Fortinet FortiAnalyzer Reviews

Our primary use case of this solution is for bandwidth. We are very satisfied with this program.

The feature I find most useful is the handy dashboard.

I would like to see an improvement in the technical support. Stronger authentication will also be a plus.

In the next version, I would like to have authentication for 40 tokens.

We have between 20 and 25 users and we plan to increase this number, so I believe the program is scalable.

We are very satisfied with the customer service.

The initial setup was straightforward and deployment took us about eight months. The reason for this is that we installed other programs during this time too, like Fireworks Data Center, Switch Data Center, Cisco Nexus Data Center, and Forcepoint. We use Stitch as our local manager. 

All Fortinet programs come at a good price.

I will definitely recommend this solution to others. My rating is a ten out of ten.

Fortinet FortiAnalyzer is primarily utilized to generate quarterly reports showcasing blocked attacks and vulnerabilities. It employs features like WAV porting triggers and DNS triggers to effectively demonstrate to the client the security of their environment.

Fortinet FortiAnalyzer assists in showcasing the value of Fortinet and facilitates the upselling of additional Fortinet products to our customers.

The most valuable feature is the capability to create a customized dashboard. We can subsequently input our EMS, FortiClient, and FortiGate data into it and generate reports.

The integration between specific tenants and FortiAnalyzer can be simplified when utilizing a multi-tenant EMS for our FortiClient.

I have been using Fortinet FortiAnalyzer for three months.

Fortinet FortiAnalyzer is stable.

Fortinet FortiAnalyzer is scalable.

I utilized the technical support services once, and I received a prompt response.

The initial setup is straightforward. The deployment was an easy and smooth process. The deployment took one day and I did it myself.

I would rate Fortinet FortiAnalyzer a nine out of ten.

Fortinet FortiAnalyzer does not require maintenance after the initial report setup. We simply have to remove and add FortiGate as needed for each report.

Before utilizing Fortinet FortiAnalyzer, individuals should determine the type of reporting they require. Additionally, they ought to be acquainted with FortiGate before endeavoring to use FortiAnalyzer.

The solution is used for grabbing logs. It is designed for log aggregation of all Fortigate firewalls and to give visibility of traffic and usage. 

The log events are quite useful for us. The events aggregation from various Fortigate products makes it very helpful.

Technical support is helpful.

The stability is excellent.

This is a highly scalable product.

The setup is straightforward. 

We'd like to see more embedded features.

We'd like to see more SIEM capabilities. I'd love to see this merged with FortiSIEM for example. 

I've been using the solution for around 20 years. 

The stability is great. I'd rate it ten out of ten for reliability. We rarely have any issues. 

You pay compared to the volume of logs you collect. It is very scalable. It's highly expandable. On a scale from one to ten, I'd rate the scalability ten out of ten. 

We have less than five network engineers using the product. 

I've dealt with support in the past and found them helpful and responsive. 

Positive

We use a variety of Fortigate products.

We did not use a different vendor previously. There is no other real option. We did try to use the free version of Splunk. We moved to Fortianalyzer as it works better in Fortinet products. Splunk is harder to fit into other Fortinet products. 

The installation process only takes a couple of hours. It is easy to install. 

The maintenance is very minimal. One person can handle maintenance tasks. 

We do use specialized consultants occasionally. However, I have been able to do it by myself as well in the past.

I cannot speak of the exact price. Someone else manages the contract. However, you do get good value for your money. It's not overly expensive. 

As it is on-premises, you do need some on-prem resources. You need a traditional hypervisor and need the ability to host the solution on your premises. 

We're customers and end-users. 

We are using the latest version of the solution typically. 

I'd recommend the solution to other users. 

I would rate the solution ten out of ten.

I mainly use FortiAnalyzer to centralize logs from multiple devices and generate local reports. It can work in two operation modes: as a collector only or an analyzer.

FortiAnalyzer has enriched the visibility for all our security solutions.

FortiAnalyzer's best feature is centralized log analysis. It's based on SQL database, so I can fully customize my report, chart-wise and log-wise, and can create as many reports as I want without any limit. It also has an important feature called Indicators of Compromise, an artificial intelligence feature that detects and alerts you when there is a breach in your entity. 

I've been using FortiAnalyzer for ten years.

FortiAnalyzer is a very mature and stable product.

FortiAnalyzer is scalable. When my organization expands in any way, I can implement a FortiAnalyzer as a collector only, it will collect the log, and I can send this to the main analyzer. If I use the virtual alert mode, this is a stackable license, so I can expand the log size or the internal hard-disc log size by purchasing a license. There is also a workaround solution, to automatically upload the old log file to shared storage and delete the old one, which gives more space in the hard drive.

FortiAnalyzer's technical support is helpful.

Positive

FortiAnalyzer is straightforward to implement and integrate, but a little experience is needed to generate a technical level.

We get good ROI from FortiAnalyzer.

FortiAnalyzer's price could be lower, but it is cheaper than competitors like Palo Alto, Forcepoint, or Sophos. The basic license is available on a yearly basis, but some other licenses can be for three, six, or nine months as required. There are no hidden costs associated with this product.

Don't just depend on the basic reports, you can get much more out of FortiAnalyzer if you know how to create customized reports from the SQL queries. I would give FortiAnalyzer a rating of eight out of ten.

We primarily use the solution to protect the network and to control how the users access and use the internet.

The IBS (Intent Based Segmentation) and application web filtering are the most valuable aspects of the solution.

The solution is quite expensive.

The solution could use more graphics and be more specific in the dashboard. This way, I'm able to understand everything and effectively understand what's going on, including what's incoming and outgoing. Right now, I have to look up everything. I need a dashboard so that I can see specific items right there in one place.

We have 600 users and do plan to increase usage in the future.

Technical support is good. We've talked with them a few times. We have third-party support here in Oman.

I didn't previously use another solution.

A third party vendor assisted us with the implementation.

We have around 12 devices and yearly we spend approximately $14,000.

We are using the private cloud deployment model.

I would rate the solution nine out of ten. I don't have much to compare it to, but it's been fairly good.

The primary use cases are log management and the reporting fraud forum. It provides a vision of the network.

From my perspective, we need to see the traffic in a good way so we can know what has happened in our network. The analyzing tools and the monitoring tools and the logs are the important part in the network.

The traffic monitoring could be better, and stability could be improved.

I have been using this solution for about two years.

The solution should be more stable.

For the cloud version, you can expand it as you need it.

I haven't contacted technical support.

The solution is easy to install.

FortiAnalyzer was in the product itself, but two years ago they split it from Fortinet. We paid the license two years ago.

I would rate this solution 9 out of 10. 

I can recommend this solution for other users. 

We mostly use the FortiAnalyzer VM. We sell the license for this solution and also the professional service to have it. 

There are different types of business needs of our clients because they're in different business areas. We have firewalls on them. Some of them are on the perimeter network, and some of them are being used as the core network solution. We collect all the logs from their FortiGates. 

In some cases, we also use FortiWeb, which is a web application firewall. We also use FortiMail, which is an email protection solution or email security solution. We gather all the logs on FortiAnalyzer, and we try to do some flat counting and identify behavior or do behavior analysis from those logs and see what is interesting. Our team analyzes those events so that we can prevent any disruption of service because of the security, vulnerability, or issue.

Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.

It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software.

It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow. 

I have been using this solution for five years. 

We have the box or the VM running for more than a couple of years now. We do upgrade so that we can add new features that Fortinet is releasing, but it is pretty stable. It never crashes.

It is a little complex in terms of scalability and mostly because we're using a kind of high-end systems. For scaling, you have to order a different licensing and move more power and computing into a new architecture. It doesn't have that much scalability.

Our clients are SMB or small and medium businesses, but we also have plenty of customers on the campus wide area network.

I would rate them a five out of ten. They will have to move their base locations to a different city. I'm not a native speaker of English, and sometimes, when we're trying, there is a language barrier. They're located in India or some Middle East city. They can do really better. Sometimes their response is not as adequate as other vendors.

It was very straightforward. The deployment could take a couple of days to fine-tune all the rules for log management.

There are plenty of solutions. Fortinet FortiAnalyzer is very helpful if you are really into FortiGate devices. We handle other firewalls, but 80% to 85% of them are Fortinet, so it is a very good solution because it has native integration with everything, but I wouldn't recommend it if you have less than 50% of Fortinet firewalls. If you have agnostic technology, you can integrate all of them into the same solution. FortiAnalyzer is only for FortiGates right now.

I would rate Fortinet FortiAnalyzer a nine out of ten. It just needs more integration with IT service management tools for endpoint detection and response, which is the main objective.

We use the solution for just one company for the analysis of the FortiGate switch.

The solution is scalable. 

The performance is good.

It's easy to set up the product. 

The solution costs too much. 

I've used the solution for about three years. 

The solution has been stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. 

It's a scalable product and expands well.

Only admins use the solution. There are three to four people with direct access to the product. 

I do not have access to technical support. In Iran, we have sanctions, and so we cannot get support. 

The initial setup is pretty straightforward and simple. It's not overly complex or difficult to manage. We can deploy it in about two hours. You only need one person to handle the deployment and maintenance tasks as it is very simple. 

We have witnessed a bit of an ROI and find the product to be worth the cost. 

We do need to pay for a license, and the payment is made yearly. There are no extra costs associated with the product beyond the main licensing fee. 

It is an expensive solution. 

We did not evaluate other solutions before choosing this product.

Overall, I'd rate the product eight out of ten in terms of its functionality. I have been pleased with its capabilities so far. I'd recommend the solution to others.