What needs improvement with Fortinet FortiMail?
Thanks for sharing your thoughts with the community!
FortiMail is currently available in the appliance mode so I believe the technology can be improved a little. There are a lot of viruses and malicious things out there that can damage your environment. So I think they need to be analytical in their quiet mode implementation so that these things get updated constantly. If anything new is in the market, it should be blocked by the FortiMail immediately.
The only drawback to this solution is that the firmware is frequently updated, and each update results in downtime. Because of this, sometimes we skip the firmware updates so that we don't have to work outside of office hours. The reporting capability could be improved. It would be helpful to have a tracking feature to help us with investigating where a particular email came from.
FortiMail sometimes catches emails and marks them as spam. We sometimes need to contact the vendor regarding some issues. Occasionally, there's a bug that forces an upgrade, and once the upgrade goes through, it's fixed. There are features that other solutions have that this one is lacking, such as reporting options. I hope in future releases they advance their features list. The load balance of the LTM and the WAF should be improved. I would like all of the features to be advanced in the future because it offers fewer security features than its competitors. They do support WAF and they do offer WAF and LTM but with fewer features compared with other brands like F5. We were planning to replace F5 with Fortinet, but security came to us and said there are a lot of features that are not available. At that time, we changed our minds about utilizing the solution because of this.
The dashboard is small, it doesn't have a huge dashboard that you can rely on, you need another application to work with it, which is why they created FortiAnalyzer. This allows you to dig deeper if you want details. For example, it would tell you from which domain, to what domain, and what are the triggers that have been used to classify this email. These are all extra features, it is not an all in one. Some of the dashboards found in the FortiAnalyzer could be improved. For the basics, the solution covers it. An additional feature that could be added is a pop-up screen notifying you that an email has been blocked, without having to double click on it to take you there it could provide you with a summary explaining why it was on hold or why was it spam when you hover over it with your cursor.
It would be nice if we could manage the solution from the cloud so I could handle things off-site if necessary.
In the future, I would like it if there's a possibility to lower the price of the bandwidth and UTM. It is quite expensive.
I think that it is possible to improve the encryption features in FortiMail. I tried to use the IDE (Integrated Development Environment) features which mainly has to do with encrypted traffic. They are using a particular protocol. If you want to use encryption differently you can't exchange the private keys. So you need to use the IDE feature. The drawback is that the IDE feature in FortiMail is very difficult to deploy. It would be good if they made this easier to use. The main thing that we choose the Fortinet product for is that protects us and because it is mostly very easy to use. Also, the graphic user interface is easy to work with and very clearly maps out what we need to see in administration. The IDE feature in Fortinet is not as good as the rest of the product because it's very difficult to deploy it.
I believe the product needs better integration with FortiSandbox and integration with third-party Sandbox solutions. What clients would like, I think, is more features on the appliances. Processing power is very important and this is dependent on abilities to upgrade the appliance.
The deployment modules need improvement. They insist that it should be deployed on two different versions which doesn't make sense because ultimately, it's just an IP address. But we tried and maneuvered our way around it. The biggest room for improvement would be the deployment. It will be hard for someone who doesn't understand the interface to deploy. If you understand it, you can find your way around the problems. They should bundle the analytics in the next release of this solution. Now we need another solution like FortiAnalyzer.
I would like it if the solution could be more affordable.
The web console management interface could be improved. The documentation can be improved.