ESA (Email Security Appliance)
The ESA is the main email filtering appliance (also called the SEG). It handles:
- Inbound and outbound mail filtering
- HAT and sender group enforcement
- Mail flow policies (MFPs)
- Message filters and content filters
- Routing email to the next hop
Think of it like the FortiManager of the email world — it holds all the policies.
SMA (Security Management Appliance)
The SMA is the centralised management and reporting layer. It handles:
- Centralised quarantine (where blocked/suspicious emails sit)
- Message tracking (trace an email’s path)
- Spam quarantine
- Reporting across multiple ESAs
Think of it like the FortiAnalyzer — it’s where you go to investigate and report.