SOURCE: Fortinet


July 06, 2010 12:00 ET

Fortinet Earns Common Criteria EAL 2+ Certification for FortiMail

Independently-Assured Security Certification Reinforces Fortinet's Commitment to Government and Enterprise Customers

SUNNYVALE, CA--(Marketwire - July 6, 2010) -  Fortinet® (NASDAQ: FTNT) -- a leading network security provider and worldwide leader of unified threat management (UTM) solutions -- today announced the company's FortiMail™ messaging security appliances have received certification for Common Criteria Evaluation Assurance Level 2 (EAL 2+). The certification process provides a third-party evaluation service for determining the trustworthiness of information technology security products, which is fundamentally important to the company's enterprise and government customers.

Common Criteria evaluations involve formal rigorous analysis and testing to examine security aspects of a product or system. Extensive testing activities involve a comprehensive and formally repeatable process, confirming that the security product functions as claimed by the manufacturer. Security weaknesses and potential vulnerabilities are specifically examined during an evaluation.

FortiMail is a specialized messaging security system that provides multi-layered protection against blended threats comprised of spam, viruses, worms and malware. FortiMail implements a customized operating system that cleans emails through corresponding FortiMail antispam and antivirus engines. Its inbound filtering engine is designed to block spam and malware before it can clog a network and affect users. Its outbound inspection technology is designed to prevent outbound spam or malware from causing other antispam gateways to blacklist users. FortiMail's dynamic and static user blocking and heuristics provides granular control over policies and users. The high-performance threat filtering technology delivered by the FortiMail appliances processes and filters messages in real time.

"Common Criteria EAL 2+ is a critical certification for Fortinet, especially as the company continues to make inroads with FortiMail in the large enterprise and government markets," said Michael Xie, founder, CTO and vice president of engineering at Fortinet. "With this EAL 2+ certification for our messaging security technology, we're confident that we've further shown our commitment to providing high quality, highly secure solutions for our customers, as FortiMail now joins our FortiGate® and FortiOS™ technologies in holding Common Criteria certification."

The Common Criteria for IT Security Evaluations, also known as ISO standard 15408, was developed by the national security organizations of the United States, Canada, the United Kingdom, France, Germany and The Netherlands. It provides a broad range of evaluation criteria for many types of commercial and nationally-sensitive government-use IT security products. EAL 4+ is the highest mutually recognized certification level.

"We found FortiMail to be straightforward to configure, use and integrate into a typical corporate network," said Erin Connor, Director of EWA-Canada's Common Criteria testing lab. "In addition, we found FortiMail is supported by comprehensive installation and administrative guidance as well as an exhaustive Command Line Interface guide. With this EAL 2+ certification, Fortinet has once again demonstrated its commitment to providing products for their clients that meet rigorous international standards for IT security."

FortiMail appliances deliver proven, powerful messaging security for any size organization, from small businesses to carriers, service providers and large enterprises. Purpose-built for the most demanding messaging systems, the FortiMail appliances utilize Fortinet's years of experience in protecting networks against spam, malware, and other message-borne threats. For more about the FortiMail family of products, please visit the product site:

About EWA-Canada
EWA-Canada ( is Canada's premier Information Assurance consulting firm specializing in IT Security Engineering, Managed Security Services and independent third-party evaluation and testing of products in its Common Criteria, FIPS 140 2 Cryptographic Module and Security Content Automation Protocol test labs. EWA-Canada is recognized for its comprehensive experience with Common Criteria evaluations, enabling companies to efficiently and cost-effectively manage the evaluation process thereby ensuring their products meet important certification requirements. For further information please visit

About Fortinet (
Fortinet (NASDAQ: FTNT) is a worldwide provider of network security appliances and the market leader in unified threat management (UTM). Our products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Our customers include enterprises, service providers and government entities worldwide, including the majority of the 2009 Fortune Global 100. Fortinet's flagship FortiGate product delivers ASIC-accelerated performance and integrates multiple layers of security designed to help protect against application and network threats. Fortinet's broad product line goes beyond UTM to help secure the extended enterprise -- from endpoints, to the perimeter and the core, including databases and applications. Fortinet is headquartered in Sunnyvale, Calif., with offices around the world.

Copyright © 2010 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCare, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiDB and FortiWeb. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties, such as Common Criteria, and Fortinet does not independently endorse such statements. This news release may contain forward-looking statements that involve uncertainties and assumptions. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and does not intend to update forward-looking statements.


Contact Information