Fortinet FortiAnalyzer Reviews

We are using Fortinet FortiAnalyzer for analyzing network traffic and it provides us with log analytics.

Overall we are satisfied with all the features the solution provides.

There are a lot of solutions on the market and Fortinet FortiAnalyzer is limited. It cannot be used across multiple vendors. They can improve by advancing their technology.

The solution could improve by having better integration and support with Apple, Linux, and Microsoft solutions.

I have been using Fortinet FortiAnalyzer for approximately five years.

We have been making changes to the cloud signatures and categories because the market is changing and Fortinet FortiAnalyzer has been stable and reliable.

The solution is scalable but there are additional costs if you want to increase the scalability.

We have been satisfied with the support.

The installation was not difficult.

We did the implementation ourselves.

In the local market sometimes people are being charged more than other solutions. Although the market is competitive, legitimate suppliers do not receive a large enough discount to pass onto the customers. 

Fortinet FortiAnalyzer is not suitable for everyone, it is best suited for mid-sized businesses but if the price could be reduced there would be more customers in all-sized businesses.

I rate Fortinet FortiAnalyzer a seven out of ten.

Our primary use case of this solution is for bandwidth. We are very satisfied with this program.

The feature I find most useful is the handy dashboard.

I would like to see an improvement in the technical support. Stronger authentication will also be a plus.

In the next version, I would like to have authentication for 40 tokens.

We have between 20 and 25 users and we plan to increase this number, so I believe the program is scalable.

We are very satisfied with the customer service.

The initial setup was straightforward and deployment took us about eight months. The reason for this is that we installed other programs during this time too, like Fireworks Data Center, Switch Data Center, Cisco Nexus Data Center, and Forcepoint. We use Stitch as our local manager. 

All Fortinet programs come at a good price.

I will definitely recommend this solution to others. My rating is a ten out of ten.

We use the analyzer for reporting, to know what exactly is happening on the network. We use it to see which accesses are granted, which accesses are denied, which sites are visited, which botnets are coming in, which viruses, etc.

The solution is on-premise. Most of the time we set it up on the client's premises, depending on their needs. The cloud is there for testing.

It has a simplified and user-friendly interface.

With FortiAnalyzer, most of the time, although the interface is simplified, when you are new to it you have issues of navigating through it.

And when it comes to pushing logs to a SIEM, most of the time we have some issues when it comes to filtering.

Also, reports need to be simplified because its reporting currently includes more detailed and technical things. If we could get a simplified or executive summary, that would be good.

It's very stable, unlike the previous version which, when the logs were huge, would crash and we would have to reset it and start all over again.

The scalability is also fine if you do your prerequisites right. If so, you won't have any issues. But if you don't do your scoping right, and more logs come into the system - more than it can handle - you will face issues. You need to do your scoping right to get it to be stable and scalable.

Technical support is kind of slow. When you have 24/7 support, the response is quick. But when you send something in, it takes a long time to get a response. Fortinet support is a little bit slow when using their portal for support.

In our case, because we are partners, we have a couple of tech guys we can call to get support done. When an end-user requests support through the portal, and even when we do, it takes hours to get a response.

We work with multiple solutions and Fortinet has been the number-one.

For me, the initial setup was straightforward. The deployment takes approximately ten minutes. In some cases we could be waiting for results, waiting for logs to get up to do some analysis.

The price is quite expensive. Fortinet products are very expensive. That is something which they should also look at, because if you compare Fortinet product to, say, Sophos for example, Fortinet is really high and that's the only thing which is a drawback for most users. Although their plan is a value-for-money appliance, the price is expensive.

Anyone who asks me about a Fortinet product, I'll give that person a thumbs-up. So far, Fortinet has been the best for me. It's a value-for-money appliance, it has an easy to use interface, and it gives you exactly what you want. The only drawback would be the price. 

We mostly use the FortiAnalyzer VM. We sell the license for this solution and also the professional service to have it. 

There are different types of business needs of our clients because they're in different business areas. We have firewalls on them. Some of them are on the perimeter network, and some of them are being used as the core network solution. We collect all the logs from their FortiGates. 

In some cases, we also use FortiWeb, which is a web application firewall. We also use FortiMail, which is an email protection solution or email security solution. We gather all the logs on FortiAnalyzer, and we try to do some flat counting and identify behavior or do behavior analysis from those logs and see what is interesting. Our team analyzes those events so that we can prevent any disruption of service because of the security, vulnerability, or issue.

Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.

It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software.

It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow. 

I have been using this solution for five years. 

We have the box or the VM running for more than a couple of years now. We do upgrade so that we can add new features that Fortinet is releasing, but it is pretty stable. It never crashes.

It is a little complex in terms of scalability and mostly because we're using a kind of high-end systems. For scaling, you have to order a different licensing and move more power and computing into a new architecture. It doesn't have that much scalability.

Our clients are SMB or small and medium businesses, but we also have plenty of customers on the campus wide area network.

I would rate them a five out of ten. They will have to move their base locations to a different city. I'm not a native speaker of English, and sometimes, when we're trying, there is a language barrier. They're located in India or some Middle East city. They can do really better. Sometimes their response is not as adequate as other vendors.

It was very straightforward. The deployment could take a couple of days to fine-tune all the rules for log management.

There are plenty of solutions. Fortinet FortiAnalyzer is very helpful if you are really into FortiGate devices. We handle other firewalls, but 80% to 85% of them are Fortinet, so it is a very good solution because it has native integration with everything, but I wouldn't recommend it if you have less than 50% of Fortinet firewalls. If you have agnostic technology, you can integrate all of them into the same solution. FortiAnalyzer is only for FortiGates right now.

I would rate Fortinet FortiAnalyzer a nine out of ten. It just needs more integration with IT service management tools for endpoint detection and response, which is the main objective.

Generally, Fortinet FortiAnalyzer gives you visibility around the network. You can track and monitor devices and pick the surrounding network. You can see which packets are being sent to the network, who the users are, and what are they using. You can also view the policies and firewall rules that are being used, the IDs that are being connected to, and the IP address a particular user is using.

Basically, it's a SOC. It's a security operations device. We use it for continuous monitoring, and it takes a team to do so. In my organization, three to four people are using it on a daily basis.

The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. 

It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well.

They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products.

It would also be good to include customizable reports and customizable views of the reports. 

I have been using Fortinet FortiAnalyzer for about five to eight months. We are using the latest version. We have deployed it on-premises as a VM.

It's pretty stable.

I'd say that it's very scalable. Scalability depends on which version of the appliance you're using. 

If you're using a hardware-based appliance, it's obviously tough to scale as that would require purchasing new devices. If you go to cloud services or virtual services, it's pretty easy to scale. You need to purchase new VMs and add the IOCs that you need, which is easy. 

I have contacted technical support, but not particularly regarding Fortinet FortiAnalyzer. I have only contacted them for firewalls and routing issues. I have not yet contacted them for things related to Fortinet FortiAnalyzer.

It's very easy and straightforward. You just need the point the FortiGate devices to your Fortinet FortiAnalyzer, and it just automatically configures the security fabric. The time depends on how many devices you're actually using. Configuring one device into your Fortinet FortiAnalyzer takes about five minutes or so.

The deployment was pretty straightforward. I didn't need any help in setting it up. I did it myself very easily. It comes with useful guidelines for setting it up. They also provide documentation and information through their website.

One person can easily do the deployment, but the main goal of the solution is to continue to monitor the regular network traffic for which a team is required. Our software team is responsible for handling such things.

This product is only dedicated to packet analyzing, automation, and things like that. I have not used analyzers of other vendors. However, other solutions do provide similar functionalities. 

It is kind of a very good network packet analyzer solution. It does what a network analyzer should do, and it does it very well. 

In terms of firewalls and using network analyzers, Fortinet has always been the leader among the leaders. Fortinet provides very good features and products. Specifically, if you want to use Fortinet FortiAnalyzer, you need to have a FortiGate environment. You need at least one FortiGate or other similar product in your network. So, if you are already using or are into Fortinet products, then FortiAnalyzer is a very good product to add on top of other products. Having only FortiAnalyzer in your network is kind of useless.

I would rate Fortinet FortiAnalyzer a nine out of ten. It's a very good product.

We use it for reports and analysis.

The report templates are valuable. It works very well, and integrations also work well.

Feature-wise, it is working very well for us. We don't need any additional features. However, its pricing can be improved. For small business customers, price is an important factor.

I have been using this solution for two years.

It is stable.

It is easy to scale.

It is expensive for small business customers. It is only available for customers with a high number of firewalls to manage or to report. If a customer has only five boxes of FortiGate, the price of FortiAnalyzer can be more than the five boxes. So, we can't easily put this solution for small business customers.

I would rate this solution a nine out of ten.

It is used to get the logs of all boxes that a customer has.

I like its simplicity. It is straightforward. We get reports and emails about the logs, and that's it. 

The cloud version can be expensive. If the customers could get the resources to store the logs on-premises, it would be much better.

In terms of features, there is no need for additional features.

I have been using this solution for three years.

It is stable.

It is scalable.

We need only one engineer for its deployment and maintenance.

It is acceptable for on-premises, but it is expensive for the cloud. 

I would rate it a 10 out of 10.

The feature I find most valuable is the reporting customization.

Areas for improvement would be the default template reporting and the user-friendliness of the report customization. In the next release, I would like to see more information about tracking intelligence.

I have been using this product for over five years.

This solution is stable.

This solution is scalable.

Technical support is fine, but they could improve their understanding of the customer environment when troubleshooting.

The initial setup is ok.

The pricing of this product should be about 10-20% lower.

This is a good product, but I think there are better ones for log analytics. I would rate this product seven out of ten.