Overview:
FortiMail Virtual Appliances deliver proven, powerful messaging security within virtual or cloud infrastructures for any size organization or service provider. Purpose-built for the most demanding messaging systems, the FortiMail-VM utilizes Fortinet's years of experience in protecting networks against spam, malware, and other message-borne threats.
FortiMail Virtual Appliance Features & Benefits:
- Advanced inspection capabilities eliminates message-based threats before they can affect your users
- No per-user licensing eliminates need to change license as your network grows
- Advanced messaging content archiving, quarantining, and routing capabilities help achieve regulatory compliance
- FortiGuard subscription services deliver dynamic updates to antispam and antivirus functionality through intelligence gathered by Fortinet's dedicated global threat research team
- Eliminates spam before it consumes your messaging system and network resources, reducing the need for additional expenditures to improve messaging performance
- Quick-start setup wizard and basic-mode GUI reduce the complexity of deployment and management
Proven Security
The FortiMail family of appliances is a proven, powerful messaging security platform for any size organization, from small businesses to carriers, service providers, and large enterprises. Purpose-built for the most demanding messaging systems, the FortiMail appliances utilize Fortinet’s years of experience in protecting networks against spam, malware, and other message-borne threats.
Intelligent Protection
FortiMail prevents your messaging systems from becoming threat delivery systems. Its inbound filtering engine blocks spam and malware before it can clog your network and affect users. Its outbound inspection technology prevents other antispam gateways from blacklisting your users by blocking outbound spam and malware, including mobile traffic. FortiMail dynamic and static user-blocking gives you granular control over all of your email policies and users.
Enforce secure content delivery with FortiMail Identity-Based Encryption (IBE), S/MIME, or TLS email encryption options. Prevent accidental and intentional loss of confidential data using FortiMail predefined or customized dictionaries.
High Performance and Unmatched Flexibility
FortiMail appliances provide high-performance email routing and security by utilizing multiple high-accuracy antispam filters. When coupled with industry leading real-time antivirus and antispyware protection from FortiGuard Services, FortiMail provides you with extremely fast and accurate messaging security that won't affect end users or delay their communications. Deploy messaging security in the mode that best suits your environment and users with FortiMail's unmatched flexibility.
Features & Benefits:
Deploy appliances or virtual appliances in Transparent, Gateway, or Server modes |
All email servers on the market deploy in Server mode, some offering a Gateway mode option. Fortinet is the only vendor to offer Transparent mode, enabling FortiMail to intercept emails without changing DNS MX records, or existing email server network configurations. |
Apply Identity-Based Encryption in both push and pull methods |
Ensures secure delivery of confidential or regulated content. Extremely easy to deploy – no additional hardware or software to install, no user provisioning, no pre-enrollment for recipient. |
Data Loss Prevention and Compliance |
Detect accidental or intentional loss of confidential or regulated data. Achieve PCIDSS or HIPAA compliance by blocking messages containing defined data patterns, or creating policies to enforce encryption of certain emails. |
Identify and Block Spamming Endpoints |
Prevent blacklisting of legitimate subscribers by identifying and blocking endpoints sending spam, including Smart phones. Ideal for Carriers and Service Providers. |
No per-user or per-mailbox pricing |
Complete, multi-layered antivirus, antispam, antispyware and anti-phishing protection for an unlimited number of users. Greatly reduces TCO. |
Specifications:
Virtual Appliances |
VM00 |
VM01 |
VM02 |
VM04 |
VM08 |
Hypervisors Supported |
VMware ESXi / ESX 4.1 / 5.0 / 5.1 / 5.5 |
Virtual Machine Form Factor |
Open Virtualization Format (OVF) |
Maximum Virtual CPUs Supported |
1 |
1 |
2 |
4 |
8 |
Virtual NICs Required (Min/Max) |
1/4 |
1/4 |
1/4 |
1/4 |
1/4 |
Virtual Machine Storage Required (Min/Max) |
50GB / 1TB |
50GB / 1TB |
50GB / 2TB |
50GB / 4TB |
50GB / 8TB |
Virtual Machine Memory Required (Min / Max) |
1GB / 2GB |
1GB / 2GB |
1GB / 4GB |
1GB / 8GB |
1GB / 16GB |
Email Routing |
3.6K |
34K |
67K |
306K |
675K |
FortiGuard Antispam |
3.1K |
30K |
54K |
279K |
630K |
FortiGuard Antispam / Antivirus |
2.7K |
26K |
52K |
225K |
585K |
Email Domains |
2 |
20 |
100 |
800 |
2,000 |
Recipient-Based Policies (Domain/System) |
15 / 30 |
60 / 300 |
600 / 3,000 |
1,500 / 7,500 |
1,500 / 7,500 |
Server Mode Mailboxes |
50 |
150 |
400 |
1,500 |
3,000 |
Profiles (Domain / System) |
10 / 15 |
50 / 60 |
50 / 200 |
50 / 600 |
50 / 600 |
Security Features:
FortiMail Security Services |
Transparent, Gateway and Server Mode Features
- Multiple Email Domain Support
- High Availability (HA) Support
- SMTP Mail Gateway for Existing Email Servers
- Integrated Policy-Based Email Routing and Queue Management
- Outbound Mail Relay for Improved Mail Security
- Granular Layered Detection Policies for Spam and Viruses Addresses, IP Addresses, or Domains
- Per User Antivirus and Antispam Scanning Using LDAP Attributes on a Per Policy (Domain) Basis
- LDAP-Based Email Routing
- Quarantined Message Access with WebMail and POP3
- Daily Quarantine Summaries
- Policy-Based Archiving of Inbound and Outbound Messages with Backup Support for Remote Storage
- Mail Queue Support for Failed, Deferred, and Undeliverable Email
- SMTP Authentication Support Through LDAP, RADIUS, POP3 or IMAP
- Per User Automatic White List
- SNMP Support Using Standard and Private MIB with
- Threshold Based Traps
- Maintains Local Sender Reputation List Based on:
- Number of Viruses Sent
- Amount of Spam Sent
- Number of Bad Recipients
- Dynamic DNS (DDNS)
- Greylist Database Persistence
- Security Hardened Operating System
- Multiple Language Support
- Regex Pattern Matching
- Sender Policy Framework (SPF)
- DomainKeys
- DomainKeys Identified Mail (DKIM)
- Fragmented Message Blocking
- Virtual Host Support Using Pool of IP Address for Source and/or Destination
Denial-Of-Service Protection
- Denial of Service (Mail Bombing)
- Recipient Address Attack
- Email Rate Limiting
- Reverse DNS Check (Anti-Spoofing)
- Forged Sender Address
|
Encryption
- Identity-based Encryption for Push/Pull Delivery of Encrypted Messages
- S/MIME Support for Gateway-to-Gateway Encryption
- Support for strong-crypto protocols including HTTPS, SMTPS, SSH, IMAPS and POP3S
High Availability (HA)
- Supported in all Modes
- Active-Passive Configuration
- Quarantine and Mail Queue Synchronization
- Stateful Failover
- Device Failure Detection and Notification
- Link Status Monitor
- Link Failover
Management, Logging, and Reporting
- QuickStart Setup Wizard
- Basic / Advanced Management Modes
- Real-time Statistics
- Tiered Administration Accounts
- Quarantine Search Capability
- Automated PDF report scheduling
- Configuration Change and Management Event Logging
- Antivirus Incident Logging
- Antispam Activity Logging
- External or Local Syslog Server Support
- External or Local Storage Server Support, Including iSCSI devices
- Expanded Central Reporting with FortiAnalyzer Support
- Critical Events and Virus Incident Alerting
- Comprehensive Reporting with Over 140 Reports In Seven Categories
- Scheduled Report Generation
- Dictionary-triggered Archiving
|
Antispam - Content Level Detection
- Inbound and Outbound Filtering
- Extensive Heuristic Spam Filters
- Dynamic Heuristic Rule Updates
- Attachment/Content Filtering
- Deep Email Header Inspection
- Bayesian Statistic Filtering
- Spam URI Real-Time Blocklists (SURBL)
- Banned Word Filtering
- Inbound and Outbound Filtering
- Spam Quarantining and Spam Tagging
- Spam Management (Accept, Relay, Reject or Discard) Based on Email SHASH Spam Checksum Block List
- Spam Image Analysis Scanning
- PDF Scanning / PDF Image Scanning
- FortiGuard Antispam Service
- Global and User Customized Black/White Lists
- 3rd Party Real-Time Black Listed (RBL) Support
- Forged IP Checking
- Greylist Checking
Antivirus / Antispyware Protection
- Virus Scan SMTP Messages
- Compressed Attachment and Nested Archive Support
- Quarantine Infected Files
- Replacement Message Notification
- Block by File Type
- Attachment Filtering
Server Mode Specific Features
- POP3, SMTP, and IMAP Email Services
- SMTP over SSL Support
- Disk Quota Policy Support for User Accounts
- Secure WebMail Client Access
- User, Group and Alias List Support
- Local Account and LDAP Authentication
- Bulk Folder Support for Spam Mail
- WebMail Calendar
- Email Forwarding Preference
- Address Book Synchronize with LDAP
|
Deployment Options:
Choose from three modes of deployment – Transparent, Gateway, or Sever mode – to meet your specific messaging security requirements, while minimizing infrastructure changes and service disruptions:
Gateway Mode: Provides inbound and outbound proxy mail transfer agent (MTA) services for existing email gateways. A simple DNS MX record change redirects email to FortiMail for antispam and antivirus scanning. The FortiMail device receives messages, scans for viruses and spam, then relays email to its destination email server for delivery.
Transparent Mode: Each network interface includes a proxy that receives and relays email. Each proxy can intercept SMTP sessions even though the destination IP address is not the FortiMail appliance. FortiMail scans for viruses and spam, then transmits email to the destination email server for delivery. This eliminates the need to change the DNS MX record, or to change the existing email server network configuration.
Server Mode: The FortiMail device acts as a stand-alone messaging server with full SMTP email server functionality, including flexible support for secure POP3, IMAP and WebMail access. FortiMail scans email for viruses and spam before delivery. As in Server mode, external MTAs connect to FortiMail, allowing it to function as a protected server.
Identity Based Encryption (IBE)
IBE allows FortiMail to deliver confidential and regulated email securely – without requiring additional hardware, software user provisioning, or extra license fees. Use IBE to eliminate paper-based communications and reduce costs.
- Policy-Based Encryption: Automatically
encrypt messages for compliance, based
on content or recipient.
- Push or Pull Mode: Use Push, Pull, or a combination of modes to meet your requirements.
- Easy to Deploy, Use, and Manage: Deploy IBE in any mode, including Transparent mode, without user provisioning or additional hardware or software.
Services & Support:
FortiGuard Security Subscription Services
FortiGuard Security Subscription Services deliver dynamic, automated updates for Fortinet products. The Fortinet Global Security Research Team creates these updates to ensure up-to-date protection against sophisticated threats. Subscriptions include antivirus, intrusion prevention, web filtering, antispam, vulnerability and compliance management, application control, and database security services.
FortiCare Support Services
FortiCare Support Services provide global support for all Fortinet products and services. FortiCare support enables your Fortinet products to perform optimally. Support plans start with 8x5 Enhanced Support with "return and replace" hardware replacement or 24x7 Comprehensive Support with advanced replacement. Options include Premium Support, Premium RMA, and Professional Services. All hardware products include a 1-year limited hardware warranty and 90-day limited software warranty.
Documentation:
Download the Fortinet FortiMail Datasheet (PDF).