The pricing is not ideal. It needs to be improved. 

They should add a lot of threat-intelligence feeds from different sources - not only from one source (FortiGuard). They should look at other threat-intelligence feed providers to include in the database so you have multiple databases checking for malicious attacks. Right now, there's only one, which is FortiGuard. The more threat intelligence feeds, the better since everybody has a different way of finding threats.

It could be better. We know better solutions, like Clearswift.

The Ui isn't that intuitive. 

When 100 emails are coming in to one recipient, FortiMail only blocks from the 50th of the emails. Until that point, it doesn't see there's a problem. They aren't doing very good gatekeeping.

Fortinet FortiMail's pricing could be improved.

It would be helpful if Fortinet FortiMail could monitor from a smartphone. 

There is not much about the solution that I would like to improve. I am satisfied with what the solution has to offer.

Fortinet FortiMail's technical support team has shortcomings and needs improvement.

I believe there is room for enhancement in the content security and web security features. These two aspects can be further developed to improve the overall scalability of the solution.

The security products stop their operations once the subscription period expires. It is a wrong policy. If I trust a product, it has to continue working even after expiry. It should have a grace period of 30, 40, or 60 days. We can extend the subscription during those days. In some places, subscription extensions can take up to six weeks. During the renewal process, the support offered by the company is very poor. It also reduces security. We pay for the expired period but do not get protection during those times. The user of Fortinet FortiMail should have a feature to see spam names. 

It could benefit from enhancing its functionality, especially in terms of advanced filtering. Introducing features such as AI-based and cloud-based filtering could significantly improve mail security. Fortinet should consider developing more robust protection mechanisms, particularly for cloud-based environments. Currently, users often refrain from placing Fortinet in front of Office 365 Exchange unless it's a cloud-based solution. Improving the upgrade process, making it more user-friendly, and simplifying the management of hardware components could enhance the overall user experience and appeal of Fortinet's email security solution.

It would be better if it were easier to install.

The solution doesn't scale easily.

The solution's pricing is flexible and can be adjusted for African utility companies. Microsoft often offers special pricing formulas for African governments and organizations and it is similar to Fortinet FortiMail. In my country, government institutions receive discounted pricing from Fortinet FortiMail.

The solution could be improved by providing a virtual machine facility with a complete set of options in the VM setup and by enhancing the clarity of the information supplied for content filtering. Additionally, in the next release, we would suggest that Fortinet FortiMail be added as an add-on to Fortinet Firewall itself. It can be included as a module and added to the Fortinet Firewall.

The tool needs to improve its pricing policy. Also, it needs to be more user-friendly. I would want it to improve email security as well. 

The solution lacks to provide more visibility when there is a problem, and it needs to be tracked. The solution should provide users with more visibility so that they can track a problem.

What's missing in Fortinet FortiMail is some sandbox information for some of the emails. It's probably configuration-based, where it could be configured on some emails. For example, there was malware in some emails that weren't detected in some of the Fortinet FortiMail sessions, but it should have been configured from my company's end to better catch scam emails, but overall, the solution is okay.

At the moment, my company is okay with the current Fortinet FortiMail offerings, but in the past, because of a lack of understanding, my team wasn't able to quickly implement the geographical IP blocking feature. It was time-consuming to implement that feature, but that wasn't a fault of Fortinet FortiMail. The issue was from my team's end, but just by emailing the support team, that issue was resolved, so right now, there isn't any additional feature I'd like added to Fortinet FortiMail.

It could continue to improve the user experience.

It is not easy to install.

I haven't worked with Fortinet FortiMail competitors, but I feel whatever it does covers everything that is needed. I probably haven't had the chance to look at the products offered by Fortinet FortiMail's competitors. The tool fulfills the requirements of the client.

Fortinet FortiMail has certain shortcomings but can do well if it integrates with sandboxing features. The integration of tools with sandboxing features is something Fortinet can work on because it can change the way the product detects malicious activities. The sandboxing features are not well done in Fortinet FortiMail, making it an area of improvement.

The logging information is sometimes not clear or easy to understand. When the product drops or rejects an email, it is hard to understand what was the original reason why this email was blocked. The logging and the troubleshooting have to improve.

The Forti solutions are not easy to use. We can learn how to use them, but they are not easy. Suppose you must deal with different types of Fortinet products, such as FortiMail, FortiGate, and FortiAuthenticator. In that case, you have to use many different types of troubleshooting, such as through CLI commands and parameters, and it's not too easy to know those off the top of your head.

Sometimes, authentic emails get blocked by the solution's firewall. In this case, our network team has to keep tuning the device from time to time.

I have faced issues from one of the customers that they received spam emails. I think they need to look into it and improve their signatures. They can do this by adding more signatures to block spam emails.

The product's cybersecurity features could be better compared to Proofpoint.

I think their statistics and the BI in general could be improved. By that I mean the feedback the admin can take from the reporting. We're in the process of moving to Microsoft 365. We have discussed employing the Fortinet cloud solution with them, because right now we're using the on-premise solution. I don't know how it's going to play out in the cloud version.

The dashboard is small, it doesn't have a huge dashboard that you can rely on, you need another application to work with it, which is why they created FortiAnalyzer. This allows you to dig deeper if you want details. For example, it would tell you from which domain, to what domain, and what are the triggers that have been used to classify this email. These are all extra features, it is not an all in one.

Some of the dashboards found in the FortiAnalyzer could be improved. For the basics, the solution covers it. 

An additional feature that could be added is a pop-up screen notifying you that an email has been blocked, without having to double click on it to take you there it could provide you with a summary explaining why it was on hold or why was it spam when you hover over it with your cursor.

I would like it if the solution could be more affordable.

Fortinet FortiMail should allow more flexibility with the content rules. FortiMail does not allow users to use the content itself as a matching policy attribute. This limits the flexibility of policy configuration, and we have to adapt by using specific sources to apply specific content filtering.

I would like to have an indicator for compromised features, also known as an IOC. My clients have issues with the current email search functionality. They have to search for emails and sometimes cannot find them because they don't have the current timestamp.

It's difficult for me to talk about areas for improvement in Fortinet FortiMail because I'm the general manager of the company and I'm an engineer with knowledge about the solution, but I'm not deeply involved in its implementation. As I mentioned previously, Fortinet FortiMail is also being used within the company, and I'm happy with its functionality, but sometimes, attacks pass and avoid the Fortinet FortiMail filters, but those could be very sophisticated attacks. There could still be an improvement in the filtering feature of the solution, though the security of Fortinet FortiMail is okay for me because I believe you can't implement one hundred percent security in any solution.

The initial setup for the solution also needs improvement. The setup is supposed to be simple, but then the customer starts to complain that some of the false positive emails are reaching quarantine, so my team has to configure it again. 

There have been instances when Fortinet FortiMail rejects valid emails because some of the service partners of the customer have not been configured accurately, so the system considered valid mails as attacks to be quarantined, so aside from improving the filters, there should also be an improvement in the categorization of emails in the server. My team has to modify the configuration so that valid emails could pass and for Fortinet FortiMail to correctly filter the SPAM traffic.

A feature that could be added to Fortinet FortiMail in its next release is advanced AI, so it can analyze and decide accurately on which mail is valid and which mail is SPAM.

The product should work on licensing and provide more detail once the license is selected for the customer.

So far I don't need any improvements right now. I'm quite happy with the product as-is.

At some point, FortiMail and Fortigate should merge together in one box. If they did that, it would be really helpful for the user. 

High Availability needs improvement. It doesn't have good HA.

It has a lot of flexibility and customizations, but it's a lot. If you don't know what was done, you will be lost, you know that one. As a result, the customization possibly affected the complexity of the configuration.

A room for improvement in Fortinet FortiMail is that it's hardware-based. It only has a hardware version.

I also didn't find the solution scalable, so that's another area for improvement.

The categorization of the emails, for example, from Brazil, could be better. In the Latin America market, some spam messages use Portuguese language. Some clearly spam messages would be better identified by the anti-spam if not for the language.

The solution is user-friendly to a degree but the dashboard needs improvement.

We would like to see in an upcoming release reports to show the amount of data a particular user has used.

FortiMail's dashboard is somewhat complex and could be made simpler. Its integration could also be easier.

I have little to say about possible improvements, but the configuration for content blocking could be better. So, for example, if the email text and/or subject includes any kind of keyword and/or phrase, for example "You have a Bitcoin", I would like it to be easier to block it before it enters an inbox. Fortinet could maybe offer better or simpler help on how to do this properly. 

Besides that, I feel that we have everything we need for our company with FortiMail.

Maybe FortiMail's integration could be better.

Sometimes it takes a little bit too long to determine if an email is good or not. If they could shorten that time span, it'd be so much better. It does delay our email, which does not make users happy. That said, I would have to say we have not been blacklisted for quite a while now.

Sometimes there are false positives.

When spam goes into system quarantine, it would be ideal if there was a safe way to let the users review the email in question and release it themselves, as opposed to having to wait on an administrator, to search for it and release it. It could be done securely. I understand why the system quarantines. However, a lot of users have their financial documents or lawyer's documents get thrown into the system quarantine and they're waiting on them. They need them within the hour as they are often time-sensitive matters. Due to this, they have to contact me. They wait for a while because they don't know when it's going to come, however, eventually they have to contact me. It's a delay. People understandably get very impatient.

There are some emails that go through that should be given a login code - for example, like whenever you're signing up for Microsoft in the cloud and they have to send you a login code. These codes from well-known vendors get stuck in the spam outbreak. They get stuck in different places. 

Whitelisting should be a little bit friendlier for the users. It was actually easier a few versions back. Once you logged into your Fortimail account, you could whitelist very easily. Now, you have to kind of navigate through the email to do it. We cannot turn on the auto whitelist feature on because then there are users that will download anything without thinking, so we never use the auto whitelist feature. That's why it's so important to make whitelisting individually an easy task.

FortiMail is currently available in the appliance mode so I believe the technology can be improved a little. There are a lot of viruses and malicious things out there that can damage your environment. So I think they need to be analytical in their quiet mode implementation so that these things get updated constantly. If anything new is in the market, it should be blocked by the FortiMail immediately.

I believe the product needs better integration with FortiSandbox and integration with third-party Sandbox solutions.

What clients would like, I think, is more features on the appliances. Processing power is very important and this is dependent on abilities to upgrade the appliance.

In the future, I would like it if there's a possibility to lower the price of the bandwidth and UTM. It is quite expensive.

The deployment modules need improvement. They insist that it should be deployed on two different versions which doesn't make sense because ultimately, it's just an IP address. But we tried and maneuvered our way around it. The biggest room for improvement would be the deployment. It will be hard for someone who doesn't understand the interface to deploy. If you understand it, you can find your way around the problems. 

They should bundle the analytics in the next release of this solution. Now we need another solution like FortiAnalyzer. 

The only drawback to this solution is that the firmware is frequently updated, and each update results in downtime. Because of this, sometimes we skip the firmware updates so that we don't have to work outside of office hours.

The reporting capability could be improved.

It would be helpful to have a tracking feature to help us with investigating where a particular email came from.

FortiMail sometimes catches emails and marks them as spam. We sometimes need to contact the vendor regarding some issues. Occasionally, there's a bug that forces an upgrade, and once the upgrade goes through, it's fixed. 

There are features that other solutions have that this one is lacking, such as reporting options. I hope in future releases they advance their features list.

The load balance of the LTM and the WAF should be improved. I would like all of the features to be advanced in the future because it offers fewer security features than its competitors. They do support WAF and they do offer WAF and LTM but with fewer features compared with other brands like F5.

We were planning to replace F5 with Fortinet, but security came to us and said there are a lot of features that are not available. At that time, we changed our minds about utilizing the solution because of this. 

I think that it is possible to improve the encryption features in FortiMail. I tried to use the IDE (Integrated Development Environment) features which mainly has to do with encrypted traffic. They are using a particular protocol. If you want to use encryption differently you can't exchange the private keys. So you need to use the IDE feature. The drawback is that the IDE feature in FortiMail is very difficult to deploy. It would be good if they made this easier to use.

The main thing that we choose the Fortinet product for is that protects us and because it is mostly very easy to use. Also, the graphic user interface is easy to work with and very clearly maps out what we need to see in administration. The IDE feature in Fortinet is not as good as the rest of the product because it's very difficult to deploy it.

Fortinet FortiMail could improve general user management. There are no password policies for users.

The web console management interface could be improved.

The documentation can be improved.

My customers frequently ask to have detailed documentation for FortiMail and FortiWeb as they have in FortiGate. What they currently have is not enough.

There have been many improvements with the migration from 6.0.

I don't know if it is possible, but I would like to see Artificial Intelligence and machine learning introduced. It would allow for more detailed threat identification.

The UI could be better.

The solution could improve by making the UI more user-friendly and increasing spam and threat detection capabilities.

The infrastructure could be improved. The data leak prevention could also be better.

It would be nice if we could manage the solution from the cloud so I could handle things off-site if necessary.

I think the security of the product could improve.