Fortinet FortiAnalyzer and Elastic Security are key players in the cybersecurity analytics space. Each product has distinct strengths: FortiAnalyzer is strong in reporting and integration with Fortinet solutions, while Elastic Security excels in scalability and analytics, making it flexible across environments. Elastic Security's open-source model provides a competitive advantage in pricing and extensibility.
Features: Fortinet FortiAnalyzer offers robust reporting capabilities, centralized log management, and seamless integration with Fortinet products for enhanced network visibility and automation. It provides comprehensive reports to aid in threat detection and troubleshooting. Elastic Security is notable for its scalability, anomaly detection, and machine learning capabilities. It integrates well with diverse software, offering strong querying features and data visualization, valued for its open-source nature.
Room for Improvement: Fortinet FortiAnalyzer needs better third-party integration, enhanced threat intelligence, and a more user-friendly interface. Improvements in pricing flexibility and update processes are also desired. Elastic Security could improve its ease of use for non-technical users, enhance its scalability, and offer more prebuilt security rules. Streamlining its user interface and maintenance is also identified as an area of enhancement.
Ease of Deployment and Customer Service: Fortinet FortiAnalyzer typically deploys on-premises or in hybrid cloud environments. Customer support feedback is mixed, with some noting responsiveness issues. Elastic Security offers flexible deployment, including on-premises, private, and hybrid clouds. It benefits from a strong self-supportive community, though customer service varies regionally. Both solutions could enhance support efficiency and deployment experience.
Pricing and ROI: Fortinet FortiAnalyzer is considered expensive, often linked to subscription pricing based on log capacity, with ROI tied to Fortinet firewall integration. Discounts are usually offered with larger purchases. Elastic Security's mix of open-source and subscription options makes it cost-effective, especially beneficial for organizations using its open-source features, and is appreciated for its favorable value compared to commercial competitors.
The impact of the tool is low when the functionalities are inaccessible due to resource consumption.
Providing necessary assistance efficiently.
Customer service and support for Fortinet FortiAnalyzer are quite helpful and responsive.
Sometimes, I need to consult FortinetDocs to understand integration.
FortiAnalyzer is a scalable product.
Fortinet FortiAnalyzer is scalable, especially for the VM versions, as additional space can be provisioned from the servers as needed.
In terms of stability, I would rate Elastic a solid eight out of ten.
We faced some CPU consumption issues, which caused the machine to slow down and required a restart of FortiAnalyzer.
CrowdStrike and Defender have more established threat intelligence integration due to having a larger client base.
Elastic Security consumes a lot of resources, requiring a substantial deployment setup.
When licensing, each device is licensed separately, such as the firewall, which can become expensive.
One area for improvement could be better support for third-party products.
A possible improvement for FortiAnalyzer could be in threat intelligence.
The pricing is reasonable, especially for Small Medium Enterprises (SMEs), making it a viable option for businesses building their security infrastructure.
Elastic Security is considered cost-effective, especially at lower EPS levels.
In terms of pricing, FortiAnalyzer is not expensive.
I can't calculate costs per user.
Elastic Security is as flexible and configurable as Microsoft Sentinel.
Elastic Security offers advanced features such as machine learning and integration with ChatGPT.
The advanced analytics capabilities aid in threat detection by providing visibility into indicators of compromise.
The system provides valuable insights through information, graphics, and reports.
It's a very flexible and rich tool, providing custom reports along with default reports.
Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.
Additional offerings and benefits:
Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.
Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.
Fortinet FortiAnalyzer Features
Fortinet FortiAnalyzer has many valuable key features. Some of the most useful ones include:
Fortinet FortiAnalyzer Benefits
There are many l benefits to implementing Fortinet FortiAnalyzer. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Below are some reviews and helpful feedback written by PeerSpot users currently using the Fortinet FortiAnalyzer solution.
PeerSpot user Imad A., Group IT Manager at a manufacturing company, says, “You can monitor all appliances from a centralized location. You have a front dashboard for all our operations and all the logs. If you need to search for anything you can just dig deep into the logs. The solution offers excellent customizable reports. In our case, we needed a monthly report of all internet consumption, and we were able to easily create this.” He goes on to add, “There are pre-defined templates. The logs cover any question or need that we populate within these templates. However, you can also build your own template. There is great analytics that can be used in different departments. For example, our marketing department can go more into media patterns and not just into browsing patterns. Everything is easily visible and can be tracked and studied.”
Luis G., Systems Architect at Zentius, mentions, “Log collection is the most valuable [feature]. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.”
Rupsan S., Technical Presales Engineer at Dristi Tech Pvt.ltd., comments, "The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."
Dilip S., Regional Head at Mass Infonet (P) Ltd., explains, “With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer. The solution is very complete. The product is very simple to use. It's regularly updated with many versions constantly adding more content and information. The solution has sandboxing, IPS, and DPS as well. The solution allows for a lot of customization.”
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
