Enterprise Security Without Compromise With Fortinet

Call back Form

Secure Email Gateway Solutions: FortiMail

FortiMail is a proven, best-in-class secure email gateway solution used tens of thousands of customers worldwide to protect well over a hundred million mailboxes. FortiMail has been independently validated for high catch-rates, leading accuracy and excellent overall security efficacy by testing firms including SE Labs, VB Labs, ICSA, and NSS, among others. For example, FortiMail was recently awarded a ‘AAA rating’, the top rating a vendor can receive, by SE Labs. (The full ‘Email Security Services Protection’ report is available for download.)

FortiMail is designed to address both inbound traffic, to detect and prevent inbound threats, as well as outbound traffic to enforce policies related to compliance or protecting valuable data assets. Most importantly, the solution works seamlessly with any existing email infrastructure investment, whether on-premise like Exchange or hosted in the cloud, like M365 or G-Suite. In addition, a wide range of deployment options and consumption models are available to address any customer requirement, including the FortiMail Cloud SaaS.

FortiMail can operate in-line as a traditional MTA requiring an MX record change, or out-of-band leveraging APIs to plug seamlessly into M365 environments. This API integration allows customers to perform real-time and internal scanning of email traffic, as well as post-delivery clawback if a message is identified to contain a threat or maps to a defined policy, such as a confidential document.

One of the advantages that separates FortiMail from other products is the backing of it by FortiGuard Labs, including the powerful visibility and real-time threat intelligence feeds provided through this integration. FortiGuard Labs has tremendous insights on global traffic patterns and the evolving threat landscape; each day, for example, FortiGuard Labs has visibility into more than 100 million unique emails. This allows FortiMail customers to benefit from the latest and greatest protection, since spam and virus outbreaks can be identified and stopped as quickly as possible.

FortiMail also distinguishes itself through its multi-layered approach to email security. For example, to identify and stop spam and phishing attacks, multiple techniques are employed in the solution to address this undesirable traffic. Additional capabilities are available to guard against business email compromise and spoofing, like a bad actor impersonating a C-level executive.

To address malware that can cripple an organization, FortiMail has rich features to detect malware including viruses and ransomware, as well as advanced techniques to address targeted attacks and risky files. To address weaponized attachments, FortiMail can block executables or use content disarm and reconstruction for active content. And since threats continue to quickly evolve, FortiMail can prevent zero-day and advanced threats—the unknown risks—using sandbox integration to perform the deepest levels of analysis.

Increasingly, an area of concern for customers is the treatment of uncategorized or potentially suspicious URLs embedded in emails. FortiMail offers the ClickProtect feature to revalidate a URL at the time the user actually tries to visit the URL or website, as the site may have gone from uncategorized initially to now a known phishing URL for example. To take this to the next level, FortiMail integrates with FortiIsolator to isolate this traffic using a container-based approach so users can visually interact with URL but not take the dangerous step of actually download the content and executing in their local browser.

For outbound email defense, FortiMail offers many capabilities including compliance-specific polices to help with HIPAA, SOX, GLBA and others, plus techniques to prevent data leaks related to sensitive data or IP assets. FortiMail also supports email archival or identity-based encryption so security can be extended outside of the organization.