Вы находитесь на странице: 1из 36

FortiMail

. .

Fortinet Confidential

Agenda

Fortinet Confidential

FortiMail -
, , , , ,
Fortinet Confidential

FortiMail FortiMail-100C
Small Deployments Recommended for up to 1,000 users 1 x 1 TB HDD Up to 77,000 emails/hour (Full inspection) Mid-Enterprise Deployments Recommended for 10,000 users 1 x 500 GB HDD (expandable to 2 x 500 GB Up to 185,400 emails/hour (Full inspection) RAID Support Large Enterprise Deployments Recommended for up to 50,000 users Up to 1.0 million emails/hour (Full inspection) RAID Support 2 x 1 TB HDD (expandable to 6 x 1 TB) Redundant/Hot-Swappable Power Supplies Large Enterprise/ Service Provider Deployments Recommended for up to 50,000 users Up to 1.1 million emails/hour (Full-Inspection) FG-5000 series chassis compatible ATCA chassis compatible

FortiMail-400B

FortiMail-2000B

FortiMail-5001A

Fortinet Confidential


Feature
, Message Transfer Agent (MTA)
Fortinet Confidential

Benefit
, ( , , ) Antispam, antivirus, antispyware, & antimalware, powered by the FortiGuard subscription service MTA , , QoS, , ,


Transparent Mode SMTP Gateway Mode MTA-proxy / DNS MX FortiMail Server Mode SMTP POP3, IMAP WebMail.
Fortinet Confidential

Transparent

Gateway

Server

FortiMail - FortiGuard
Security Services

DOS/ DHA DDOS Prevention Inbound Risks


SMTP
Prevention

Spam Email & Virus, Spyware Malware Content Email Phishing Prevention Prevention Prevention Policy Archiving
Prevention Compliance

Inbound MTA Engine FortiMail OS

Fortinet Confidential

FortiMail FortiGuard
Security Services

RBL
Prevention

Spam Email & Virus, Spyware Malware Content Prevention Prevention Prevention Policy Phishing
Prevention Compliance

Spam Email Zombie Archiving Or Bot


Detection

Outbound MTA Engine FortiMail OS

SMTP

Outbound Risks

Fortinet Confidential

Layered Inspections Preserve Sender Integrity


Return-Path: <nosaj@gmail.com> Received: from murder ([unix socket]) (authenticated user=cyrus bits=0) by fortinet.com (Cyrus v2.2.12-Invoca-RPM-2.2.12-3.RHEL4.1) with LMTPA; Fri, 16 Oct 2009 17:04:50 -0700 X-Sieve: CMU Sieve 2.2 Received: from mail.apsecure.com (mail.apsecure.com [192.168.200.188]) by mail.fortinet.com (8.13.1/8.13.1) with ESMTP id l9H04o5N015584 for <jsmith@fortinet.com>; Fri, 16 Oct 2009 17:04:50 -0700 Message-ID: <e84194310710161704x596cca20wf5cbee85611faa1f@mail.gmail.co m> Date: Fri, 16 Oct 2009 17:04:45 -0700 From: J Nosa" <nosaj@gmail.com> To: jsmith@fortinet.com Subject: Sender Integrity Example

IP-based policies
Accelerated by blocking at IP layer before scanning entire image

Deep Header Analysis


Deciphers headers to find known spammers

Local Sender Reputation


Recognizes nuances between geographic spam trends

Holistic image scanning


Beyond OCR for faultless .pdf spam blocking

Free Shipping! $29.95


Order now!

Dynamic Heuristic Rule Updates


FortiGuard Subscription Service sends new rules for inspection without requiring OS updates

Fortinet Confidential

Verified Accuracy: Virus Bulletin Antispam Platinum Award VBSpam Platinum Award
For products whose spam catch rate is twice as effective as the average in the test, and whose false positive rate is twice as low as the average in the test

Source: http://www.virusbtn.com/vbspam/results/2009/11

Fortinet Confidential

Benefits of Deploying FortiMail with FortiGate Delivers overlapping, complementary layers of protection
Block viruses, phishing malware, spyware, and worms

Significantly improves overall network performance


Reduces the load on the perimeter security device Moves deep inspection to the email gateway Avoids adding latency to latencysensitive traffic
Fortinet Confidential

FortiMail and FortiGate Messaging Security

Feature Antivirus (Wildlist) Antivirus (Zoo/Legacy) Advanced Spam Detection Techniques Message Quarantine Message Archiving Message Routing

FortiMail Yes Yes Yes Yes Yes Yes

FortiGate Yes No Limited FortiAnalyzer required No No

Fortinet Confidential

FortiMail and FortiGate Antispam Comparison


Features
IP Based Policies Recipient Based Policies Greylisting SMTP protocol check IP / Address Black/White List Local list System-based Return Email DNS Check External DNSBL User-based Inbound Recipient Address Check Session rate Limit FortiGuard Antispam Service DNSBL (IP Blacklisting) SURBL filtering (URI blacklisting) SHASH filtering Email checksum Forward Tag Discard (Do not inform sender) Reject (Inform sender) Quarantine
(Requires FortiAnalyzer)

FortiMail

FortiGate

Features
Banned word Forged IP scanning Deep header scanning Image Analysis filtering Heuristics filtering Local Sender Reputation Filtering Bayesian Filtering Dictionary PDF file scan

FortiMail
Antispam Filters

FortiGate

Spam Handling

Fortinet Confidential

FortiGuard Security Services / Fortinet ( 3 ) , , FortiMail AV/AS FortiClients (push) FortiGuard Subscription Services
Fortinet Confidential

FortiGuard Global Threat Research Team


/ (push ) , ,

FortiMail Appliances FortiClient engine used in FortiMail Appliances

Fortinet Confidential

15

Agenda

Fortinet Confidential

Simplified Enterprise Messaging Security

Other Approaches: Static and legacy point-product messaging security

FortiMail: Flexible and turnkey email messaging security

Fortinet Confidential

Deployment Option - Transparent Mode


Seamless integration into existing network environments
FortiMail is physically deployed in front of the email server
Provides antivirus, antispam, archiving, monitoring and reporting services

Requires no reconfiguration of the network

FortiMail appears to other devices as a bridge


All of its interfaces are on the same IP subnet
FortiMail is acting as a transparent proxy:

No change to DNS MX records

SMTP Server Internet

Corporate Mail server

Clients

Fortinet Confidential

Deployment Option- Gateway Mode


FortiMail is deployed as a mail relay
Provides antivirus, antispam, archiving, monitoring and reporting services
SMTP Server Internet Clients

Corporate Mail server

With minor changes to the existing network topology


DNS server is configured to ensure that incoming SMTP traffic is sent to FortiMail before reaching the messaging server Option to configure email server to use FortiMail as the relay server for outgoing SMTP traffic
Fortinet Confidential

Deployment Option - Server Mode


Transparent & Gateway mode features Mail server functionality*
Supports up to 500 email accounts (FML-100) Supports up to 1,500 email accounts (FML-400, FML-400B) Supports up to 3,000 email accounts (FML-2000A, FML-5001A) Webmail, SMTP, POP3 and IMAP client support Secure (SSL) WebMail client access Disk quota policy for user accounts Bulk Folder for spam mail
SMTP Server Internet Mail Relay

Clients
*Supported accounts are guidelines only. Sizing dependent on customer requirements, such as disk quotas, etc.

Fortinet Confidential

Transparent Outbound Messaging Security

Transparent carrier deployment protecting against spam zombies and prevents blacklisting of subscribers using small pool of IP addresses

Fortinet Confidential

Agenda

Fortinet Confidential

FortiMail100C Platform Highlights


2 x 10/100/1000 1 x 10/100 interfaces 1 x 1 TB Hard Drive High Availability Option Desktop form factor

Ideal Applications
All-in-one secure messaging server for smaller networks and branch offices Support up to 200 server-mode mail boxes Email security gateway for local mail server in branch office Target environment: Full inspection of up to 77,000 emails / hr

Fortinet Confidential

FortiMail400B Platform highlights


4 10/100/1000 interfaces 1 x 500 GB Hard Drives (Expandable to 2 x 500 GB) Software RAID (0 or 1) High Availability Option

Ideal applications
All-in-one messaging server for mid-size or large branch offices Support up to 1,000 server mode mail boxes Messaging security gateway for local mail server Target environment: Full inspection of up to 185,000 emails / hr

Fortinet Confidential

FortiMail2000B Platform highlights


6 10/100/1000 interfaces 2 x 1 TB Hard Drives
User upgradeable to 6 TB

Ideal applications
Large enterprise, service provider messaging security gateway Large storage for mail archive/quarantine Target environment: Full inspection of up to 1.0 million emails / hr

Hardware RAID (0, 1, 5, 10 or 50) Redundant/hot-swappable power supplies High Availability option

Fortinet Confidential

FortiMail5001A Platform highlights


2 10/100/1000 interfaces 2 internal backplane base channel interfaces 2 internal backplane fabric channel interfaces 80 MB storage (ASM-080 module) High availability option

Ideal applications
Carriers, service providers, large enterprises Existing FortiGate 5000-series chassis environments Target environment : Full inspection of up to 1.1 million emails / hr

Fortinet Confidential

Agenda

Fortinet Confidential

FortiMail Competitive Differentiators


IronPort (Cisco) Secure Computing

Barracuda
ICSA Labs Anti-Spam Certified All technology developed in-house No per-user licensing fees Bi-directional inspection Transparent/Server Mode On-box archiving Local sender reputation Dynamic heuristic rule updates Greylisting High availability configurations Basic-mode GUI User-definable dictionaries Part of a complete security solution

BorderWare

Fortinet Confidential

Competitive Differentiators 3rd Party Testing ICSA Labs


Testing spam detection effectiveness is repeated for 45 days each day with a new set of ~400,000 spam messages During those 45 days, the candidate anti-spam device must demonstrate 95% effectiveness on average while allowing no more than 1 in 100,000 false positives.

Virus Bulletin
Certification for anti-spam products, similar to VB100 Tests measure both the false positive rate and the spam catch rate of the products

Fortinet Confidential

Tolly Testing

FortiMail 100 and Barracuda Spam Firewall 200 Test Highlights


Blocks 99.87% of more than 21,000 inbound messages containing spam Generates 2/3 fewer false positives and 2/3 fewer false negatives (missed spam) than the Barracuda device tested Offers more features and functionality over the Barracuda Spam Firewall 200

Fortinet Confidential

Radicati Top Players Ranking

Source: The Radicati Groups E-mail Security Appliances Market Quadrant 2008, Sept. 2008

Fortinet Confidential

Troon Golf Case Study


Troon Golf is the world's leading luxury-brand golf management, development and marketing company Headquartered in Scottsdale, Ariz., with international offices in Hong Kong, Australia, Switzerland and Dubai Problem:
Previously using desktop software for antivirus protection Spam clogging the corporate network because there was no spam protection at the network border

Solution:
Fortinet's FortiMail-400 solution is located at headquarters Protecting more than 1,500 computer users at Troon Golf "Since deploying FortiMail we have seen a positive and dramatic change in the stability of our email server. FortiMail is blocking roughly 30,000 spam emails a day - that's more than ten million less junk emails a year our employees have to be bothered with Cary Westmark VP of Technology

Fortinet Confidential

Agenda

Fortinet Confidential

Series Components & Pricing

Product
FortiMail-100C

Description

SKU

List Price

One (1) 1 TB HDD, Three (3) Base-T Ethernet Interfaces, desktop formFML-100C factor 4 10/100/1000 port FortiMail, 1 x 500GB HDD FML-400B

FortiMail-400B

FortiMail-2000B

Quad Core CPU, redundant power, 6 FML-2000B x 10/100/1000 ports, 2 x 1TB hard drive FortiMail-5001A blade with 2 10/100/1000 ports and ASM-S08 (80GB storage) module FML-5001A

Insert Regional Pricing

FortiMail-5001A

Fortinet Confidential

Up-Sell/Cross-Sell Opportunities Adding FortiMail to FortiGate deployments


Delivers overlapping, complementary layers of protection
Advanced protection against viruses, phishing malware, spyware, and worms

Significantly improves overall network performance


Reduces the load on the perimeter security device

Adding FortiAnalyzer to FortiMail deployments


Centralizes logging and reporting Simplifies analysis from multiple FortiMail deployments

Fortinet Confidential

!
www.fortinet.com www.muk.ua/fortinet

Fortinet Confidential