•••••••••••••••

•••••••••••••••
FortiMail Specialized Email
Security Solutions
Datasheet

Flexible Email Security System to Defend Against Spam and Malicious Content
Email is a Mission Critical Business Application
In today’s networks, email is one of the most predominant business communication methods. Unfortunately, email has also become one of the most
common vehicles for proliferating blended threats comprised of viruses, worms, spyware and spam. These blended attacks can negatively impact
business productivity, cause business downtime and lead to identity theft. In response, companies have leveraged point product security technologies,
such as antispam, to patch against single threaded attacks. In addition, legislation has been introduced to ensure that companies comply with security
best practices for email archiving that enable forensic and legal audits. Email is a mission critical application for all businesses that must be secured.

Complete Email Security in One Appliance

FortiMail™ is a specialized email security system that provides multi-layered protection against blended threats comprised of spam, viruses, worms
and spyware. The FortiMail system relies on a customized operating system that cleans emails through corresponding FortiMail antispam, antivirus
and antispyware engines. To ensure up to date email protection, FortiMail relies on Fortinet FortiGuard™ antivirus, antispyware and antispam security
subscription services that are powered by a worldwide 24x7 Global Threat Research Team. FortiMail provides unparalleled deployment flexibility and
powerful bi-directional email routing, Quality of Service (QoS), virtualization and archiving capabilities with a lower total cost of ownership.

•••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••

Key Solution Features and Benefits

FortiMail-100

Complete Multi-Layered Complete solution providing industry leading security features including
Security antispam, antivirus and antispyware with signatures continually updated via
FortiGuard service.
FortiMail-400

Highest Levels of Performance Specialized Mail Transfer Agent (MTA) engine manages peak capacity while
and Reliability applying intelligent routing and QoS policies. High-availability configurations
are available to ensure maximum up-time.

Deployment Flexibility Only email security solutions that can be deployed in transparent, gateway FortiMail-2000A
or server modes.

Cost-Effective to Own and Integrated antispam, antivirus and antispyware protection without per user
Operate or mail box pricing restrictions.

FortiMail-4000A
•••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••

INBOUND ACTIONS
Multi-Layered Email Security
Securing email requires multi-layered protection
against inbound and outbound risks that proliferate SMTP
spam, viruses and spyware to email infrastructure
Block Block Block Block Apply Policy Archive
and users. At the same time, email content policies DDoS DoS DHA Spam and Viruses, Spyware to Company “Good” Email
must be enforced and good email must be archived Attacks Attacks Phishing and Malware Email Content Content
for compliance purposes. Unique to inbound risks,
are DHA (Directory Harvest Attacks) and DOS OUTBOUND ACTIONS
(Denial of Service) attacks, which must be part of a
multi-layered email security strategy. For outbound SMTP
risks an email security solution must ensure that
Protect Block Block Apply Policy Archive
infected zombie PC’s that relay spam do not lead to Spam and
Block
Network from Viruses, Spyware to Company “Good” Email Spam Zombies
a legitimate enterprise network becoming added to RBL Phishing and Malware Email Content Content and Bots
a Real-Time Black List (RBL).
Email Security Patches are Ineffective

To defend against blended threats, organizations have deployed a costly point product array of antivirus, antispyware and antispam technologies at the
network perimeter. For most organizations this approach has proven to be prohibitive both from a capital and operational cost perspective. Furthermore,
requirements for email archiving and routing further compound the proliferation of email point product technologies. Deploying an excessive amount of
email security and routing infrastructure is an ineffective method to protect against blended threats and to comply with email archiving guidelines.

BEFORE FortiMail
BEFORE FortiMail AFTER FortiMail
AFTER FortiMail
ARRAY OF FLEXIBLE
COSTLY POINT PRODUCT MULTI-LAYERED
EMAIL TECHNOLOGIES SECURE EMAIL SOLUTION

FIREWALL FIREWALL

ANTISPAM

ANTISPAM
ANTIVIRUS
ANTIVIRUS

POLICY MGMT POLICY MGMT

MAIL
MAIL ROUTING (MTA) EMAIL
ROUTING (MTA) ARCHIVING

EMAIL
ARCHIVING

MAIL SERVERS MAIL SERVERS

USERS USERS

FortiMail Email Security System

FortiMail is the world’s most flexible turn-key email security system that can be deployed to protect and complement existing email infrastructure.
FortiMail provides ICSA Labs certified protection against blended spam, virus and spyware threats. In addition, FortiMail’s rich routing and
archiving capabilities ensure that organizations can comply with best practice email archiving guidelines. FortiMail empowers organizations
with a flexible system that cost effectively secures email communication.
••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••

FortiMail Series

Feature FortiMail-100 FortiMail-400 FortiMail-2000A FortiMail-4000A

Security Hardened Platform.............................. Yes...................................... Yes.........................................Yes............................................. Yes.............................................

10/100 Ethernet................................................ 4......................................... 4............................................0................................................ 0.................................................
10/100/1000 Ethernet....................................... 0......................................... 2............................................4................................................ 2.................................................
Total Hard Drive Capacity…………................. 250 GB................................ 500 GB...................................1.5 TB........................................ 3.0 TB.........................................
RAID Storage Management……….................. n/a...................................... Yes (0, 1)................................Yes (0, 1, 5, 10, 50)…................ Yes (0, 1, 5, 10, 50).....................
LCD Display………………………….............. n/a...................................... Yes.........................................Yes............................................. n/a..............................................
Redundant Hot Swappable Power Supplies...... n/a...................................... n/a.........................................Yes............................................. Yes.............................................
Email Domains.................................................. 50....................................... 500........................................3,000......................................... 3,000..........................................
Recipient-Based Policies (Per Domain)
For Incoming Mail........................................ 20....................................... 40..........................................100............................................ 100.............................................
Recipient-Based Policies
For Outgoing Mail........................................ 50....................................... 500........................................1500.......................................... 1500...........................................
Server Mode Mailboxes.................................... 200..................................... 1000......................................3000.......................................... 3000...........................................
Antispam Profiles.............................................. 60....................................... 175........................................550............................................ 550.............................................
Antivirus Profiles............................................... 60....................................... 175........................................550............................................ 550.............................................
Authentication Profiles...................................... 60....................................... 175........................................550............................................ 550.............................................
Content Profiles................................................ 60....................................... 175........................................550............................................ 550.............................................
Email Aliases.................................................... 256..................................... 256........................................256............................................ 256.............................................
Tiered Administration Domains......................... 5......................................... 25..........................................50.............................................. 50...............................................

Performance (messages / hour) *..................... (RAID 0 Mode).................... (RAID 1 Mode)........................(RAID 10 Mode).......................... (RAID 10 Mode)..........................
- Email Routing . ....................................... 64,800................................ 187,200.................................331,200..................................... 345,600......................................
- FortiGuard Antispam .............................. 57,600................................ 162,000.................................288,000..................................... 302,400......................................
- FortiGuard Antispam + Antivirus............. 54,000................................ 154,800.................................280,800..................................... 295,200......................................

Dimensions (H, W, L)......................................... 2 x 13.5 x 6.75 in................ 1.75 x 16.8 x 10 in.................3.5 x 17 x 27 in.......................... 3.5 x 19 x 27 in..........................
. .............................................................. (5 x 33.7 x 17.5 cm)............ (4.5 x 42.7 x 25.4 cm)............(8.9 x 43.2 x 68.6 cm)................ (8.9 x 48.3 x 68.6 cm)................

Weight............................................................... 4.4 lbs (2 kg)...................... 7.3 lbs (3.3 kg)......................55 lbs (25 kg)............................. 68 lbs (30.8 kg)..........................
Rack Mountable................................................ n/a...................................... Yes . ......................................Yes............................................. Yes.............................................
Input Voltage..................................................... 100-240VAC........................ 100-240VAC...........................100-240VAC............................... 100-240VAC...............................
Input Current..................................................... 0.8A.................................... 4A..........................................9A.............................................. 9A...............................................

Operating Temperature................................................................................ 32 to 104 deg F (0 to 40 deg C)..................................................................................................

Storage Temperature................................................................................... -13 to 158 deg F (-25 to 70 deg C).............................................................................................
Humidity...................................................................................................... 5 to 95% non-condensing..........................................................................................................
Regulatory................................................................................................... FCC Class A Part 15 / CE Mark....................................................................................................

* True throughput without queuing based on 3 KB message size

FortiMail Features
FortiMail devices support the following secure email features:

FortiMail Multi-Layered The comprehensive functionality and high performance of FortiMail enables
Security complete antispam, antivirus and antispyware protection.

Standards-Based FortiMail utilizes a standards-based Mail Transfer Agent (MTA) Transparent (Bridge) Mode
Messaging Engine optimized to provide the highest levels of performance.
Seamless installation in front of existing email servers with
No Per User/Per Unlike email security point products technologies that charge on a per user no IP address changes or changes to the existing mail serv-
Mailbox Pricing or mail box basis, the FortiMail system provides complete multi-layered er network configuration.
antivirus, antispam and antispyware security protection for an unlimited
number of users or mailboxes.
Gateway (Relay) Mode
Deployment Flexibility Support for Transparent, Gateway or Server operating modes allows Provides inbound and outbound proxy MTA services for ex-
FortiMail to seamlessly integrate into existing networks. isting email gateways. Simple DNS MX record change redi-
rects email to FortiMail for spam and antivirus scanning.
High Reliability High-end FortiMail systems support hot swappable power supplies and
& Serviceability flexible RAID storage configurations that provide very high
reliability and ease of serviceability. Server Mode
FortiMail functions as a full featured SMTP mail server with
Email Archiving Local and remote storage, enables visibility and auditing capabilities into flexible support for secure POP3, IMAP and WebMail access.
every aspect of email usage to help enforce use policies.

Logging and Reporting FortiMail provides system-wide antivirus / antispam event logging,
comprehensive reporting and scheduled report generation.
FortiMail Series

Feature FortiMail-100 FortiMail-400 FortiMail-2000A FortiMail-4000A

FortiMail series platforms provide the following features:

TRANSPARENT, GATEWAY AND SERVER MODE FEATURES SERVER MODE SPECIFIC FEATURES ANTISPAM - CONTENT LEVEL DETECTION
Multiple Email Domain Support The Following Features are Supported in Server Inbound and Outbound Email Filtering
High Availability (HA) Support Mode ONLY: POP3, SMTP, and IMAP Email Services Extensive Heuristic Spam Filters
SMTP Mail Gateway for Existing Email Servers SMTP over SSL Support Dynamic Heuristic Rule Updates
Integrated Policy-Based Email Routing and Queue Disk Quota Policy Support for User Accounts Attachment/Content Filtering
Management Secure WebMail Client Access Deep Email Header Inspection
Outbound Mail Relay for Improved Mail Security User, Group and Alias List Support Bayesian Statistic Filtering
Granular Layered Detection Policies for Spam And Local Account and LDAP Authentication Spam URI Real-Time Blocklists (SURBL)
Viruses Bulk Folder Support for Spam Mail Banned Word Filtering
Addresses, IP Addresses, or Domains Inbound and Outbound Email Filtering
Per User Antivirus and Antispam Scanning Using LDAP HIGH AVAILABILITY (HA) Spam Quarantining and Spam Tagging
Attributes on a Per Policy (Domain) Basis Supported for Gateway, Transparent, and Spam Management (Accept, Relay, Reject or Discard)
LDAP-Based Email Routing Server Modes Based on Email SHASH Spam Checksum Blocklist
Quarantined Email Access with WebMail and POP3 Active-Passive Configuration
Spam Image Analysis Scanning
Mail Data Synchronization
Daily Quarantine Summaries PDF Scanning / PDF Image Scanning
Stateful Failover
Policy-Based Email Archiving of Inbound and Outbound FortiGuard Antispam Service
Device Failure Detection and Notification
Messages with Backup Support for Remote Storage Global and User Customized Black/White Lists
Link Status Monitor
Mail Queue Support for Failed, Deferred, and 3rd Party Real-Time Black Listed (RBL) Support
Link Failover
Undeliverable Email Forged IP Checking
SMTP Authentication Support Through LDAP, RADIUS, POP3 ANTIVIRUS / ANTISPYWARE PROTECTION Greylist Checking
or IMAP Virus Scan SMTP Messages
Per User Automatic White List Compressed Attachment and Nested Archive Support Management, Logging and Reporting
SNMP Support Using Standard Mibs And Private MIB Quarantine Infected Files Quick-Start Setup Wizard
with Threshold Based Traps Replacement Message Notification Basic / Advanced Management Modes
Maintains a Local Sender Reputation List Based on: Block by File Type Real-time Email Statistics
- Number of Viruses Sent Attachment Filtering Tiered Administration Accounts
- Amount of Spam Sent Quarantine Search Capability
- Number of Bad Recipients DENIAL-OF-SERVICE PROTECTION Automated PDF report scheduling
Dynamic DNS (DDNS) Denial of Service (Mail Bombing) Configuration Change and Management Event Logging
Greylist Database Persistence Recipient Address Attack Antivirus Incident Logging
Security Hardened Operating System Email Rate Limiting Antispam Activity Logging
Multiple Language Support Reverse DNS Check (Anti-Spoofing) External or Local Syslog Server Support
Regex Pattern Matching Forged Sender Address Expanded Central Reporting with FortiReporter Support
Sender Policy Framework (SPF) Critical Events And Virus Incident Alerting
DomainKeys Comprehensive Reporting with Over 140 Reports In Seven
DomainKeys Identified Mail (DKIM) Categories
Scheduled Report Generation
•••••••••••••••••••

FortiGuard Subscription Services FortiCare Support Services

Includes: Includes:
• Automatic updates from over 50 redundant high speed database servers around the globe. • 24 X 7 X 365 Web-based Support
• Complete Wildlist virus protection for over 4,500 active viruses from FortiGuard’s active database of • 8 x 5 Telephone-based Technical Support*
over 60,000 viruses. • 1-Year Limited Hardware Warranty
• Complete Zoo list virus protection for over 300,000 known attacks. • 9 0-Day Limited Software Warranty
• Real-time spam database service for both connection level and content level protection.
* 24 X 7 Telephone Technical Support available

To learn more about the FortiMail family, visit http://fortinet.com/products/fortimail.html

Global Headquarters EMEA Sales Office-France APAC Sales Office-singapore

Fortinet Incorporated Fortinet Incorporated Fortinet Incorporated
1090 Kifer Road, Sunnyvale, CA 94086 USA 120 Rue Albert Caquot 3 Temasek Avenue
Tel +1-408-235-7700 Fax +1-408-235-7737 06560 Sophia Antipolis, France Level 21 Centennial Tower, Singapore 039190
www.fortinet.com/sales Tel +33-4-8987-0510 Tel: +65-6549-7050
Fax +33-4-8987-0501 Fax: +65-6549-7259

©Copyright 2007 Fortinet, Inc. All rights reserved. Fortinet, FortiGate, FortiOS, FortiAnalyzer, FortiGuard, FortiCare, FortiASIC, FortiManager, FortiWiFi, FortiClient, FortiLog and FortiReporter are trademarks or registered trademarks
of the Fortinet Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Licensed under U.S. Patent No. 5,623,600.
Although Fortinet has attempted to provide accurate information in these materials, Fortinet assumes no legal responsibility for the accuracy or completeness of the information. Please note that no Fortinet statements herein
constitute or contain any guarantee, warranty or legally binding representation. All materials contained in this publication are subject to change without notice, and Fortinet reserves the right to change, modify, transfer, or
otherwise revise this publication without notice. DAT130-0348-R11