We use the product for spam filtering and as a second layer of filtering for Office 365. I use it for encrypting emails and monitoring all emails that have sensitive data and policies are applied there as well. In addition to having it as a user portal for spam emails and quarantined emails, users can manage their spam, their quarantined emails, and whether they want an address on the blacklist or the white list.
Our security department is responsible for all emails that are quarantined by the system so they are monitored. There is two-way communication — not just one way — and FortiMail is doing all the work. We have to assign some people to control and monitor the operation for FortiMail. Due to the spam traffic, they have to change the scripts and the configuration. It is a two-way configuration and communication between the system and the administrators.
FortiMail is not just something that you configure once and leave alone, it is a learning configuration. So you can not just use any configuration and think that it should continue to work optimally. Every organization has its own configuration. I have three companies working with FortiMail and every company has a different configuration, a different approach and different ways of controlling security. FortiMail is what their organization needs for security, but they must adapt it in practice. There is no universal solution for all of the companies. It is a very flexible solution.
I worked with many email monitoring products and really they are all the same except for the engine and what the vendor companies provide to you for the filtering as far as the updates and security trends. But with each type or brand of email filter, you need to enhance your configuration as per your company requirements.