Skip to main content
SecurityPlus
SecurityPlus
Explorer III
October 26, 2017
Solved

New To FortiMail - Solution Options

  • October 26, 2017
  • 1 reply
  • 10300 views

I'm new to FortiMail. I have used the Anti-Spam feature in the FortiGate firewalls. I presume that the mail scanning features in the FortiGate are limited compared to the FortiMail solution.

 

How does FortiMail compare to commercial email scanning solutions designed for enterprise use that are available via the cloud? If you were going to recommend an inbound/outbound mail filtering/scanning option what would you recommend and why?

    Best answer by Carl_Windsor_FTNT

    Full disclosure, I am am a FTNT employee and PM for FortiMail.  Lets tackle some of theses Q's in order:

     

    Why FortiMail vs FortiGate

    FortiGate implements FortiGuard AntiSpam techniques which are powerful, with a "good" catch rate / low false positive rate.   Its limitations are that there are no dynamic outbreak detection methods supported, no quarantine, discard/tag are the only supported actions.

     

    FortiMail

    FortiMail supports multi layer spam protection including:

    Outbreak Protection, Behavioral Analysis, SPF, DMARC & DKIM support, greylisting, Dynamic Heuristics, Full URI category scanning, FortiSandbox Integration (store and forward) and image analysis features that are not available on the FortiGate platform.  It also supports full Mail Transfer Agent (MTA) features and can perform user-based antispam rules. In summary, if you want the highest possible accuracy and control in detecting spam then you want a FortiMail system. 

     

    This is bourne out by our top of the pack placings in independent VBSPAM (99.999% catch rate, 0% FP), ICSA testing and IDC reports.

     

    We are happy to offer a trial for our cloud service, please reach out to your Fortinet account manager or reseller and we can get this set this up right away!

     

    @emnoc wrote:

    >FTNT has up its game with support specialist,  but I found the FTNT partners seems to be  way better >knowledgeable than FTNT 1st level support.

     

    Fortinet NSE training is used to empower our partners so this is exactly how it should be and why we give trained highly trained/certified FTNT partners the ability to bypass 1st level support through the pin code scheme.  However, in the last month we have taken feedback on board and reworked our support structure for Enhanced Tech products including FortiMail so that they are rerouted much sooner to the specialist team members in dedicated ET TACs.  You should see a dramatic improvement for all ET products based on these changes.

     

     

    1 reply

    emnoc
    emnoc
    New Member
    October 27, 2017

    That's a loaded question.

     

    1: let goes with the  #1 leading issues :COST:. This seems to drive a lot of ORGs

     

    The fortimail is affordable. It's not the leader of the pack, but it's not at the low-end of the scale either.

     

    2: what would I use? &  If budget was not a concern ?  , the  IronPort and then proofpoint and the reason why? 

     

    Theses seems to be the  leaders  & with regards to email security and then the reporting. I believe  FTNT is  a long way from both of these just from the  pure reporting aspect. The support is very effective and quality in proofpt and ironport

     

     

    The ironport solution with the  M manager appliance, does  allows for quick and effective  email  tracking and lookups. It's hard to challenge a cisco IronPort in this regards,  and this was the best product-platform that  CSCO has acquire imho in  the last decade or so.

     

    3: what you should realize all of the leaders and solutions are ALL  accurate within  2-5% of each other, but the points you should really  look at are the  cost and support quality.

     

    Microtrend and proofpoint support is  way superior to FTNT , & based on my  experience, but with that said FTNT has up its game with support specialist,  but I found the FTNT partners seems to be  way better knowledgeable than FTNT 1st level support.

     

    Again based on my experience ( tw....... i've been using  FML and IronPort for over  8+  years now or more  .....so again based on my  own experience  and not just  a simple statement )

     

    4: FML compared to the FGT is hands down; "   a no brainer ......FML! "

     

    So bottom line define objects that you needs in the  ESA solution 1st , and go do some  homework.

     

          cost

          encryption

          ease of operations

          support

          OPEX cost

          etc.....

     

    Don't go in  blind ,  and request a POC from  all vendors that you think you might want to look. Be advise to state your objectives equally between all vendors  to have fair apple-2-apple comparisons.

     

    Ken

     

     

    SecurityPlus
    SecurityPlusAuthor
    Explorer III
    October 27, 2017

    Thank you for that feedback. These are solutions that I was not aware of.

     

    Are these both based on hardware solutions? What do you think of the cloud based spam filtering solutions?

    Carl_Windsor_FTNT
    Staff
    Carl_Windsor_FTNTAnswer
    Staff
    October 27, 2017

    Full disclosure, I am am a FTNT employee and PM for FortiMail.  Lets tackle some of theses Q's in order:

     

    Why FortiMail vs FortiGate

    FortiGate implements FortiGuard AntiSpam techniques which are powerful, with a "good" catch rate / low false positive rate.   Its limitations are that there are no dynamic outbreak detection methods supported, no quarantine, discard/tag are the only supported actions.

     

    FortiMail

    FortiMail supports multi layer spam protection including:

    Outbreak Protection, Behavioral Analysis, SPF, DMARC & DKIM support, greylisting, Dynamic Heuristics, Full URI category scanning, FortiSandbox Integration (store and forward) and image analysis features that are not available on the FortiGate platform.  It also supports full Mail Transfer Agent (MTA) features and can perform user-based antispam rules. In summary, if you want the highest possible accuracy and control in detecting spam then you want a FortiMail system. 

     

    This is bourne out by our top of the pack placings in independent VBSPAM (99.999% catch rate, 0% FP), ICSA testing and IDC reports.

     

    We are happy to offer a trial for our cloud service, please reach out to your Fortinet account manager or reseller and we can get this set this up right away!

     

    @emnoc wrote:

    >FTNT has up its game with support specialist,  but I found the FTNT partners seems to be  way better >knowledgeable than FTNT 1st level support.

     

    Fortinet NSE training is used to empower our partners so this is exactly how it should be and why we give trained highly trained/certified FTNT partners the ability to bypass 1st level support through the pin code scheme.  However, in the last month we have taken feedback on board and reworked our support structure for Enhanced Tech products including FortiMail so that they are rerouted much sooner to the specialist team members in dedicated ET TACs.  You should see a dramatic improvement for all ET products based on these changes.

     

     

    Terms & ConditionsAccessibility statement