FortiMail by Fortinet and Cisco Secure Email are two leading email security solutions for mid-sized businesses to enterprise organizations. They offer state of the art protection against a range of threats, including phishing, ransomware, and malware, as well as business-specific features and services. Both products are leading solutions in the email security category, and are often compared for their strengths and market positioning.
While both solutions offer a similar base set of features, their services diverge heavily in key areas, including complexity, price, and deployments.
Let me give you an overview of both solutions first. This article will compare Cisco secure email with FortiMail to help readers understand their differences and which might be a better fit.
What option to choose?
FortiMail
FortiMail is a comprehensive email security platform that protects organizations of all sizes against email threats, including phishing, malware, Business Email Compromise (BEC), and ransomware.
It offers a multi-layered security model that supports on-premises, cloud, virtual, and hybrid deployments, and integrates with other company security products and external services, such as Microsoft 365. FortiMail delivers advanced malware protection and robust security features, leveraging machine learning and real time updates from threat intelligence sources to enhance detection and response to emerging threats.
Key Features of FortiMail
- Fortimail ATP, advanced threat protection, blocks attacks using FortiGuard Lab’s real-time threat intelligence and AI-driven analysis.
- FortiMail DLP, data loss prevention, protects sensitive data against leaks using customizable policies and sensitive data scans.
- FortiNet Encrypted Email supports end-to-end encryption, AES-256 and TLS 1.3.
- Microsoft 365 and Google Workspace integration.
- Comprehensive analytics and reporting, including detailed logging (in real time) and customizable reports.
- Supports all deployment types, including FortiMail Cloud, Appliances, and hybrid setups.
- Content Disarm and Reconstruction – aims to remove malicious parts of emails, e.g., links or macros to reconstruct a safe version.
- Advanced anti-spoof detection using DMARC, DKIM and SPF verification.
- Identity-based Encryption enables secure email delivery to external recipients and outgoing emails without pre-sharing keys or requiring specific software.
- Advanced threat detection using AI and machine learning to identify potential threats, malicious URLs and mitigate sophisticated cyber threats.
- Reputation and content filtering to block suspicious senders by assessing sender reputation and leveraging threat intelligence.
- FortiMail offers comprehensive features for email security, providing extensive protection and integration.
The cloud-based services deploy quickly and efficiently usually, as most are handled by Fortinet. IT workers need to change the mail server configuration to route email through FortiMail’s cloud infrastructure. Microsoft 365 and Google Workspaces integration is provided via an API. Expect between 30 minutes and 2 hours for the initial setup, and another one or two hours to add Microsoft 365 or Google Workspaces.
The whole process is intuitive, using a wizard-guided setup and pre-set templates for common policies.
Deployment increases for on-premises, hybrid and virtual machines solutions. Expect between two and eight hours for the initial setup, due to the more complex nature of setup. Hybrid deployments may require days for initial setup.
FortiNet offers guides, product videos and documentation to help with onboarding. FortiCare, a 24/7 support service, is included in subscriptions and usually responds quickly to inquiries.
A good starting point is the FortiMail Datasheet, which offers detailed information about the product. It covers features, deployments, integrations, and much more.
Pros and Cons of FortiMail
| Pros | Cons |
|---|---|
| Excellent integration with other Fortinet products | On-premises deployments are complex and may require network expertise. |
| The interface is user-friendly, especially for common tasks. | Dashboard may lack customization options. |
| Deployment options are flexible; all deployment scenarios are supported. | Large scale support reportedly not as reliably as that of Cisco’s. |
| Identity-based encryption support. | Add-ons cost extra, e.g. Microsoft 365 API Connector. |
| State of the art threat protection, including FortiGuard Lab’s AI-driven phishing detection. | |
| Content disarm and reconstruction feature. | |
| FortiMail SNMP (Simple Network Management Protocol) is supported in all plans. | |
| Compliance with security standards, including GDRP and HIPAA. | |
| Good support and suitable for small businesses as well as large enterprises. |
Cisco Secure Email (Cisco Email Security)
Secure Email by Cisco, also referred to as Cisco Email Security, is available as an on-premises, hybrid, and cloud-hosted solution that is powered by Cisco Secure Email Cloud Gateway. Cisco Secure Email is designed for large enterprises and security teams seeking robust protection and advanced malware protection against email based threats.
Different service tiers are available, which offer base protections but diverge when it comes to advanced functionality or services. Cisco Secure Email helps protect organizations by enhancing their security posture and overall security posture through comprehensive email security measures.
All tiers include phishing defenses, using sender authentication, domain reputation, URL filtering, anti-spam capabilities and anti-malware through Cisco Talos. It is highly effective in blocking spam emails, phishing attempts, and ensuring legitimate emails are delivered.
Advanced features, including advanced threat detection, malware protection, and robust security features, are available, with seamless integration with Office 365, other office environments, and robust support for hybrid deployments. The user interface is designed for ease of use and management. Comprehensive documentation is available for deployment and management. Cisco Secure Email is a key component of the Cisco security portfolio.
Other features, including Data loss prevention, Secure Email Encryption Service, or Safe Unsubscribe, are only included in higher tiers. Most can be purchased as add-ons though, but the price is only revealed when you contact Sales directly.
Cisco Secure Email offers comprehensive features for protecting sensitive information.
Key Features of Cisco Secure Email
- Cisco Advanced Threat Protection: blocks phishing, malware, ransomware, and BEC using Cisco Talos.
- Data Loss Prevention to prevent the unauthorized sharing of sensitive data.
- Cisco Email Encryption service.
- Sender authentication using DMARC, DKIM, and SPF.
- Real-time link and attachment analysis.
- Automated or manual remediation of threats in Microsoft 365.
- Spam and graymail management.
- Reputation filtering to block suspicious senders.
- Real time updates from threat intelligence sources.
- Comprehensive features for email security.
- Flexible deployment options.
- Cisco Secure Email Appliance via Secure Email Gateway.
- Centralized reporting and analytics.
A good starting point is the Cisco Secure Email Datasheet. It provides an overview of the main features of Cisco Secure Email, deployments, including Cisco Hybrid and Cisco Cloud Email Security, and much more.
Pros and Cons of Cisco Secure Email
| Cisco Talos powers threat intelligence, which is a highly respected security service. | Some features are only available as add-ons, which cost extra. |
|---|---|
| Integrations within Cisco’s ecosystem, make this the right pick for organizations already invested. | Reports suggest that the costs are relatively high, especially for smaller or medium-sized businesses. |
| Compliance with security standards, including GDRP and HIPAA. | Some configurations require technical expertise. |
| Offers good support and is particularly suitable for large enterprises. | Some security features, including DMARC, are only available as add-ons. |
FortiMail Pricing
Fortinet does not disclose pricing information on its website. The pricing model varies based on the deployment type, number of mailboxes, capacities, hardware specifications, and other factors, including booked add-ons.
User reports and information that I gathered suggest the following estimated price ranges for the four core FortiMail products:
- FortiMail Cloud Gateway: between $1.19 to $1.86 per month and mailbox.
- FortiMail Cloud Server: between $2.61 and $4.09 per month and mailbox
- On-Premises Appliances: between $2,000 to $10,000 per year, plus hardware costs between $5,000 and $30,000 one-time.
- Virtual machines: between $1,500 and $3,000 per year plus add-ons.
The pricing varies, depending on several factors, including the subscription period and number of mailboxes.
Several add-on services may be booked that extend the functionality.
Fortinet offers a self-guided demonstration and a free 30-day trial. The trial is ideal for testing the service to find out if it covers all use-cases that your organization requires. Educational institutions can also benefit from the trial to assess their compliance and email security needs.
Consult the Fortinet Ordering Guide for detailed product information and order options.
Cisco Secure Email Pricing
Like Fortinet, Cisco does not disclose Secure Email pricing publicly. Sales need to be contacted for a custom quote based on the requirements. Potential customers may also contact Cisco partners, such as Orixcom or IronPortStore, for custom quotes.
Pricing depends on several factors, including the number of users, deployment type, tier, and contract duration. Longer subscription periods, three or five-year contracts, may include significant savings in the range of 10 percent to 30 percent of the total costs.
The price of a Cisco Secure Email XaaS subscription is also not disclosed publicly. XaaS refers to Everything-as-a-Service. It focuses exclusively on the cloud-based Secure Email Cloud Gateway offering a fully managed, scalable solution with flexible billing and licensing.
A 30-day free trial of Cisco Secure Email Threat Defense is provided, which is ideal for testing Cisco’s solution and making sure that it fits all your requirements.
FortiMail vs. Cisco Email Security: Direct Comparison
| Threat Protection | Anti-spam, anti-malware, phishing, DLP, CDR, sandboxing, automated threat response | Offers robust protection with anti-spam, anti-malware, phishing, DLP, CDR, sandboxing, advanced threat detection, spam detection, email filtering |
|---|---|---|
| Encryption | E2EE (AES-256/TLS 1.3 | E2EE (AES-256/TLS 1.3 |
| Reporting & Analytics | Customizable threat, traffic, user, and DLP reports | Deep analytics, compliance, and threat trend reports |
| Compliance Support | SOC2, ISO 27001, GDPR, HIPAA | SOC2, ISO 27001, GDPR, HIPAA |
| Deployment Options | Hardware, virtual appliance, cloud, hybrid | Cloud, integrates with other Cisco security tools, on-premises, virtual, and hybrid |
| Usability | Clean UI, moderate learning curve | Complex UI, steep learning curve for new admins |
| Integration | Fortinet ecosystem | Cisco security suite |
| AI & Threat Intelligence | FortiGuard Labs | Cisco Talos |
| File Handling | CDR for safe content delivery | File scanning with sandboxing |
| Post-Delivery Remediation | Available via policies and manual controls | Automated retroactive threat mitigation |
What Are the Key Differences Between the Two Services?
Both products cover all major email security bases but have significant differences in terms of strengths and weaknesses.
FortiMail, for instance, offers strong identity-based encryption and content disarm and reconstruction features. The former makes the secure sharing of data with external sources a simple process, the latter removes malicious content from attachments to reconstruct a safe to access version. FortiMail provides comprehensive features and robust email security measures that help protect organizations from email-based threats and safeguard sensitive information across various industries.
As for limitations, integrations are not as far-reaching as that of Cisco’s solution, and some users may find the reporting capabilities weaker.
Cisco Secure Email offers a seamless Microsoft 365 integration with rapid message remediation feature making it a good choice for organizations that use Microsoft 365 heavily. It offers a few additional features, like Safe Unsubscribe, but these are often available only in higher tiers or as paid add-ons. Cisco enhances security posture and overall security posture through advanced integration and comprehensive features, providing organizations with a unified approach to email security.
Costs are reportedly significantly higher, and hybrid deployments are more complex to set up.
What option to choose?
Verdict: FortiMail vs. Cisco Secure Email
FortiMail and Cisco Secure Email are two advanced email solutions for mid-sized and larger businesses. They both cover all bases, but diverge heavily when it comes to price, deployments and advanced features.
Cisco Secure Email is the better choice for organizations that already use other Cisco tools and services. It is a natural pick, as it integrations well with other Cisco tools. It is also favored by larger enterprises and is well-suited for security teams responsible for evaluating and implementing robust email security measures, but does not deploy as quickly and may require a mature IT and security team for operation.
My final recommendation is to use the free trials that both services offer to test the ins and outs of each service before making a commitment. Certain strengths or weaknesses may not play a role for the requirements and needs of your organization, while others may be dealbreakers.