What needs improvement with Fortinet FortiMail?

There are multiple areas for improvement, such as user visibility, which is less compared to Cisco's secure appliances. Header inspection and containerization, like on-prem premises sandboxing, need enhancement. Improving spam ranking to match international standards is essential. Moreover, Fortinet's position in the Gartner Magic Quadrant needs to improve, as Barracuda and other appliances are currently ahead.

The tool does what it is supposed to do, so there is nothing I want in the tool. The product's price is an area with shortcomings, making it an area where improvements are required.

The solution's pricing could be improved.

Sometimes, the tool flags legitimate incoming traffic as spam.

It could benefit from enhancing its functionality, especially in terms of advanced filtering. Introducing features such as AI-based and cloud-based filtering could significantly improve mail security. Fortinet should consider developing more robust protection mechanisms, particularly for cloud-based environments. Currently, users often refrain from placing Fortinet in front of Office 365 Exchange unless it's a cloud-based solution. Improving the upgrade process, making it more user-friendly, and simplifying the management of hardware components could enhance the overall user experience and appeal of Fortinet's email security solution.

I haven't worked with Fortinet FortiMail competitors, but I feel whatever it does covers everything that is needed. I probably haven't had the chance to look at the products offered by Fortinet FortiMail's competitors. The tool fulfills the requirements of the client. Fortinet FortiMail has certain shortcomings but can do well if it integrates with sandboxing features. The integration of tools with sandboxing features is something Fortinet can work on because it can change the way the product detects malicious activities. The sandboxing features are not well done in Fortinet FortiMail, making it an area of improvement.

The logging information is sometimes not clear or easy to understand. When the product drops or rejects an email, it is hard to understand what was the original reason why this email was blocked. The logging and the troubleshooting have to improve. The Forti solutions are not easy to use. We can learn how to use them, but they are not easy. Suppose you must deal with different types of Fortinet products, such as FortiMail, FortiGate, and FortiAuthenticator. In that case, you have to use many different types of troubleshooting, such as through CLI commands and parameters, and it's not too easy to know those off the top of your head.

It would be helpful if Fortinet FortiMail could monitor from a smartphone.

The security products stop their operations once the subscription period expires. It is a wrong policy. If I trust a product, it has to continue working even after expiry. It should have a grace period of 30, 40, or 60 days. We can extend the subscription during those days. In some places, subscription extensions can take up to six weeks. During the renewal process, the support offered by the company is very poor. It also reduces security. We pay for the expired period but do not get protection during those times. The user of Fortinet FortiMail should have a feature to see spam names.

The product's cybersecurity features could be better compared to Proofpoint.

The product should work on licensing and provide more detail once the license is selected for the customer.

Fortinet FortiMail should allow more flexibility with the content rules. FortiMail does not allow users to use the content itself as a matching policy attribute. This limits the flexibility of policy configuration, and we have to adapt by using specific sources to apply specific content filtering.

I would like to have an indicator for compromised features, also known as an IOC. My clients have issues with the current email search functionality. They have to search for emails and sometimes cannot find them because they don't have the current timestamp.

It would be better if it were easier to install. The solution doesn't scale easily.

A room for improvement in Fortinet FortiMail is that it's hardware-based. It only has a hardware version. I also didn't find the solution scalable, so that's another area for improvement.

The pricing is not ideal. It needs to be improved. They should add a lot of threat-intelligence feeds from different sources - not only from one source (FortiGuard). They should look at other threat-intelligence feed providers to include in the database so you have multiple databases checking for malicious attacks. Right now, there's only one, which is FortiGuard. The more threat intelligence feeds, the better since everybody has a different way of finding threats.

The solution's pricing is flexible and can be adjusted for African utility companies. Microsoft often offers special pricing formulas for African governments and organizations and it is similar to Fortinet FortiMail. In my country, government institutions receive discounted pricing from Fortinet FortiMail.

FortiMail's dashboard is somewhat complex and could be made simpler. Its integration could also be easier.

What's missing in Fortinet FortiMail is some sandbox information for some of the emails. It's probably configuration-based, where it could be configured on some emails. For example, there was malware in some emails that weren't detected in some of the Fortinet FortiMail sessions, but it should have been configured from my company's end to better catch scam emails, but overall, the solution is okay. At the moment, my company is okay with the current Fortinet FortiMail offerings, but in the past, because of a lack of understanding, my team wasn't able to quickly implement the geographical IP blocking feature. It was time-consuming to implement that feature, but that wasn't a fault of Fortinet FortiMail. The issue was from my team's end, but just by emailing the support team, that issue was resolved, so right now, there isn't any additional feature I'd like added to Fortinet FortiMail.

I have faced issues from one of the customers that they received spam emails. I think they need to look into it and improve their signatures. They can do this by adding more signatures to block spam emails.

The categorization of the emails, for example, from Brazil, could be better. In the Latin America market, some spam messages use Portuguese language. Some clearly spam messages would be better identified by the anti-spam if not for the language.

It could continue to improve the user experience. It is not easy to install.

The UI could be better.

High Availability needs improvement. It doesn't have good HA. It has a lot of flexibility and customizations, but it's a lot. If you don't know what was done, you will be lost, you know that one. As a result, the customization possibly affected the complexity of the configuration.

My customers frequently ask to have detailed documentation for FortiMail and FortiWeb as they have in FortiGate. What they currently have is not enough.

Fortinet FortiMail could improve general user management. There are no password policies for users.

Maybe FortiMail's integration could be better.

The solution is user-friendly to a degree but the dashboard needs improvement. We would like to see in an upcoming release reports to show the amount of data a particular user has used.

I have little to say about possible improvements, but the configuration for content blocking could be better. So, for example, if the email text and/or subject includes any kind of keyword and/or phrase, for example "You have a Bitcoin", I would like it to be easier to block it before it enters an inbox. Fortinet could maybe offer better or simpler help on how to do this properly. Besides that, I feel that we have everything we need for our company with FortiMail.

I think the security of the product could improve.

I think their statistics and the BI in general could be improved. By that I mean the feedback the admin can take from the reporting. We're in the process of moving to Microsoft 365. We have discussed employing the Fortinet cloud solution with them, because right now we're using the on-premise solution. I don't know how it's going to play out in the cloud version.

The infrastructure could be improved. The data leak prevention could also be better.

There have been many improvements with the migration from 6.0. I don't know if it is possible, but I would like to see Artificial Intelligence and machine learning introduced. It would allow for more detailed threat identification.

Sometimes it takes a little bit too long to determine if an email is good or not. If they could shorten that time span, it'd be so much better. It does delay our email, which does not make users happy. That said, I would have to say we have not been blacklisted for quite a while now. Sometimes there are false positives. When spam goes into system quarantine, it would be ideal if there was a safe way to let the users review the email in question and release it themselves, as opposed to having to wait on an administrator, to search for it and release it. It could be done securely. I understand why the system quarantines. However, a lot of users have their financial documents or lawyer's documents get thrown into the system quarantine and they're waiting on them. They need them within the hour as they are often time-sensitive matters. Due to this, they have to contact me. They wait for a while because they don't know when it's going to come, however, eventually they have to contact me. It's a delay. People understandably get very impatient. There are some emails that go through that should be given a login code - for example, like whenever you're signing up for Microsoft in the cloud and they have to send you a login code. These codes from well-known vendors get stuck in the spam outbreak. They get stuck in different places. Whitelisting should be a little bit friendlier for the users. It was actually easier a few versions back. Once you logged into your Fortimail account, you could whitelist very easily. Now, you have to kind of navigate through the email to do it. We cannot turn on the auto whitelist feature on because then there are users that will download anything without thinking, so we never use the auto whitelist feature. That's why it's so important to make whitelisting individually an easy task.

FortiMail is currently available in the appliance mode so I believe the technology can be improved a little. There are a lot of viruses and malicious things out there that can damage your environment. So I think they need to be analytical in their quiet mode implementation so that these things get updated constantly. If anything new is in the market, it should be blocked by the FortiMail immediately.

The only drawback to this solution is that the firmware is frequently updated, and each update results in downtime. Because of this, sometimes we skip the firmware updates so that we don't have to work outside of office hours. The reporting capability could be improved. It would be helpful to have a tracking feature to help us with investigating where a particular email came from.

FortiMail sometimes catches emails and marks them as spam. We sometimes need to contact the vendor regarding some issues. Occasionally, there's a bug that forces an upgrade, and once the upgrade goes through, it's fixed. There are features that other solutions have that this one is lacking, such as reporting options. I hope in future releases they advance their features list. The load balance of the LTM and the WAF should be improved. I would like all of the features to be advanced in the future because it offers fewer security features than its competitors. They do support WAF and they do offer WAF and LTM but with fewer features compared with other brands like F5. We were planning to replace F5 with Fortinet, but security came to us and said there are a lot of features that are not available. At that time, we changed our minds about utilizing the solution because of this.

The dashboard is small, it doesn't have a huge dashboard that you can rely on, you need another application to work with it, which is why they created FortiAnalyzer. This allows you to dig deeper if you want details. For example, it would tell you from which domain, to what domain, and what are the triggers that have been used to classify this email. These are all extra features, it is not an all in one. Some of the dashboards found in the FortiAnalyzer could be improved. For the basics, the solution covers it. An additional feature that could be added is a pop-up screen notifying you that an email has been blocked, without having to double click on it to take you there it could provide you with a summary explaining why it was on hold or why was it spam when you hover over it with your cursor.

It would be nice if we could manage the solution from the cloud so I could handle things off-site if necessary.

In the future, I would like it if there's a possibility to lower the price of the bandwidth and UTM. It is quite expensive.

I believe the product needs better integration with FortiSandbox and integration with third-party Sandbox solutions. What clients would like, I think, is more features on the appliances. Processing power is very important and this is dependent on abilities to upgrade the appliance.

I think that it is possible to improve the encryption features in FortiMail. I tried to use the IDE (Integrated Development Environment) features which mainly has to do with encrypted traffic. They are using a particular protocol. If you want to use encryption differently you can't exchange the private keys. So you need to use the IDE feature. The drawback is that the IDE feature in FortiMail is very difficult to deploy. It would be good if they made this easier to use. The main thing that we choose the Fortinet product for is that protects us and because it is mostly very easy to use. Also, the graphic user interface is easy to work with and very clearly maps out what we need to see in administration. The IDE feature in Fortinet is not as good as the rest of the product because it's very difficult to deploy it.

The deployment modules need improvement. They insist that it should be deployed on two different versions which doesn't make sense because ultimately, it's just an IP address. But we tried and maneuvered our way around it. The biggest room for improvement would be the deployment. It will be hard for someone who doesn't understand the interface to deploy. If you understand it, you can find your way around the problems. They should bundle the analytics in the next release of this solution. Now we need another solution like FortiAnalyzer.

I would like it if the solution could be more affordable.

The web console management interface could be improved. The documentation can be improved.