Fortinet - Secure e-mails with the FortiMail Managed Service from EnBITCon

Email remains the most critical means of communication for businesses. Unfortunately, this also makes email the most important threat vector, as the number and sophistication of attacks is constantly increasing. At the same time, customers are increasingly switching to cloud email providers such as Microsoft 365 and Google G-Suite and finding it difficult to secure their email traffic. The built-in, native security tools available in these platforms are not enough on their own to fend off attacks, protect valuable data and ensure compliance goals are met. FortiMail, Fortinet's secure email gateway solution, provides a comprehensive, multi-layered approach to all inbound and outbound email traffic. Fortinet is a trusted vendor and offers the industry's broadest portfolio of security solutions with its Security Fabric - including identity management, advanced threat/zero-day protection and security-managed networks.
The Importance of a Secure Email Gateway (SEG)

SEGs are the front line of defence for the organisation's largest attack surface: email. Email is a mission-critical communication channel, and attacks via email are increasing in both scope and sophistication. For example, Verizon's Data Breach Investigations Report finds that more than 90% of malware is distributed via email. And it's common for phishing emails to be disguised as legitimate files or links in an attempt to steal credentials, which can lead to account takeovers or data breaches.

Users face a variety of inbound email-based threats, including spam, ransomware, business email compromise, advanced and zero-day attacks, and outbound threats from data leaks and compliance breaches. SEGs are expected to provide a wide range of capabilities to protect and secure all inbound and outbound email traffic. This remains important even as organisations move from on-premises email servers to cloud providers such as Microsoft 365 (M365) or G-Suite, whose native security alone is not enough.

At the heart of every SEG is a message transfer agent (MTA) or API-based integration for email scanning and policy enforcement. Scanning technologies are expected to provide basic content analysis, anti-spam and anti-malware capabilities, marketing newsletter and graymail classifications, and personalised end-user message management controls.

Advanced features available in many SEGs include capabilities for deeper analysis with sandboxing technology or content sanitisation, and file attachment reconstruction. To counter URL-based threats, some SEGs also offer URL rewrite and time-of-click analysis or complementary remote browser isolation technology. It is also common for SEGs to offer features to combat email spoofing and impersonation attempts.

To defend against threats to outbound email or email in transit, SEGs typically include features for data leak prevention (DLP), message archiving and encryption. Especially for customers in highly regulated industries such as retail, finance or healthcare, some SEGs include predefined policies that address compliance requirements such as HIPAA, PCI-DSS and GDPR, among others.
Secure Email Gateway Solutions: FortiMail

FortiMail is designed to handle both inbound traffic to detect and prevent incoming threats, and outbound traffic to enforce compliance policies or protect valuable data assets. Most importantly, the solution works seamlessly with any existing email infrastructure investment, whether on-premises like Exchange or hosted in the cloud like M365 or G-Suite. In addition, a wide range of deployment options and consumption models are available to meet all customer requirements, including FortiMail Cloud SaaS.

FortiMail can be run inline like a traditional MTA requiring an MX record change, or utilise out-of-band APIs that seamlessly integrate into M365 environments. This API integration allows customers to perform real-time and internal scans of email traffic, as well as post-delivery recovery when a message is identified as threatening or associated with a defined policy, such as a confidential document.

One of the benefits that differentiates FortiMail from other products is the support provided by FortiGuard Labs, including the powerful visibility and real-time threat intelligence provided by this integration. FortiGuard Labs has tremendous insight into global traffic patterns and the evolving threat landscape; for example, FortiGuard Labs has visibility into more than 100 million unique emails daily. This allows FortiMail customers to benefit from the latest and best protection, as spam and virus outbreaks can be identified and stopped as quickly as possible.

FortiMail also stands out for its multi-layered approach to email security. For example, to identify and stop spam and phishing attacks, the solution employs multiple techniques to address this unwanted traffic. Additional features are available to prevent email compromise and spoofing within the organisation, such as when a bad actor impersonates a C-level executive.

To combat malware that can cripple an organisation, FortiMail has extensive malware detection capabilities, including viruses and ransomware, as well as advanced techniques to defend against targeted attacks and risky files. To combat weaponised attachments, FortiMail can block executable files or defuse and reconstruct content for active content. And as threats continue to rapidly evolve, FortiMail can prevent zero-day threats and advanced threats - the unknown risks - by using sandbox integration to perform the deepest level of analysis.

In the process, you can also easily scale. While the minimum purchase is 25 mailboxes, which are already included in the basic price, you can flexibly book additional mailboxes or release them again. You will only be charged additionally for what you use beyond the 25 mailboxes. The service can be cancelled monthly.

You don't have to worry about the operation. The experts at EnBITCon take care of that. Not only do we ensure that your e-mail boxes are secured, we are also the direct contact for questions and problems. Short communication chains mean that concerns can be dealt with quickly and efficiently. This gives you more time to concentrate on your day-to-day business.

If you are interested in our service, we are also happy to advise you or carry out a free 14-day trial. You can easily reach us by phone, email or our contact form.