- Real time reports
- Reports on who tried to attack
- FortiGate monitor
IT Director with 501-1,000 employees
I'm able to see each IP separately, including user name and other stats, but the admin UX needs improvement.
What is most valuable?
How has it helped my organization?
Before using FortiAnalyzer, people would surf wherever and we could not monitor or see which computer in the company goes where. Everyone had the same IP. Now, using the analyzer, I am able to see each IP separately, including user name and other stats. One time the police called and told me someone from the company was breaking the law and I was able to monitor the specific computer.
What needs improvement?
They should learn from CheckPoint how to design UX for admins.
What was my experience with deployment of the solution?
No issues encountered.
Buyer's Guide
Fortinet FortiAnalyzer
November 2024
Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
What do I think about the stability of the solution?
It's very stable.
How are customer service and support?
Customer Service:
I've not used them yet.
Technical Support:I've not used them yet.
Which solution did I use previously and why did I switch?
We previously used a previous solution.
How was the initial setup?
It was straightforward.
What about the implementation team?
We did it in-house.
What was our ROI?
It's a great ROI for the price.
What's my experience with pricing, setup cost, and licensing?
Only get it if you need it.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Implementation Manager at a tech services company with 51-200 employees
Easy to implement and robust with good technical support
Pros and Cons
- "The solution is very easy to deploy."
- "In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short."
What is our primary use case?
We're resellers of Fortinet. The solution is a product for doing diagnostics on their security environment. Our primary clients are banks or medical organizations.
What is most valuable?
The solution is very easy to deploy.
We are very familiar with the product. It makes it easy to use and implement.
The interface is easy to configure and fast to deploy. For that reason we use FortiAnalyzer.
What needs improvement?
FortiAnalyzer only works with other Fortinet products. If you need to analyze the data from other devices, other vendors, this solution is not the best one to use.
The interoperability with other vendors is lacking. It's very limited. You can scan the logs from other vendors within FortiAnalyzer, however, it only collects these logs. You can't analyze anything coming from other devices or vendors. This works very well with Fortinet products. When you need to interoperate with other vendors, it's difficult, because you don't have that support.
In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short.
For how long have I used the solution?
We've been using the solution for more than ten years at this point. It's been a decade or so.
What do I think about the stability of the solution?
The stability of the solution is excellent. It's very robust. We don't have issues with bugs or glitches. It doesn't crash or freeze. It's extremely reliable.
What do I think about the scalability of the solution?
The scalability is okay, however, it depends. If you do your homework and make the right sizing, you don't need the scalability. However, if you need scalability, it depends on the kind of client. You may need to change the box or move the FortiAnalyzer to another analyzer - something bigger - or maybe move the analyzer hardware to a better machine, depending on the customer.
Normally, we deal with small to medium-sized organizations.
How are customer service and technical support?
The technical support is very good. We have support right here in our country, and they give us very good support. We don't have a problem in this case. We've very satisfied with the level of service we get.
How was the initial setup?
The initial setup is not complex at all. It's very, very straightforward.
The deployment is quick and it's easy to configure. How long it takes depends on the size of the company that we are working for. Normally, we're able to do it within the same day, and we deploy the device or the virtual machine within that time frame. Depending on the requirements of the company, we may also optimize the reporting.
What about the implementation team?
We handle the deployment ourselves. We've been doing it for so long at this point, we've very comfortable with it.
What other advice do I have?
We use different deployment versions of Fortinet solutions. We use, for example, 200E and 200D and 100 too. These are the most popular. Right now, use the virtual environment.
This is a product that is very good for when you're using a Fortinet ecosystem. If you have a mix of vendors, it's not recommended.
Overall, I would rate the solution at a nine out of ten. We've been quite happy with their offering.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Buyer's Guide
Fortinet FortiAnalyzer
November 2024
Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
IT Security Engineer at a tech services company with 201-500 employees
Straightforward to set up and simple to use but could have a better reporting module
Pros and Cons
- "The initial setup is straightforward."
- "The pricing could be better. They could work to make it more competitive on the market."
What is our primary use case?
We primarily use it for logging collection.
What is most valuable?
It's a simple log collection tool. There isn't too much that's special or unique about it.
It meets our expectations for the most part.
The solution does offer very useful integration capabilities.
The interface is fine.
The initial setup is straightforward.
What needs improvement?
The pricing could be better. They could work to make it more competitive on the market.
The report module could be simplified a bit to make it easier to use.
Technical support has been very bad. They should work to improve their level of service.
For how long have I used the solution?
I've been dealing with the solution for about seven years at this point. It's been a while. I have a lot of experience with it.
What do I think about the stability of the solution?
The solution is stable and there are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is good.
What do I think about the scalability of the solution?
The scalability might be limited depending on the installation.
How are customer service and technical support?
We haven't been happy with technical support. We find the service to be quite bad. For example, in our last experience dealing with them, we had multiple issues and the outcomes were not great. We were disappointed with the help we received.
How was the initial setup?
The initial setup is not overly complex or difficult. It's straightforward enough. A company shouldn't have any issues with the setup.
What's my experience with pricing, setup cost, and licensing?
The pricing isn't the least expensive on the market. They could work to improve it to make it more interesting for other companies. Adjusting pricing might be a good move.
Which other solutions did I evaluate?
I've personally looked into other security solutions, just to understand the market for myself. I've personally compared Fortinet, Meraki, Check Point, and Cisco ASA Firewall in terms of their safety and security capabilities.
What other advice do I have?
We're Fortinet partners. We have a business relationship with the company.
I'd give the solution a rating of six out of ten.
I'd still recommend it to other users, however. If the reporting, interface, and tech support were a bit better, I'd rate it higher.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
System Administrator at a logistics company with 51-200 employees
Offers solid anti-virus protection but isn't so scalable
Pros and Cons
- "The anti-virus protection it offers our clients is solid."
- "The technical support is not very reliable."
What is most valuable?
The anti-virus protection it offers our clients is solid.
What needs improvement?
Currently, no solution can offer you 100% protection from viruses such as WannaCry ransomware. Fortinet should strive to improve their prevention systems.
For how long have I used the solution?
I have been using this solution for about two to three years.
What do I think about the stability of the solution?
This solution is stable.
What do I think about the scalability of the solution?
FortiAnalyzer does slow down when there is a heavy load of users, but it still does its job. Also, when many logs are generated throughout many sessions, the Analyser slows down.
How are customer service and technical support?
The technical support is not very reliable. Sometimes it takes them up to a week to get back to us.
How was the initial setup?
The initial setup is not complex. The basic setup takes roughly 30 minutes to one hour — reconfiguration can take up to one day.
What other advice do I have?
If you have Fortinet Firewall, you must implement FortiAnalyzer because, without the Analyzer, you can't generate the polls.
On a scale from one to ten, I would give this solution a rating of seven. I would give them a higher rating if they improved their scalability.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Associate Consultant - Network at a tech services company with 501-1,000 employees
It gives us reporting features, which are helpful in the case of troubleshooting and audit purposes. It should have straightforward customized reports.
Pros and Cons
- "It gives us reporting features, which are helpful in the case of troubleshooting and audit purposes."
- "It gives you live logs, which can be really helpful during troubleshooting."
- "It should have customized reports as well. While it currently has them, you need to write a script which is not straightforward."
- "The technical support takes at least two days to reply on any ticket post raised on their website."
What is our primary use case?
This product is only used for logs and reporting.
How has it helped my organization?
It gives us reporting features, which are helpful in the case of troubleshooting and audit purposes.
What is most valuable?
It has detailed reporting, e.g., user-wise reporting, threat analysis, etc. It also gives you live logs, which can be really helpful during troubleshooting.
What needs improvement?
It should have customized reports as well. While it currently has them, you need to write a script which is not straightforward.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
No issues.
What do I think about the scalability of the solution?
No issues.
How are customer service and technical support?
I would rate it as a two out of 10. The technical support takes at least two days to reply on any ticket post raised on their website.
Which solution did I use previously and why did I switch?
We did not have a previous solution.
How was the initial setup?
Initial setup is straightforward, and it has an easy setup.
What's my experience with pricing, setup cost, and licensing?
It depends upon the company.
Which other solutions did I evaluate?
We evaluated SonicWall and Cisco.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Engineer at a tech services company with 1-10 employees
Easily allows for multiple cluster groups but the GUI needs improvement
Pros and Cons
- "The scalability is good. It is also good in the cluster nodes. You can make multiple FortiAnalyzer clusters groups, and you can distribute the logs between these FortiAnalyzer nodes. In other words, you can expand the scale."
- "In terms of what could be improved, sometimes it's lagging and it also has some graphical issues with the GUI."
What is most valuable?
Fortinet FortiAnalyzer is simple and reliable. It does what the product says it would do. We have a lot of replacements in Turkey, Palo Alto, Check Point, and Forcepoint. We are replacing these various vendors with Fortinet products. But there are some software issues, like bugs or bug fixes. Otherwise, we are very happy with Fortinet products.
What needs improvement?
In terms of what could be improved, sometimes it's lagging and also has some graphical issues with the GUI. The correlation mechanism and the analytics are not as good as the competitors like Check Point or Panorama. But for IoT and SoT, it has graphical dashboards and analytical diagram tables that can correlate various logs from other products like FortiMail and FortiWeb, so it is a good mechanism for Fortinet products. If you have various Fortinet products for your firm, you can use FortiAnalyzer like a synchro mechanism.
But it needs development for software issues like the GUI bug, some logs not showing, not collecting some logs... They need to fix them.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for almost five years and maybe six years experience with Fortinet products.
What do I think about the scalability of the solution?
The scalability is good. It is also good in the cluster nodes. You can make multiple FortiAnalyzer clusters groups, and you can distribute the logs between these FortiAnalyzer nodes. In other words, you can expand the scale.
How are customer service and technical support?
We have SLA agreements with the customers, so we are giving the technical support.
How was the initial setup?
The initial setup is very simple.
If it is an individual environment, it may take one hour to complete the entire initial setup.
If the hardware requires physical adjustments for the cabinet location or the protected area, then it may take 2 hours.
What other advice do I have?
I would absolutely recommend FortiAnalyzer. Fortinet products have internal logging mechanisms if they have internal disks or stores. But if you have multiple location SD-WAN branches for multiple areas you are controlling with FortiGate, the hardware doesn't give any disk or storage, only limited storage. So if you want to go further on the logging, you have limited options, maybe one week or two weeks. So if you're using a FortiAnalyzer in the SD-WAN branches, you have a centralized logging mechanism, so you can collect all the logs in a central location and you can make the correlations or analytics with all the devices. Otherwise, you can go device, device to see what is happening on each site.
On a scale of one to ten, I would give Fortinet FortiAnalyzer a seven.
To improve this rating, as I mentioned, I need to see the older bugs, the graphical user experience, made better, like Check Point. Check Point is more visual than FortiAnalyzer. If the customer has experience with the Check Point logging mechanism, they will seek additional features in the FortiAnalyzer, but it has to be more visual.
So as I said, the graphical issues must improve.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Network Engineer at a healthcare company with 1,001-5,000 employees
We can examine the logs of multiple Firewalls on a single GUI
Pros and Cons
- "Log View is the most valuable part for us, as we can view logs from different Fortigates on a single GUI."
- "I think some improvement is required in real-time log monitoring, as sometimes it gets stuck or displays results after a delay."
What is our primary use case?
The product is really helpful in examining the logs of multiple firewalls on a single GUI.
What is most valuable?
Log View is the most valuable part for us, as we can view logs from different Fortigates on a single GUI.
Another important feature is real-time logs, they help a lot in troubleshooting.
What needs improvement?
I think some improvement is required in real-time log monitoring, as sometimes it gets stuck or displays results after a delay.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
No issues yet.
What do I think about the scalability of the solution?
No issues after installing the 1000E.
How are customer service and technical support?
Good.
Which solution did I use previously and why did I switch?
We used view local logs before this.
How was the initial setup?
It's straightforward, just add in different FortiGuards the IP address of FortiAnalyzer.
What's my experience with pricing, setup cost, and licensing?
It's worth spending on FortiAnalyzer if you have multiple firewalls in your network.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Network, Security Engineer at a tech services company with 51-200 employees
Beneficial trigger actions(on Event Handler feature), easy to install, and scalable
Pros and Cons
- "Based on the logs of Fortinet FortiAnalyzer you can have it trigger actions. For example, if the log has a word or a sentence you specified it can send an alert or Syslog to an email address."
- "Fortinet FortiAnalyzer cannot receive any queries. They should add this feature in the future to help manage solutions."
What is our primary use case?
I use Fortinet FortiAnalyzer to analyze network logs for increased security protection.
How has it helped my organization?
We can see and know our network traffic graphically.
What is most valuable?
Based on the logs of Fortinet FortiAnalyzer you can have it trigger actions. For example, if the log has a word or a sentence you specified it can send an alert to an email address or SNMP trap.
What needs improvement?
Fortinet FortiAnalyzer cannot use as SNMP Manager so cannnot receive any queries of SNMP. They should add this feature in the future to help manage solutions.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for approximately eight years.
What do I think about the stability of the solution?
I have found the solution to be stable. However, when the computer's resources are low the analysis becomes slow. There could be some optimization done.
What do I think about the scalability of the solution?
Fortinet FortiAnalyzer is scalable. It can handle small to large-scale analysis.
How was the initial setup?
The initial installation is easy. You set up the interface IP address and then you can have access. If you use the web GUI, it's very easy to connect to FortiGate and other Fortinet solutions.
What other advice do I have?
If a company purchases FortiGate they should purchase Fortinet FortiAnalyzer together. The reason is FortiGate does not have an interface for analyzing logs but if you have the Fortinet FortiAnalyzer it can analyze logs and give reports on the logs giving you more protection.
I rate Fortinet FortiAnalyzer a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Log ManagementPopular Comparisons
Splunk Enterprise Security
Dynatrace
IBM Security QRadar
Elastic Security
Elastic Observability
LogRhythm SIEM
Sumo Logic Security
Grafana Loki
Security Onion
Securonix Next-Gen SIEM
syslog-ng
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
- Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
- Which Windows event log monitoring tool do you recommend?
- What is the difference between log management and SIEM?
- Splunk vs. Elastic Stack
- How can Cloudtrail logs be used effectively to improve log monitoring?
- Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
- When evaluating Log Management solutions, what aspect do you think is the most important to look for?
- When evaluating Log Management solutions, what aspects do you think are the most important to look for?
- Why are Log Management tools important for companies?