, and email archiving functions.
Advanced
For stronger protection against the most sophisticated and/or targeted attacks, the Enterprise Advanced Threat Protection Bundle includes all the services in the Base bundle, plus FortiSandbox, Content Disarm & Reconstruction, and Click Protect services, along with features like Impersonation Analysis.
This full working demo shows our all-in-one secure email gateway, which combines threat and data protection with high-performance mail handling. Have a look at the system configuration, management, and monitoring. Set security policies and profiles. See pre-defined dictionaries and other data detection methods. Manage quarantines and end-user settings. Walk through report creation and scheduling. As a bonus, note how it can be deployed in either gateway or server mailbox mode.
Email remains arguably the most common delivery vehicle for malware (92.4% of all malware according to the 2018 Verizon DBIR), social engineering attacks like business email compromise (30,787 incidents reported by the FBI in July 2018) and more. SE Labs tested email security services from Fortinet, Proofpoint, Microsoft and others. FortiMail earned their top AAA rating.
With data breaches continuing to make headlines, new product and solutions designed to detect and prevent the advanced attacks often at the root of these breaches have emerged. To help organizations assess the effectiveness of these new offerings, ICSA Labs, an independent division of Verizon (author or the annual Data Breach Investigations Report or DBIR), recently introduced a new independent, Advanced Threat Defense certification, and Email certification.
For almost ten years, VBSpam has been conducting continual independent comparisons of antispam solutions. Fortinet FortiMail has participated in dozens of VBSpam tests, so that organizations can see the level of effectiveness they can expect in real-world environments. FortiMail has routinely earned the highest VBSpam+ rating, with results similar to the test excerpt here.
NSS Labs introduced a new group test, BPS focused on detecting and blocking exploits, advanced malware, and evasions. This helps validate the advanced threat response cycle of prevent-detect-mitigate across a number of threat vectors including web, email, and endpoint. Fortinet's Security Fabric consisting of FortiSandbox, FortiGate, FortiMail, and FortiClient integrated together, earned a Recommended award by achieving a block rate of 99.6% and offering the lowest 3-year TCO.
FortiMail provides integration with many leading vendors as part of the Fortinet Security Fabric.
Below is a list of current Product Alliance Partners:
AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance
ATAR Labs builds next-generation SOAR platform ATAR. Together with Fortinet, SOC teams become more agile and respond to complex threats and defend their infrastructure. Automatic processes deployed and orchestrated from ATAR, and enforcement, and detection from Fortinet creates an integrated operation to achieve a secure environment.
D3 Security's award-winning SOAR platform seamlessly combines security orchestration, automation and response with enterprise-grade investigation/case management, trend reporting and analytics. With D3's adaptable playbooks and scalable architecture, security teams can automate SOC use-cases to reduce MTTR by over 95%, and manage the full lifecycle of any incident or investigation.
Devo, the cloud-native logging and security analytics company, enables security and operations teams to realize the full potential of all their data to empower bold, confident action when it matters most. The integration with Fortinet and the Devo Platform enables your security and operations teams to achieve superior visibility, data analytics, and cybersecurity capabilities from SIEM, to compliance, fraud detection, and more.
DFLabs IncMan SOAR leverages existing security products to dramatically reduce the response and remediation gap caused by limited resources and the increasing volume of incidents. Together with Fortinet, IncMan allows joint customers to respond to security incidents in a faster, more informed and efficient manner.
LinkShadow Cybersecurity Analytics Platform is a world-leading UEBA and Threat-Hunting Solution Provider. Together with Fortinet, LinkShadow can empower the Security team with cutting-edge Threat Anticipation with Proactive Incident Response, while simultaneously gaining rapid insight into the effectiveness of the existing security investments.
Microsoft is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more.
Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix enterprise cloud platform leverages web-scale engineering and consumer-grade design to natively converge compute, virtualization and storage into a resilient, software-defined solution that delivers any application at any scale.
PowerDMARC is an email authentication security platform that leverages protocols like DMARC, MTA-STS, and BIMI to help organizations combat domain spoofing, secure their email channel and enhance their brand’s reputation. Together with Fortinet, they aspire to make email the safest way to communicate.
Restorepoint’s solutions help organisations and service providers reduce cost, manage unforeseen risks, and to accelerate change management across their multi-vendor network infrastructures. Using our cost-effective products, customers can quickly automate Network Outage Protection, Compliance Auditing, and Privileged Access Management and to simplify Bulk Change Management.
Safetica Technologies delivers data protection solution for business. Safetica DLP (Data Loss Prevention) prevents companies from data breaches, teaches employees to care about sensitive data and makes data protection regulations easy to comply. Safetica integration with Fortinet technologies gives companies a powerful tool to secure all its´ data, no matter where it resides or flows.
Seclore offers the first, fully browser-based Data-Centric Security Platform, providing organizations the agility to utilize best-of-breed solutions to discover, identify, protect, and track the usage of data wherever it goes. 6000+ companies in 29 countries achieve their data security, governance, and compliance objectives with Seclore.
SentinelOne is shaping the future of endpoint security with an integrated platform that unifies the detection, prevention and remediation of threats initiated by nation states, terrorists, and organized crime. SentinelOne’s unique approach is based on deep inspection of all system processes combined with innovative machine learning to quickly isolate malicious behaviors, protecting devices against advanced, targeted threats in real time.