FortiMail 01 Overview V4
FortiMail 01 Overview V4
FortiMail 01 Overview V4
Overview
Course Objectives
Upon completion of this course you will be able to:
Configure, manage and maintain a FortiMail appliance
Implement various FortiMail unit security features
Use FortiMail unit logging to monitor system operation and troubleshoot issues
Configure available FortiMail operation modes and select a suitable deployment
for your network
Design and configure fully featured email security solutions
06-50000-0221-20130726
Overview
Prerequisites
Sound knowledge of email protocols and email routing principles
Working knowledge of emailing systems
Housekeeping
Washrooms
Fire exits
Telephones
Smoking
Cell phones
Safety
Schedule
Start/Stop
Breaks
Lunch
Facilities access
Food and beverage
restrictions
06-50000-0221-20130726
Overview
Introductions
Tell us a little about yourself:
Your name
Network and mail security experience
Fortinet product experience
Your expectations for this course
Agenda
FortiMail Overview
System Configuration
Email Setup
Access Control and Inspection
Antispam
Session Monitoring
Content Inspection and Archiving
Securing Communications
LDAP
Troubleshooting and Maintenance
Transparent Mode
High Availability
Server Mode
6
06-50000-0221-20130726
Overview
FortiMail Overview
Module 1
Module Objectives
By the end of this module, you will be able to:
Identify the key features of a FortiMail appliance
Describe the various FortiMail unit operation modes and determine which modes
best suit their own deployment needs
Recall basic email terminology, message flow, as well as the protocols and
processes for sending and receiving email
06-50000-0221-20130726
Overview
FortiMail
Industry-leading multi-layered messaging security platform for
organizations of all sizes
Advanced bi-directional filtering (incoming and outgoing)
Flexible deployment mode
Up to date email protection guaranteed by Fortinet FortiGuard
Key Benefits
Out of the box identity based encryption (IBE) for secure delivery
DLP module to detect accidental or intentional loss of confidential or
regulated data
Endpoint traffic analysis to block spamming endpoints
No per-user or per-mailbox pricing
Only messaging security solution on the market to support transparent
mode inspection
10
06-50000-0221-20130726
Overview
11
Internal email
server
Remote email
users
FortiGate UTM
gateway or other
firewall
12
06-50000-0221-20130726
Overview
Transparent Mode
Email traffic is intercepted even though the destination IP is not the
FortiMail unit
Email traffic is inspected and then transmitted to the destination email
server for delivery
No need to change the DNS MX record
Port1 and Port2 bridged
Local email users
External email
server
Internal email
server
Remote email
users
Server Mode
Full-featured SMTP mail server with mail security functionalities
Email traffic is received, inspected, and then delivered to user
mailboxes
Local email users
14
06-50000-0221-20130726
Overview
Supported Platforms
Appliance based
FortiMail-100C
FortiMail-200D
FortiMail-400B, 400C
FortiMail-2000A, 2000B
FortiMail-3000C, 3000D
FortiMail-4000A
FortiMail-5001A
FortiMail-5002B
Virtual Appliances
FortiMail-VM
Note: 1000c model coming soon. Refer to www.fortinet.com for up to date releases
15
FortiMail 100C
10/100 Interfaces
10/100/1000
Storage
1 TB
N/A
Email Domains
50
200
Profiles (Domain/System)
50/60
Email Routing
( 3KB Message / Hr)
90,000
16
06-50000-0221-20130726
Overview
FortiMail-200D
10/100/1000 Ports
Storage
1 TB
N/A
Email Domains
50
Recipient-Based Policies
(Domain/System)
60/300
200
Profiles (Domain/System)
50/60
Email Routing
( 3KB Message / Hr)
200,000
17
FortiMail-400C
10/100/1000 RJ45
Storage
2 X 1TB (Max
2TB)
Software
0,1
Email Domains
500
Recipient-Based Policies
(Domain/System)
600/3000
1000
Profiles (Domain/System)
50/200
Email Routing
(3 KB Message / Hr)
400,000
18
06-50000-0221-20130726
Overview
FortiMail-2000B
10/100/1000 Ports
Storage
2TB (Max
6TB)
Hardware
1, 5, 10, 50
Email Domains
5000
Recipient-Based Policies
(Domain/System)
1500/7500
3000
Profiles
(Domain/System)
50/600
Email Routing
(3 KB Message / Hr)
1.5 Million
19
FortiMail-3000C
Gigabit Fiber SFP Ports
10/100/1000 Ports
Storage
2TB (Max
6TB)
Hardware
1, 5, 10, 50
Email Domains
5000
Recipient-Based Policies
(Domain/System)
1500/7500
3000
Profiles
(Domain/System)
50/600
Email Routing
(3 KB Message / Hr)
2.0 Million
20
06-50000-0221-20130726
10
Overview
FortiMail-3000D
Gigabit Fiber SFP interface
Storage
2TB X2 (Max
4TB)
Hardware
1, 5, 10, 50
Email Domains
5000
Recipient-Based Policies
(Domain/System)
1500/7500
3000
Profiles
(Domain/System)
50/600
Email Routing
(3 KB Message / Hr)
2.0 Million
21
FortiMail 5002B
10/100/1000 Interfaces
Storage
1 X 146GB
HDD
N/A
Email Domains
10000
Recipient-Base Policies
(Domain/System)
1500/7500
3000
Profiles
(Domain/System)
50/600
Email Routing
(3 KB Message / Hr)
2.3 Million
22
06-50000-0221-20130726
11
Overview
FortiMail Virtual
Appliances
VM01
Hypervisor
supported versions
VM02
VM04
VM08
VMWare ESXi/ESX/4.0/4.1/5.0
Maximum vCPUs
Maximum vNICs
Virtual Machine
Storage (Min/Max)
50GB/2TB
Virtual Machine
Memory (Min/Max)
1GB/2GB
1GB/12GB
1GB/4GB
1GB/6GB
23
24
06-50000-0221-20130726
12
Overview
25
Recipient: B@example3.com
Sending Process:
1. DNS look-up for MX record (performed
by MTA not the client)
Equivalent to performing
nslookup type=MX example3.com
MUA
(mail client)
MTA
(mail server)
26
06-50000-0221-20130726
13
Overview
28
06-50000-0221-20130726
14
Overview
4
1
2
6
;; ANSWER SECTION:
example3.com
3600
example3.com
3600
IN
IN
MX
MX
50 relay.example2.net
100 mail.example3.com
;; ANSWER SECTION:
example3.com
3600
example3.com
3600
IN
IN
MX
MX
50 mail.example3.com
100 relay.example2.net
29
06-50000-0221-20130726
15