fortimail™ - information store | rien ne s'accomplit dans un · pdf...

FortiMail™

Comprehensive Messaging Security

Fortinet Confidential

Comprehensive Messaging Security

Agenda

• FortiMail Overview1

• Deployment Examples2


• Detailed Product Information3

• Competitive Positioning4

• Ordering Information5

FortiMail Overview

• Delivers specialized messaging

security system for organizations

of all sizes

• Advanced bi-directional filtering

prevents spread of spam,

viruses, phishing, worms, and


viruses, phishing, worms, and

spyware

• Three deployment options

deliver maximum flexibility for

organizations

FortiMail-400 Recommended for 500-5,000 usersSmall/Medium Business Deployments

Up to 154,800 emails/hour (Full-Inspection)RAID Support

FortiMail-100 Recommended for 1-1,000 users Small Business Deployments

Up to 54,000 emails/hour (Full-Inspection)

FortiMail-400B Recommended for 500-5,000 usersSmall/Medium Business Deployments

FortiMail Family of Secure Messaging Platforms


FortiMail-2000A Recommended for 1,000-20,000 users Large Enterprise & Service Provider Deployments

Up to 371,500 emails/hour (Full-Inspection)RAID Support

Redundant/Hot-Swappable Power Supplies & Fans

FortiMail-5001ARecommended for up to 50,000 users per blade

Large Enterprise/ Carrier/Service Provider DeploymentsUp to 1 million emails/hour (Full-Inspection)

ATCA-compliant Chassis for FortiGate-5000 environments

FortiMail-400B Small/Medium Business DeploymentsUp to 185,400 emails/hour (Full-Inspection)

RAID Support

Feature/Benefit Overview

Feature Benefit

�Unmatched deployment options provide maximum flexibility

�Only messaging security solution that can be deployed in transparent, gateway or server mode

� Integrated multi-threat detection engines detects message-borne threats with 99.87% accuracy

�Antispam, antivirus, antispyware, & antimalware,powered by the FortiGuard™ subscription service

�Specialized MTA engine for peak capacity, intelligent


� Integrated Message Transfer Agent (MTA) maximizes performance

�Specialized MTA engine for peak capacity, intelligent routing, QoS, virtualization, inbound and outbound SMTP routing

� Inbound & outbound messagingsecurity

�Prevents messaging systems from becoming threat-delivery systems

�Email archiving�On-box archiving facilitates policy and regulatory

compliance requirements

�Logging and reporting� Integrated logging and reporting engine provides

granular usage statistics

Flexible Deployment Options

Transparent

• Transparent Mode

− Intercepts SMTP sessions even though the

destination IP is not the FortiMail server

− Eliminates the need to change existing mail

server network configuration

• Gateway Mode


Gateway

Server

• Gateway Mode

− Provides inbound and outbound proxy MTA

services for existing email gateways

− Simple DNS MX record change redirects email

to FortiMail for antispam and antivirus scanning.

• Server Mode

− Full-featured SMTP mail server

− Delivers flexible support for secure POP3, IMAP

and WebMail access.

FortiMail Inbound Multi-Layered Security

FortiGuard™Security Services

DOS/DDOS

DHAPrevention

Spam&

PhishingVirus,

PreventionSpywarePrevention

MalwarePrevention

EmailContent Email

Archiving


SMTP

InboundRisks

FortiMail OS™

DDOSPrevention

PreventionPhishingPrevention

Prevention Prevention Prevention PolicyCompliance

Archiving

Inbound MTA Engine

FortiMail Outbound Multi-Layered Security

FortiGuard™Security Services

RBL

EmailContentPolicy

Spam& Virus, Spyware Malware Email

SpamZombie


FortiMail OS™

RBLPrevention

PolicyCompliance

&PhishingPrevention

Virus, Prevention

SpywarePrevention

MalwarePrevention

Outbound MTA Engine

EmailArchiving

ZombieOr Bot

Detection

SMTP

Outbound Risks

Layered Inspections Preserve Sender Integrity

IP-based policies Accelerated by blocking at IP layer before scanning entire image

Deep Header Analysis Deciphers headers to find known spammers

Local Sender Reputation Recognizes nuances between geographic spam trends

Return-Path: <[email protected]>Received: from murder ([unix socket])

(authenticated user=cyrus bits=0)by fortinet.com (Cyrus v2.2.12-Invoca-RPM-2.2.12-3.RHEL4.1) with LMTPA;Fri, 16 Oct 2009 17:04:50 -0700

X-Sieve: CMU Sieve 2.2Received: from mail.apsecure.com (mail.apsecure.com [192.168.200.188])

by mail.fortinet.com (8.13.1/8.13.1) with ESMTP id l9H04o5N015584for <[email protected]>; Fri, 16 Oct 2009 17:04:50 -0700

Message-ID: <[email protected]>

Date: Fri, 16 Oct 2009 17:04:45 -0700From: “J Nosa" <[email protected]>To: [email protected]: Sender Integrity Example


Holistic image scanning Beyond OCR for faultless .pdf spam blocking

Dynamic Heuristic Rule UpdatesFortiGuard Subscription Service sends new rules for inspection without

requiring OS updates

Recognizes nuances between geographic spam trends

Free Shipping!$29.95 Order now!

Verified Accuracy:Virus Bulletin Antispam Platinum Award

• VBSpam Platinum Award

− “For products whose spam

catch rate is twice as

effective as the average in

the test, and whose false

positive rate is twice as low

Fortinet Confidential10

positive rate is twice as low

as the average in the test”

Source: http://www.virusbtn.com/vbspam/results/2009/11

Benefits of Deploying FortiMail with FortiGate

• Delivers overlapping,

complementary layers of

protection

− Block viruses, phishing malware,

spyware, and worms

• Significantly improves overall


• Significantly improves overall

network performance

− Reduces the load on the perimeter

security device

− Moves deep inspection to the email

gateway

− Avoids adding latency to latency-

sensitive traffic

Feature

Antivirus (Wildlist) Yes Yes

Antivirus (Zoo/Legacy) Yes No

Advanced Spam

FortiMail and FortiGate Messaging Security


Advanced Spam Detection Techniques

Yes Limited

Message Quarantine Yes FortiAnalyzer required

Message Archiving Yes No

Message Routing Yes No

FortiMail and FortiGate – Antispam Comparison

Features FortiMail FortiGate

IP Based Policies � �

Recipient Based Policies �

Greylisting �

SMTP protocol check �

IP / Address Black/White List

Local list � �

System-based � �

Features FortiMail FortiGate

Antispam Filters

Banned word � �

Forged IP scanning �

Deep header scanning �

Image Analysis filtering �

Heuristics filtering �

Local Sender Reputation Filtering �


System-based � �

Return Email DNS Check � �

External DNSBL �

User-based �

Inbound Recipient Address Check �

Session rate Limit �

FortiGuard Antispam Service

DNSBL (IP Blacklisting) � �

SURBL filtering (URI blacklisting) � �

SHASH filtering – Email checksum

� �

Local Sender Reputation Filtering �

Bayesian Filtering �

Dictionary �

PDF file scan �

Spam Handling

Tag � �

Discard (Do not inform sender) � �

Reject (Inform sender) �

Quarantine � (Requires

FortiAnalyzer)

Forward �

FortiGuard Security Services

• All antispam/antivirus signatures

developed by Fortinet, not 3rd

parties

• Expertise on spam,

vulnerabilities, and

• FortiGuard Global Threat

Research Team

− Comprehensive security research

and subscription services

− Real-time updates to block viruses,

malware, phishing, and spyware


vulnerabilities, and

viruses/malware/ spyware

• FortiMail integrates FortiClient’s

certified engine/signatures

• Updates occur automatically

from FortiGuard Subscription

Services

malware, phishing, and spyware

• Product Certifications

FortiMail Appliances FortiClient engine used in FortiMail Appliances

Agenda

• Introducing FortiMail1






Simplified Enterprise Messaging Security

� Other Approaches: Static and legacy point-product messaging security


� FortiMail: Flexible and turnkey email messaging security

� Transparent carrier deployment protecting against spam zombies …

Transparent Outbound Messaging Security


• Seamless integration into existing network environments

− FortiMail is physically deployed in front of the email server

▪ Provides antivirus, antispam, archiving, monitoring and reporting services

− Requires no reconfiguration of the network

• FortiMail appears to other devices as a bridge

− All of its interfaces are on the same IP subnet

Deployment Option - Transparent Mode


− All of its interfaces are on the same IP subnet

▪ FortiMail is acting as a transparent proxy:

» No change to DNS MX records

InternetInternet

ClientsClients

SMTPSMTPServerServer

CorporateCorporateMail serverMail server

InternetInternet

Deployment Option- Gateway Mode

• FortiMail is deployed as a mail relay

− Provides antivirus, antispam, archiving, monitoring and reporting services



• With minor changes to the existing network topology

− DNS server is configured to ensure that incoming SMTP traffic is sent to FortiMail before reaching the

messaging server

− Option to configure email server to use FortiMail as the relay server for outgoing SMTP traffic

ClientsClients

CorporateCorporateMail serverMail server

Deployment Option - Server Mode

• Transparent & Gateway mode features

• Mail server functionality*

− Supports up to 200 email accounts (FML-100)

− Supports up to 1,000 email accounts (FML-400, FML-400B)

− Supports up to 3,000 email accounts (FML-2000A, FML-5001A)

− Webmail, SMTP, POP3 and IMAP client support

− Secure (SSL) WebMail client access


MailMailRelayRelay

InternetInternet

ClientsClients


*Supported accounts are guidelines only. Sizing dependent on customer requirements, such as disk quotas, etc.

− Secure (SSL) WebMail client access

− Disk quota policy for user accounts

− Bulk Folder for spam mail

Agenda







FortiMail–100

• Platform Highlights

− 4 10/100 interfaces

− 1 x 250GB Hard Drive

− High Availability Option

− Desktop form factor

• Ideal Applications

− All-in-one secure messaging server

for SOHO /Remote office

− Support up to 200 server-mode mail

boxes

− Email security gateway for local mail


− Email security gateway for local mail

server in branch office

− Target environment : Less than

54,000 emails/hr

FortiMail–400

• Platform highlights

− 4 10/100 interfaces

− 2 10/100/1000 interfaces

− 2 x 250 GB Hard Drives

− Software RAID (0 or 1)

• Ideal applications

− All-in-one messaging server for

branch office/

− Support up to 1,000 server mode

mail boxes

− Messaging security gateway for


− High Availability Option− Messaging security gateway for

local mail server

− Target environment: Less than

154,800 emails / hr

FortiMail–400B


− 4 10/100/1000 interfaces

− 1 x 500 GB Hard Drives

(Expandable to 2 x 500 GB)

− Software RAID (0 or 1)


− All-in-one messaging server for

branch office/

− Support up to 1,000 server mode

mail boxes

− Messaging security gateway for


− High Availability Option − Messaging security gateway for

local mail server


185,400 emails / hr

FortiMail–2000A


− 4 10/100/1000 interfaces

− 6 x 250 GB Hard Drives (1.5 TB)

− Hardware RAID (0, 1, 5, 10 or 50)

− Redundant/hot-swappable power


− Medium and large enterprise

messaging security gateway


371,500 emails / hr

− Large storage for mail quarantine


supplies

− Hot-swappable fans

− High Availability Option

− Large storage for mail quarantine

FortiMail–5001A


− 2 10/100/1000 interfaces

− 2 internal backplane base channel

interfaces

− 2 internal backplane fabric channel

interfaces


− Carriers, service providers, large

enterprises

− Existing FortiGate 5000-series

chassis environments

− Target environment : less than 1


interfaces

− 80 MB storage (ASM-080 module)

− High availability option

− Target environment : less than 1

million emails / hr

Agenda







FortiMail Competitive DifferentiatorsBarracuda

IronPort (Cisco)

Secure Computing

BorderWare

ICSA Labs Anti-Spam Certified

All technology developed in-house

No per-user licensing fees

Bi-directional inspection

X

X

X X

X

X

X

X

X X

X

X

X X X X


Transparent/Server Mode

On-box archiving

Local sender reputation

Dynamic heuristic rule updates

Greylisting

High availability configurations

Basic-mode GUI

User-definable dictionaries

Part of a complete security solution

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

X

Competitive Differentiators – 3rd Party Testing

• ICSA Labs

− Testing spam detection effectiveness is repeated for

45 days each day with a new set of ~400,000 spam

messages

− During those 45 days, the candidate anti-spam device

must demonstrate 95% effectiveness on average


must demonstrate 95% effectiveness on average

while allowing no more than 1 in 100,000 false

positives.

• Virus Bulletin

− Certification for anti-spam products, similar to VB100

− Tests measure both the false positive rate and the

spam catch rate of the products

FortiMail–2000A TCO Example

CAP EX

Antivirus, Antispyware &

Current Email Security Appliances

CAP EX

FortiMail™ Email Security Solution

$11+Per User

*Assumptions•2000 Users•$28/User/Mailbox•Includes HW, AS and AV•1 year maintenance


Hardware Appliance, MTA

Engine & Antispam

Antispyware & Antimalware Hardware Appliance,

MTA Engine, Antispam, Antivirus, Antispyware &

Antimalware

$17+Per User

$56,000*+($28+/User/Mailbox)

USD $25K*

NO USER OR MAIL BOX RESTRICTION!!

2000 User Restriction

Tolly Testing

• FortiMail 100 and Barracuda Spam

Firewall 200

• Test Highlights

− Blocks 99.87% of more than 21,000

inbound messages containing spam



− Generates 2/3 fewer false positives and 2/3

fewer false negatives (missed spam) than

the Barracuda device tested

− Offers more features and functionality over

the Barracuda Spam Firewall 200

Tolly Testing

• FortiMail-4000A and IronPort C350

• Test Highlights

− Blocks 99.91% of more than 28,000


− Demonstrates flexible deployment of


− Demonstrates flexible deployment of

transparent, server, and gateway

modes

− Offers in-house developed anti-virus

and anti-spam security updates with no

per-user licensing

Radicati “Top Players” Ranking


Source: The Radicati Group’s E-mail Security Appliances – Market Quadrant 2008, Sept. 2008

Troon Golf Case Study

• Troon Golf is the world's leading luxury-brand golf management, development and marketing company

• Headquartered in Scottsdale, Ariz., with international offices in Hong Kong, Australia, Switzerland and Dubai

• Problem:− Previously using desktop software for antivirus protection

− Spam clogging the corporate network because there was no spam protection at the network border


− Spam clogging the corporate network because there was no spam protection at the network border

• Solution:− Fortinet's FortiMail-400 solution is located at headquarters

− Protecting more than 1,500 computer users at Troon Golf

− "Since deploying FortiMail we have seen a positive and dramatic change in the stability of our email server. FortiMail is blocking roughly 30,000 spam emails a day - that's more than ten million less junk emails a year our employees have to be bothered with,"

Cary Westmark

VP of Technology

Agenda







Product Description SKU List Price

FortiMail-1004 10/100 ports with single 250GB Hard drive, desktop FortiMail

FML-100

FortiMail-4002 10/100/1000, 4 10/100 port FortiMail, 2 x 250GB HDD

FML-400

Series Components & Pricing

Insert


FortiMail-400B4 10/100/1000 port FortiMail, 1 x 500GB HDD

FML-400B

FortiMail-2000ADual CPU, HW RAID, 4 10/100/1000 ports, 6 x 250GB HDD

FML-2000A

FortiMail-5001AFortiMail-5001A blade with 2 10/100/1000 ports and ASM-S08 (80GB storage) module

FML-5001A

Insert

Regional

Pricing

Thank You!


For more information please visithttp://www.fortinet.com

fortimail™ - information store | rien ne s'accomplit dans un · pdf...

Documents