I'm new to FortiMail. I have used the Anti-Spam feature in the FortiGate firewalls. I presume that the mail scanning features in the FortiGate are limited compared to the FortiMail solution.
How does FortiMail compare to commercial email scanning solutions designed for enterprise use that are available via the cloud? If you were going to recommend an inbound/outbound mail filtering/scanning option what would you recommend and why?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Full disclosure, I am am a FTNT employee and PM for FortiMail. Lets tackle some of theses Q's in order:
Why FortiMail vs FortiGate
FortiGate implements FortiGuard AntiSpam techniques which are powerful, with a "good" catch rate / low false positive rate. Its limitations are that there are no dynamic outbreak detection methods supported, no quarantine, discard/tag are the only supported actions.
FortiMail
FortiMail supports multi layer spam protection including:
Outbreak Protection, Behavioral Analysis, SPF, DMARC & DKIM support, greylisting, Dynamic Heuristics, Full URI category scanning, FortiSandbox Integration (store and forward) and image analysis features that are not available on the FortiGate platform. It also supports full Mail Transfer Agent (MTA) features and can perform user-based antispam rules. In summary, if you want the highest possible accuracy and control in detecting spam then you want a FortiMail system.
This is bourne out by our top of the pack placings in independent VBSPAM (99.999% catch rate, 0% FP), ICSA testing and IDC reports.
We are happy to offer a trial for our cloud service, please reach out to your Fortinet account manager or reseller and we can get this set this up right away!
@emnoc wrote:
>FTNT has up its game with support specialist, but I found the FTNT partners seems to be way better >knowledgeable than FTNT 1st level support.
Fortinet NSE training is used to empower our partners so this is exactly how it should be and why we give trained highly trained/certified FTNT partners the ability to bypass 1st level support through the pin code scheme. However, in the last month we have taken feedback on board and reworked our support structure for Enhanced Tech products including FortiMail so that they are rerouted much sooner to the specialist team members in dedicated ET TACs. You should see a dramatic improvement for all ET products based on these changes.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
That's a loaded question.
1: let goes with the #1 leading issues :COST:. This seems to drive a lot of ORGs
The fortimail is affordable. It's not the leader of the pack, but it's not at the low-end of the scale either.
2: what would I use? & If budget was not a concern ? , the IronPort and then proofpoint and the reason why?
Theses seems to be the leaders & with regards to email security and then the reporting. I believe FTNT is a long way from both of these just from the pure reporting aspect. The support is very effective and quality in proofpt and ironport
The ironport solution with the M manager appliance, does allows for quick and effective email tracking and lookups. It's hard to challenge a cisco IronPort in this regards, and this was the best product-platform that CSCO has acquire imho in the last decade or so.
3: what you should realize all of the leaders and solutions are ALL accurate within 2-5% of each other, but the points you should really look at are the cost and support quality.
Microtrend and proofpoint support is way superior to FTNT , & based on my experience, but with that said FTNT has up its game with support specialist, but I found the FTNT partners seems to be way better knowledgeable than FTNT 1st level support.
Again based on my experience ( tw....... i've been using FML and IronPort for over 8+ years now or more .....so again based on my own experience and not just a simple statement )
4: FML compared to the FGT is hands down; " a no brainer ......FML! "
So bottom line define objects that you needs in the ESA solution 1st , and go do some homework.
cost
encryption
ease of operations
support
OPEX cost
etc.....
Don't go in blind , and request a POC from all vendors that you think you might want to look. Be advise to state your objectives equally between all vendors to have fair apple-2-apple comparisons.
Ken
PCNSE
NSE
StrongSwan
Thank you for that feedback. These are solutions that I was not aware of.
Are these both based on hardware solutions? What do you think of the cloud based spam filtering solutions?
Full disclosure, I am am a FTNT employee and PM for FortiMail. Lets tackle some of theses Q's in order:
Why FortiMail vs FortiGate
FortiGate implements FortiGuard AntiSpam techniques which are powerful, with a "good" catch rate / low false positive rate. Its limitations are that there are no dynamic outbreak detection methods supported, no quarantine, discard/tag are the only supported actions.
FortiMail
FortiMail supports multi layer spam protection including:
Outbreak Protection, Behavioral Analysis, SPF, DMARC & DKIM support, greylisting, Dynamic Heuristics, Full URI category scanning, FortiSandbox Integration (store and forward) and image analysis features that are not available on the FortiGate platform. It also supports full Mail Transfer Agent (MTA) features and can perform user-based antispam rules. In summary, if you want the highest possible accuracy and control in detecting spam then you want a FortiMail system.
This is bourne out by our top of the pack placings in independent VBSPAM (99.999% catch rate, 0% FP), ICSA testing and IDC reports.
We are happy to offer a trial for our cloud service, please reach out to your Fortinet account manager or reseller and we can get this set this up right away!
@emnoc wrote:
>FTNT has up its game with support specialist, but I found the FTNT partners seems to be way better >knowledgeable than FTNT 1st level support.
Fortinet NSE training is used to empower our partners so this is exactly how it should be and why we give trained highly trained/certified FTNT partners the ability to bypass 1st level support through the pin code scheme. However, in the last month we have taken feedback on board and reworked our support structure for Enhanced Tech products including FortiMail so that they are rerouted much sooner to the specialist team members in dedicated ET TACs. You should see a dramatic improvement for all ET products based on these changes.
Dr. Carl Windsor Field Chief Technology Officer Fortinet
Carl,
Thanks for the very helpful information. This is what I was looking for.
Can you contrast the FortiMail to the leading cloud hosted mail filtering solutions? One advantage of a cloud hosted solution might be the reduction in bandwidth loss from the receipt of spam. I resume that the FortiMail receives all email, valid as well as spam, then does its work. If the spam were eliminated before the email reached the business internet connection (FortiMail) that internet connection might be more effectively utilized.
Thanks for the feedback. I'm glad that you have found success with the FortiMail.
One remark regarding bandwidth consumption of an appliance vs. a cloud service. If you receive a lot of spam mails and the FML is configured to catch most of it, bw consumption mainly depends on when the spam verdict is determined and the action chosen.
On a very 'spammy' domain I see a catch/reject rate of the FortiGuard IP filter (blacklist) of 99%. Only for 1% of all incoming emails the FML needs to test further, via receiver verification, content filter and so on. Of course YMMV. The more spam you receive, and the earlier the FML can detect spam, the more bandwidth is preserved. OTOH, if your email stream does not contain any spam, you will not save any bandwidth at all.
The tricky part is to enable the most effective methods the earliest on in the detection.
One more point why I am prefering an onsite appliance: you get a whole set of tools to filter otherwise legitimate mail, with the goal to protect the company from security risks or to preserve the employees' time. I am not sure all cloud providers offer content inspection, sandboxing, content filtering by category to achieve this.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1088 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.