Fortinet FortiAnalyzer Reviews

We mostly use the FortiAnalyzer VM. We sell the license for this solution and also the professional service to have it. 

There are different types of business needs of our clients because they're in different business areas. We have firewalls on them. Some of them are on the perimeter network, and some of them are being used as the core network solution. We collect all the logs from their FortiGates. 

In some cases, we also use FortiWeb, which is a web application firewall. We also use FortiMail, which is an email protection solution or email security solution. We gather all the logs on FortiAnalyzer, and we try to do some flat counting and identify behavior or do behavior analysis from those logs and see what is interesting. Our team analyzes those events so that we can prevent any disruption of service because of the security, vulnerability, or issue.

Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.

It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software.

It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow. 

I have been using this solution for five years. 

We have the box or the VM running for more than a couple of years now. We do upgrade so that we can add new features that Fortinet is releasing, but it is pretty stable. It never crashes.

It is a little complex in terms of scalability and mostly because we're using a kind of high-end systems. For scaling, you have to order a different licensing and move more power and computing into a new architecture. It doesn't have that much scalability.

Our clients are SMB or small and medium businesses, but we also have plenty of customers on the campus wide area network.

I would rate them a five out of ten. They will have to move their base locations to a different city. I'm not a native speaker of English, and sometimes, when we're trying, there is a language barrier. They're located in India or some Middle East city. They can do really better. Sometimes their response is not as adequate as other vendors.

It was very straightforward. The deployment could take a couple of days to fine-tune all the rules for log management.

There are plenty of solutions. Fortinet FortiAnalyzer is very helpful if you are really into FortiGate devices. We handle other firewalls, but 80% to 85% of them are Fortinet, so it is a very good solution because it has native integration with everything, but I wouldn't recommend it if you have less than 50% of Fortinet firewalls. If you have agnostic technology, you can integrate all of them into the same solution. FortiAnalyzer is only for FortiGates right now.

I would rate Fortinet FortiAnalyzer a nine out of ten. It just needs more integration with IT service management tools for endpoint detection and response, which is the main objective.

We use the solution for just one company for the analysis of the FortiGate switch.

The solution is scalable. 

The performance is good.

It's easy to set up the product. 

The solution costs too much. 

I've used the solution for about three years. 

The solution has been stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. 

It's a scalable product and expands well.

Only admins use the solution. There are three to four people with direct access to the product. 

I do not have access to technical support. In Iran, we have sanctions, and so we cannot get support. 

The initial setup is pretty straightforward and simple. It's not overly complex or difficult to manage. We can deploy it in about two hours. You only need one person to handle the deployment and maintenance tasks as it is very simple. 

We have witnessed a bit of an ROI and find the product to be worth the cost. 

We do need to pay for a license, and the payment is made yearly. There are no extra costs associated with the product beyond the main licensing fee. 

It is an expensive solution. 

We did not evaluate other solutions before choosing this product.

Overall, I'd rate the product eight out of ten in terms of its functionality. I have been pleased with its capabilities so far. I'd recommend the solution to others. 

Fortinet FortiAnalyzer is a complete package for managing our equipment.

I have been using Fortinet FortiAnalyzer for approximately six years.

The support could be better for Fortinet FortiAnalyzer here in Mexico.

I would rate Fortinet FortiAnalyzer a nine out of ten.

We are using Fortinet FortiAnalyzer for analyzing network traffic and it provides us with log analytics.

Overall we are satisfied with all the features the solution provides.

There are a lot of solutions on the market and Fortinet FortiAnalyzer is limited. It cannot be used across multiple vendors. They can improve by advancing their technology.

The solution could improve by having better integration and support with Apple, Linux, and Microsoft solutions.

I have been using Fortinet FortiAnalyzer for approximately five years.

We have been making changes to the cloud signatures and categories because the market is changing and Fortinet FortiAnalyzer has been stable and reliable.

The solution is scalable but there are additional costs if you want to increase the scalability.

We have been satisfied with the support.

The installation was not difficult.

We did the implementation ourselves.

In the local market sometimes people are being charged more than other solutions. Although the market is competitive, legitimate suppliers do not receive a large enough discount to pass onto the customers. 

Fortinet FortiAnalyzer is not suitable for everyone, it is best suited for mid-sized businesses but if the price could be reduced there would be more customers in all-sized businesses.

I rate Fortinet FortiAnalyzer a seven out of ten.

We use the analyzer for reporting, to know what exactly is happening on the network. We use it to see which accesses are granted, which accesses are denied, which sites are visited, which botnets are coming in, which viruses, etc.

The solution is on-premise. Most of the time we set it up on the client's premises, depending on their needs. The cloud is there for testing.

It has a simplified and user-friendly interface.

With FortiAnalyzer, most of the time, although the interface is simplified, when you are new to it you have issues of navigating through it.

And when it comes to pushing logs to a SIEM, most of the time we have some issues when it comes to filtering.

Also, reports need to be simplified because its reporting currently includes more detailed and technical things. If we could get a simplified or executive summary, that would be good.

It's very stable, unlike the previous version which, when the logs were huge, would crash and we would have to reset it and start all over again.

The scalability is also fine if you do your prerequisites right. If so, you won't have any issues. But if you don't do your scoping right, and more logs come into the system - more than it can handle - you will face issues. You need to do your scoping right to get it to be stable and scalable.

Technical support is kind of slow. When you have 24/7 support, the response is quick. But when you send something in, it takes a long time to get a response. Fortinet support is a little bit slow when using their portal for support.

In our case, because we are partners, we have a couple of tech guys we can call to get support done. When an end-user requests support through the portal, and even when we do, it takes hours to get a response.

We work with multiple solutions and Fortinet has been the number-one.

For me, the initial setup was straightforward. The deployment takes approximately ten minutes. In some cases we could be waiting for results, waiting for logs to get up to do some analysis.

The price is quite expensive. Fortinet products are very expensive. That is something which they should also look at, because if you compare Fortinet product to, say, Sophos for example, Fortinet is really high and that's the only thing which is a drawback for most users. Although their plan is a value-for-money appliance, the price is expensive.

Anyone who asks me about a Fortinet product, I'll give that person a thumbs-up. So far, Fortinet has been the best for me. It's a value-for-money appliance, it has an easy to use interface, and it gives you exactly what you want. The only drawback would be the price. 

The key functions for us are the next-gen firewall and network analytics. To ensure the best protection, we need to constantly analyze the situation in the network, as well as internal and external threats, as well as actual AV protection. The Fortinet products and FortiGuard services give us all of this.

Our company uses a virtual infrastructure. Implementing this product supplements the protection of our infrastructure.

The current version of the product is easy to use. Based on my experience, I can't recommend any areas of improvement. It's important, however, to know what you want prior to implementation. Otherwise, it may not meet your future needs based on the initial configurations.

We've used it for about four months.

During installation, we had no problems with deployment.

We have had no problems with stability.

We have had no problems with scalability.

The level of local customer service was very good. Per our request, tested the product. We got all answers to our questions from technical support. I rate both of them highly.

We used Wallix AdminBastion together with it.

The initial setup was straightforward.

A successful implementation for this product depends on how clearly the customer understands what they have and what they need in the future. In most cases, the customer turns out to be unsatisfied when it's unclear that they knew what they wanted prior to implementation. My main recommendation is to implement it together with the vendor, writing down the tasks, solutions, and the expected result before you begin.

I think Fortinet has a balanced offering of prices and licenses.

Fortinet's strategy is based on the dividing the product line depending on functionality. This allows customers to choose only the necessary feature set for them.

The Fortinet product line is wide – you can choose from SOHO to Enterprise, and from hardware to virtual solution. The presence of a free client (Win/Android/OS X) provides protection for client workstations. Each customer will be able to find the most suitable solution for them.

The balanced policy product line and licensing allows customers to choose only the necessary feature set for them. Also you can easily migrate from other vendors using single tools for conversion. Another tool helps you plan the placement of Wi-Fi points in the building. Also, it's very important that equipment has international and national certification such as PCI, DSS, etc. Presentation of products for SDN (Software-defined Networks including SDDC - Software-defined Data Center) confirms the company's leading position in the market.

It receives logs from the FortiGate 5000 Series (about 12 FortiGate blades), and it was configured for keep logs for about 1,050 days. The logs are divided by archive (raw logs) and analytics (logs indexed in a database). 

The use case is primarily for getting graphical data to make quick decisions.

FAZ has improved the organization because it stores events in the past so we can correlate incidents using another monitor tools; the problem is that it can´t recognize logs from FortiController blades, not even specifying it as a syslog device so this is a big lack. Devices from another brand are compatible only as syslog devices if they support.

It supports SQL for logging and reporting. Log data is inserted into the SQL database for log view and report generation. 

Another feature is the custom reports, where you can obtain a chart builder from a log view: traffic, event, or security log.

It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs.

No issues at all. It is a reliable product.  

The problems come when you are using different OS versions between FortiGate and FortiAnalyzer.

No scalability issues. You should know how many logs per second or minute are generated in your network to avoid issues with scalability.

The technical support with Fortinet has risen considerably. Now, they respond in three to four hours instead of two days.

We did not use a previous solution.

The FAZ includes a wizard, which is very simple to follow during the initial setup.

We implemented it in-house. We have had some experience implementing FAZ.

I do not have this value yet.

The cost and pricing should be in accordance with the calculation of log storage capacity for a time period required for historical analysis.

We did not look at any other options, because Fortinet was elected for use by the end user.

My only experience is with a very important customer, the most recognized in Latin America.

We primarily use the solution in order to analyze data.

If you have two devices that need to communicate with each other, so you can see where any issue is as you can see every single communication. It shows the flux of communication.

The most valuable aspect of the solution is its ability to pinpoint where the issue is. If two devices need to communicate together, you can see which interfaces they are using. 

The stability has been very good so far. We haven't had any issues with it.

Technical support is always quite responsive and very helpful.

Overall, the product is quite good. It integrates well and has good reporting and logging.

The user interface is good and it is quite easy to use.

From my point of view, at this time, the solution isn't lacking any features or functionalities. It's very complete for our purposes.

I've been working with the solution for less than a year. It's still quite new to me.

The product has been quite stable. There are no bugs or glitches. It doesn't crash or freeze. Its been reliable in terms of performance overall.

I can't speak to the scalability. It's not an aspect of the solution I've tried to deal with. I'm unsure if it expands easily or if it would be difficult to do so.

I personally have opened two tickets with technical support in the past and everything has gone very well. They were knowledgeable and responsive and they helped me solve the issues. I have no complaints about their level of service. I've been very satisfied with them.

By the time I joined my current organization, the solution was already installed and configured. Unfortunately, I was not a part of the process and therefore can speak to how easy or difficult it was.

I don't handle the licensing or the costs. I can't speak to how much it is for our company or if it is expensive or affordable. I'm not privy to that kind of information.

That said, it's my understanding, as a comparison, that Fortinet products are cheaper than their Cisco counterparts.

We just installed our latest version a few weeks ago. It's the brand-new version of the product.

For those considering the solution, I've been told that it's cheaper to buy Fortinet or FortiGate instead of buying Cisco ASA. If cost is a concern, it might be a good idea to look at Fortinet.

We are just customers and end-users of Fortinet. We don't have a business relationship with them.

Overall, I would rate the solution at an eight out of ten. It's largely been very good.