FortiMail QuickStart Guide · FORTIMAIL QUICSTART GUIDE 19. Within the AWS Console, go back to EC2 Service -> “Instances.” Search for FortiMail-VM instance. Create URL https:///admin

FortiMailQuickStart Guide

FORTIMAIL QUICKSTART GUIDE


A starter guide to getting FortiMail up and running on AWS

A must for every mail server deployment, the FortiMail provides a highly effective set of sender, message, and content inspection techniques to prevent and detect as many threats as possible. Specifically, advanced anti-spam, anti-phishing, anti-malware, and sandboxing technologies apply the expert knowledge of the FortiGuard threat research team to stay one step ahead of the threat. FortiMail on AWS combines the scalability and stability of AWS infrastructure with the unmatched email security provided by FortiMail.

Why FortiMail for AWS?

Email is one of the most exposed security vectors for cybercriminals to attempt to exploit. Enterprises looking for web-based email, who are highly security-conscious and also want to maintain direct control of their email server, are ideal users of FortiMail on AWS. Benefit from the scalability and streamlined infrastructure cost of AWS while maintaining highly effective email security. Data loss prevention and identity-based encryption are available with no additional hardware or software to install, no user provisioning, and no recipient pre-enrollment.

2


1. First, create a VPC. In AWS console, go to Services -> VPC. On dashboard, select “Start VPC Wizard.”

2. Select VPC with two networks: private and public.

3


3. Create public subnet 10.0.0.0/24 and private subnet 10.0.1.0/24. Before creation, click to “Use a NAT instance instead.” VPC creation can take a few minutes to accomplish.

4


4. Select Subnets on the left menu and check the results of the VPC Wizard.

5. Create an EC2 instance with FortiMail. Click Services -> EC2. On dashboard, select “Launch Instance.”

5


6. Choose AWS Marketplace and find FortiMail.

7. Click Select. The default setting for instance size can stay unchanged.

6


8. Click “Configure Instance Details,” then set proper VPC and add second interface in private subnet (10.0.1.5).

7


9. Default settings for Storage, Tags, and Security Group can stay unchanged. Click on “Review and Launch,” then click “Launch.”

8


10. Select existing key pair or create new key pair and click “Launch Instance.” When instance ID shows up, collect it for future steps.

11. Assign public IP address to interface in Public subnet. In EC2 service, click on “Elastic IPs” -> Allocate New Address -> Confirm by clicking “Yes, Allocate.” Then select new public IP and assign it to instance ID from previous step.

9


12. Summary of allocating Elastic IP to EC2 instance:

13. The next step is to set up routing table for interface in private subnet. Changes in routing table need “Network Interface ID.” In EC2 service, select “Network Interfaces” and in search field, type “FortiMail,” then select interface with IP 10.0.1.5.

10


14. For the same interface, select “Actions” -> “Change Source/Dest. Check” and select “Disabled.” Click on “Save.”

15. Switch to VPC service and select “Route Tables.” Select main route table from FortiMail VPC. Switch to “Routes” tab and put “Network Interface ID” from previous step as target for destination

0.0.0.0/0. On the end, click “Save.”

11


16. Switch to “Subnet Associations” -> click on “Edit”, select 10.0.1.0/24 subnet and click on “Save.”

17. Download license from https://support.fortinet.com. After login, go to “Asset” -> “Manage Products” and select license for FortiMail VM.

12

https://support.fortinet.com/


18. Click on “License File Download.” The file with the license will be saved locally.

13


19. Within the AWS Console, go back to EC2 Service -> “Instances.” Search for FortiMail-VM instance.

Create URL https://<PublicDNS>/admin and open it in new web browser tab. Instance ID is also default password. Copy it and go to tab with login screen.

20. Log in to FortiMail using “admin” as username and the instance ID as password.

14


21. To enable FortiMail, upload license downloaded in previous step. Click on “Update.”

22. Select file with license and click “Upload.” To activate license, log out and log in again.

15


23. For security reasons, set a new password for Admin. Select “System” -> “Administrator” -> “Change password.”

24. FortiMail is ready to use.

16

Support

For more use cases on Fortinet products and support, please visit www.fortinet.com/aws and Fortinet cloud security solution.

v1.0 07.22.16

Copyright © 2016 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners.

www.fortinet.com


https://www.fortinet.com/aws/

https://www.fortinet.com/solutions/enterprise-midsize-business/cloud-security.html

Documents

FortiMail QuickStart Guide · FORTIMAIL QUICSTART GUIDE 19. Within the AWS Console, go back to EC2 Service -> “Instances.” Search for FortiMail-VM instance. Create URL https:///admin