About The Device
FortiMail delivers advanced multi-layered protection against the full spectrum of email-borne threats, it helps your organization prevent, detect, and respond to email-based threats including spam, phishing, malware, zero-day threats, impersonation, and Business Email Compromise (BEC) attacks.
FortiMail virtual machines provide complete flexibility and portability for organizations wishing to deploy email security infrastructure into a private or public cloud setting.
Fortinet FortiMail provides multiple operating modes which includes Gateway Mode, Transparent Mode and Server Mode.
Device Information
Entity | Particulars |
---|---|
Vendor Name | Fortinet |
Product Name | FortiMail |
Type of Device | Hosted |
Collection Method
Log Type | Ingestion label | Preferred Logging Protocol - Format | Log Collection Method |
---|---|---|---|
FortiMail Email Security | FORTINET_FORTIMAIL | Syslog- KV | CyberHub |
Port Requirements
Source | Destination | Port |
---|---|---|
Fortinet FortiMail | CyberHub | 601 (TCP) |
Device Configuration
Log in to the FortiMail unit’s web UI.
Navigate to Log & Report > Log Setting > Remote.
Click New to create a new entry.
Enable status to allow logging to a remote host.
Enter a Name.
In Server name/IP, enter the IP address of the CyberHub.
In Server Port, enter the TCP port number as 601.
In Protocol, select Syslog to send logs to CyberHub.
In Mode, select TCP
From Level, select the severity level Information. FortiMail unit logs all messages at and above the selected severity level.
From Facility, select the facility identifier that the FortiMail unit will use to identify itself when sending log messages. To easily identify log messages from the FortiMail unit when they are stored on a remote logging server, enter a unique facility identifier, and verify that no other network devices use the same facility identifier.
Deselect CSV format.
Under Logging Policy Configuration, enable all types of events/logs to be forwarded to CyberHub.
Click Create
Integration Parameters
Parameters required from customer for Integration.
Property | Default Value | Description |
---|---|---|
IP Address | Fortinet FortiMail interface IP address | Hostname or IP address of the device which forwards logs to the CyberHub. |