Try our new research platform with insights from 80,000+ expert users
Network & Security Section Head/Digital Transformation at City Edge
Real User
Top 5Leaderboard
Centralized log analysis streamlines management tasks and accelerates report generation
Pros and Cons
  • "The most valuable feature of Fortinet FortiAnalyzer is its ability to report for several management tasks in a very short time."

    What is our primary use case?

    The primary use case for Fortinet FortiAnalyzer is for analyzing and reviewing logs for every device related to Fortinet.

    What is most valuable?

    The most valuable feature of Fortinet FortiAnalyzer is its ability to report for several management tasks in a very short time. This allows for quick analysis and report generation for executives, saving time. Additionally, its incident response is considered decent, and its ease of setup and integration with Fortinet devices centralizes logs in one place.

    What needs improvement?

    In the next version, automation analysis should be enhanced.

    For how long have I used the solution?

    I have used Fortinet FortiAnalyzer for two and a half years.
    Buyer's Guide
    Fortinet FortiAnalyzer
    April 2025
    Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
    849,190 professionals have used our research since 2012.

    What was my experience with deployment of the solution?

    The deployment of Fortinet FortiAnalyzer depends on the environment. If it is a small environment, it takes one day with full implementation and integration with every device. A larger environment might take two or three days.

    What do I think about the stability of the solution?

    I rate the stability of the solution at nine out of ten.

    What do I think about the scalability of the solution?

    I rate the scalability of the solution as eight out of ten.

    How are customer service and support?

    I rate the technical support from Fortinet as eight out of ten.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    I did not use a different solution prior to Fortinet FortiAnalyzer.

    How was the initial setup?

    The initial setup of Fortinet FortiAnalyzer is very easy.

    What's my experience with pricing, setup cost, and licensing?

    The price of the solution is fair, although I do not remember the exact price.

    What other advice do I have?

    Based on my experience, I would recommend Fortinet FortiAnalyzer to small companies as it is easy to use and centralizes logs in one place, saving time. There are also options related to IOC and automation, as well as SOAR, which help small environments. Overall, I rate the solution as eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    MuhammadFarrukh - PeerSpot reviewer
    Vice President at Habib Metropolitan Bank Ltd
    Real User
    Top 20
    Offers detailed log reports, but functionality with third-party tools needs improvement
    Pros and Cons
    • "Provides detailed log reports"
    • "The solution does not function well with third-party tools"

    What is our primary use case?

    It's working well enough. The solution allows fetching multiple logs across different firewalls. At our company, we use FortiAnalyzer to fetch event and traffic logs. 

    How has it helped my organization?

    In terms of productivity enhancement in our organization, I would rate the solution an eight out of ten. 

    What is most valuable?

    One of the solution's most vital features is that it can provide detailed log reports. Using the solution at our company, we can obtain details on the source IP, traffic, and logs for the last three months. 

    What needs improvement?

    The solution does not function well when integrated with third-party tools. Logs are not converted to the source and destination IP, and the address or port details are only available in textual format when Fortinet FortiAnalyzer integrates with other vendor tools like Cisco.

    For how long have I used the solution?

    I have been using the solution for three years. 

    What do I think about the scalability of the solution?

    I would rate the scalability an eight out of ten. In our organization, about 40 to 50 devices are integrated into Fortinet FortiAnalyzer. Our organization uses the solution once a week for reporting purposes, and the configuration has been implemented accordingly. 

    How are customer service and support?

    I would rate the tech support an eight out of ten. 

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    Previously, at our company, we used software like Syslog. We switched to Fortinet FortiAnalyzer for the log reporting feature. 

    How was the initial setup?

    The solution has a user-friendly interface, and our company did not face any issues with deployment or configuration. I would rate the initial setup a seven out of ten. The initial deployment of Fortinet FortiAnalyzer took a couple of weeks at our organization. 

    At our company, we primarily deployed the device in a pilot phase, where only ten to fifteen devices were integrated. The solution's behavior was analyzed through log fetching. After analysis, our company deployed the product in the data center, and it started working in a live environment. 

    What's my experience with pricing, setup cost, and licensing?

    I would rate the solution's pricing a seven out of ten. 

    Which other solutions did I evaluate?


    What other advice do I have?

    The solution is used for configuration changes, security features, IPS, application filtering and sometimes for manual report generation. 

    I would rate the product's compliance an eight out of ten. In my opinion, Fortinet FortiAnalyzer is a better solution than its competitors. 

    At our organization, we have used the solution to automate certain configurations, including email triggering. I would overall rate the solution a seven out of ten. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Fortinet FortiAnalyzer
    April 2025
    Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
    849,190 professionals have used our research since 2012.
    reviewer1260276 - PeerSpot reviewer
    Technical Engineer - Technical Security at a tech services company with 1,001-5,000 employees
    Real User
    Top 20
    Offers seamless log storage and integration with existing systems
    Pros and Cons
    • "The scalability of Fortinet FortiAnalyzer is excellent at a rating of ten out of ten."
    • "The log view for syslog in Fortinet FortiAnalyzer could be improved. A more comprehensive dashboard for syslog would enhance its value."

    What is our primary use case?

    I use Fortinet FortiAnalyzer for log storage, log analytics, and generating reports. It also acts as a syslog server as well as a SIEM and SOAR solution. It is integrated with Fortinet solutions like FortiGate, FortiClient, FortiMail, and FortiWeb.

    What is most valuable?

    The most valuable features of Fortinet FortiAnalyzer include its capability to act as a syslog server, its SIEM and SOAR capabilities with limited playbooks, and its integration with Fortinet solutions ensures ease of use for users with a Fortinet infrastructure. The device's pricing model also offers good value for money.

    What needs improvement?

    The log view for syslog in Fortinet FortiAnalyzer could be improved. A more comprehensive dashboard for syslog would enhance its value.

    For how long have I used the solution?

    I have been working with Fortinet FortiAnalyzer for about five years.

    What do I think about the stability of the solution?

    I would rate the stability of Fortinet FortiAnalyzer as eight or nine out of ten. It provides a reliable solution for managing network-wide data.

    What do I think about the scalability of the solution?

    The scalability of Fortinet FortiAnalyzer is excellent at a rating of ten out of ten. As a virtual machine or cloud-based solution, it scales efficiently to meet organizational needs.

    How are customer service and support?

    The customer service and support from Fortinet are rated as eight out of ten. The support quality sometimes varies due to regional support issues, leading to longer response times.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    Before using Fortinet FortiAnalyzer, I was using QRadar. I switched because QRadar was expensive.

    How was the initial setup?

    The initial setup of Fortinet FortiAnalyzer is straightforward. It can be deployed on hardware or as a virtual machine, making it simple to execute.

    What was our ROI?

    I have seen a return on investment with Fortinet FortiAnalyzer due to its competitive pricing and straightforward licensing model based on the amount of log data processed per day.

    What's my experience with pricing, setup cost, and licensing?

    Fortinet FortiAnalyzer offers competitive pricing. Its licensing model is based on the amount of log data processed per day, making it more cost-effective compared to QRadar, which is EPS and device-based.

    What other advice do I have?

    I recommend Fortinet FortiAnalyzer to those who have other Fortinet solutions. It integrates well with Fortinet systems. However, for an organization with no Fortinet solutions, a dedicated SIEM might be better. Overall, I would rate Fortinet FortiAnalyzer eight out of ten.

    Which deployment model are you using for this solution?

    On-premises

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Vladmir Fortes - PeerSpot reviewer
    Security Manager at ZAP
    Real User
    Integrates well, centralized logging services, and straightforward setup
    Pros and Cons
    • "One of the greatest advantages of Fortinet FortiAnalyzer is its ability to integrate with a variety of software and solutions, providing comprehensive visibility into the network. The solution's strength lies in its capability to work with Fortinet's own products, such as the FortiAP access point, which allows for deep monitoring, automation, correlation, and incident management. However, this functionality is not present when utilizing other products, such as those from Cisco, limiting the visibility and benefits that can be gained."
    • "The solution could improve by allowing the ability to search logs in integrated solutions."

    What is our primary use case?

    Fortinet FortiAnalyzer is a solution that focuses specifically on analyzing and monitoring the performance and security of Fortinet security products. By utilizing this solution in conjunction with Fortinet products such as FortiSwitch, FortiGate, and FortiClient, the user is able to centralize all logging services and analysis in one place, allowing for easy correlation, playbook automation, and comprehensive visibility within the Fortinet services. However, the limitations of the solution are highlighted by the speaker, who wishes for expanded compatibility with other non-Fortinet products such as servers.

    What is most valuable?

    One of the greatest advantages of Fortinet FortiAnalyzer is its ability to integrate with a variety of software and solutions, providing comprehensive visibility into the network. The solution's strength lies in its capability to work with Fortinet's own products, such as the FortiAP access point, which allows for deep monitoring, automation, correlation, and incident management. However, this functionality is not present when utilizing other products, such as those from Cisco, limiting the visibility and benefits that can be gained.

    What needs improvement?

    The solution could improve by allowing the ability to search logs in integrated solutions.

    If a new iteration of Fortinet FortiAnalyzer were to be released, and the option arose to incorporate a feature that would simplify my work processes, I would wish for the integration of various log sources. This includes fetching logs through APIs, as well as from non-Fortinet switches and firewalls. This feature would allow me to seamlessly access logs from various sources and ultimately enhance the overall functionality of the software.

    For how long have I used the solution?

    I have been using Fortinet FortiAnalyzer for approximately two years.

    What do I think about the stability of the solution?

    The solution is stable.

    What do I think about the scalability of the solution?

    Fortinet FortiAnalyzer is highly scalable. You can easily adjust its capabilities to meet your evolving needs. Unlike other solutions I've used in the past, this one does not present any licensing restrictions. I had a requirement for increased terabytes per day and I smoothly upgraded my license through a simple process. I was provided with a trial license for the interim period and then my previous license was updated accordingly. The upgrade resulted in the desired terabytes per day and I was thoroughly satisfied with the experience.

    At my company, there are four individuals who are utilizing this solution. These individuals consist of two network engineers, one security engineer, and myself serving as an administrator.

    How are customer service and support?

    I have not needed to use the support. It's a very simple and straightforward solution.

    How was the initial setup?

    The initial setup of Fortinet FortiAnalyzer is straightforward. The process does not take more than 15 minutes.

    The critical step is the virtual machine (VM) startup, which is dependent on the virtualization aspect, not the FortiAnalyzer itself. It took me no more than 10 minutes to complete this process when I was utilizing a high-performance hyper-converged infrastructure. Currently, deploying a VM with one terabyte should take less than 60 seconds.

    What's my experience with pricing, setup cost, and licensing?

    The company's choice to utilize Fortinet FortiAnalyzer was based on the overall security strategy and compatibility with existing solutions. It was deemed the best fit as it provided a centralized point of visibility for all of their security solution, including Fortinet FortiGate firewall, FortiClient, Forti EMS, and FortiAP. The company conducted a thorough evaluation of various solutions in the market but found that none of them could fully integrate and manage all their solutions as effectively as Fortinet FortiAnalyzer.

    What other advice do I have?

    I advise others that are thinking about using Fortinet FortiAnalyzer to only do so if they already have some Fortinet solutions. This is the best use of Fortinet FortiAnalyzer if they already had some Fortinet solutions.

    I rate Fortinet FortiAnalyzer a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    IgnitiusMolepo - PeerSpot reviewer
    Senior IP Network Defense at MTN
    Real User
    Top 5Leaderboard
    Reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful
    Pros and Cons
    • "FortiAnalyzer's reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful. Fortinet knows how to do reporting. You can customize your reports to show exactly what you want to analyze. It's user-friendly and doesn't require a lot of effort."
    • "If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud."

    What is our primary use case?

    We use FortiAnalyzer as our indicator of compromise solution, and I'm also running some SOC into it. 

    What is most valuable?

    FortiAnalyzer's reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful. Fortinet knows how to do reporting. You can customize your reports to show exactly what you want to analyze. It's user-friendly and doesn't require a lot of effort. 

    The hub is another feature that's good to use. FortiAnalyzer can be connected to other Fortinet devices via the hub. It isn't restricted, and it's all controlled by FortiManager. It can also integrate all the opcodes to one box. 

    What needs improvement?

    If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud. 

    For how long have I used the solution?

    We've been using FortiAnalyzer since 2015. 

    What do I think about the stability of the solution?

    FortiAnalyzer is stable. It will do the work as long as your FortiGate is stable. It depends more on the FortiGate, so if your FortiGate is cool, there's no problem. If there is a problem, you can bypass it most of the time. I can't say that there are no issues. I don't want to lie.

    What do I think about the scalability of the solution?

    FortiAnalyzer is scalable. It can even take over traffic from other analyzers. You can connect as many analyzers as you want to it. 

    Which solution did I use previously and why did I switch?

    I used a McAfee SIEM solution before at my previous employer, but it's not as powerful as FortiAnalyzer. I used a Rapid7 solution and Cisco FirePOWER, which are both weak.

    How was the initial setup?

    We don't need to do much to install FortiAnalyzer because it always depends on FortiGate. You need to deploy FortiGate before you install it. That's why I say that I see it as a dummy box. I don't see anything interesting in it. It's only a support structure.

    What other advice do I have?

    I rate FortiAnalyzer seven out of 10. It's a very user-friendly box. You don't even need to know the CLI. It has a CLI, but you don't need to know it because the GUI is excellent. It's always doing its duty to keep up with the reporting. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Amarnath Jaiswal - PeerSpot reviewer
    Engineer at HINDUSTAN URVARAK & RASAYAN LIMITED
    Real User
    Top 20
    Useful to analyze logs and generate reports
    Pros and Cons
    • "The most valuable features of the solution are report generation and traffic logs."
    • "I need some improvements in the support team since it is an area where there are certain shortcomings."

    What is our primary use case?

    I use the solution in my company to analyze logs and generate reports.

    What is most valuable?

    The most valuable features of the solution are report generation and traffic logs. The online traffic report in Fortinet FortiAnalyzer is very good. There are different types of reports that one can generate with the tool.

    What needs improvement?

    From my point of view, I think everything is okay with the product.

    I need some improvements in the support team since it is an area where there are certain shortcomings.

    For how long have I used the solution?

    I have been using Fortinet FortiAnalyzer for six months.

    What do I think about the stability of the solution?

    Stability-wise, I rate the solution a ten out of ten.

    What do I think about the scalability of the solution?

    Scalability-wise, I rate the solution a ten out of ten.

    The IT team in our company uses the product for report generation. There are around 200 users in our organization, including our core IT team.

    My company gets the product updated with the help of Fortinet's support team. My organization downloads the tool's firmware and updates the solution. The tool offers an easy setup phase.

    How are customer service and support?

    I am a little bit disappointed with the support offered by Fortinet. Sometimes, the support team does not offer timely support or respond to our company's queries. Every time, the support team asks for logs and configuration from my company. Dealing with the support team is a very tedious task. I rate the technical support a seven out of ten.

    How would you rate customer service and support?

    Neutral

    Which solution did I use previously and why did I switch?

    When it came to monitoring and reporting purposes, I used to only use FortiGate's inbuilt features for logs and traffic monitoring. It was only after a while that my company started to use Fortinet FortiAnalyzer.

    How was the initial setup?

    I rate the product's initial setup phase a ten out of ten, where one means it was a difficult process, and ten means it was an easy phase.

    The solution can be deployed in a day.

    What's my experience with pricing, setup cost, and licensing?

    The product's prices are a bit higher than the other solutions available in the market, but I would say that the tool's quality and support are areas that are good.

    What other advice do I have?

    Regarding the support, if a customer wants to support or any technical help with the area of configuration, I think the support team must in a timely manner help the customers and understand their problems.

    I rate the tool a nine out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Senior Systems Engineer at a pharma/biotech company with 51-200 employees
    Real User
    Top 20
    Offers visibility and helps to analyze the traffic but improvement is needed in pricing
    Pros and Cons
    • "Our use case for Fortinet FortiAnalyzer is analyzing traffic. We use it to investigate complaints about account access, check if something is blocked or working, and understand what's happening inside them."
    • "Fortinet FortiAnalyzer needs to improve its pricing flexibility."

    What is our primary use case?

    Our use case for Fortinet FortiAnalyzer is analyzing traffic. We use it to investigate complaints about account access, check if something is blocked or working, and understand what's happening inside them.

    What is most valuable?

    The solution provides visibility into traffic. We can view everything from one platform.

    What needs improvement?

    Fortinet FortiAnalyzer needs to improve its pricing flexibility. 

    For how long have I used the solution?

    I have been using the product for a couple of months. 

    What do I think about the stability of the solution?

    I rate the tool's stability a seven out of ten. We have experienced downtime and glitches while using it. These were during the deployment stages, and the vendor helped to fix them. 

    What do I think about the scalability of the solution?

    I rate Fortinet FortiAnalyzer's scalability a nine out of ten. My company has 100 users. 

    Which solution did I use previously and why did I switch?

    I used Palo Alto Panorama before Fortinet FortiAnalyzer. I think Palo Alto Panorama is better. It offers more functionality. We typically need separate solutions for different needs with Fortinet FortiAnalyzer, but Palo Alto Panorama bundles everything into one package. Whether deploying and managing firewalls, analyzing traffic, or managing users, Palo Alto Panorama consolidates it into a single dashboard.

    How was the initial setup?

    Fortinet FortiAnalyzer's deployment is easy. 

    What about the implementation team?

    The tool's deployment was done by a third party. 

    What's my experience with pricing, setup cost, and licensing?

    I rate Fortinet FortiAnalyzer's pricing as five out of ten. 

    What other advice do I have?

    We recently switched to the product and are in the stages of a learning curve. I rate the overall product a five out of ten. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Ajeet Singh - PeerSpot reviewer
    Network Engineer at Apollo Hospitals Enterprise Ltd
    Real User
    Efficient and user-friendly with a nice GUI
    Pros and Cons
    • "The product works well with other products."
    • "Technical support could respond to queries faster."

    What is our primary use case?

    We are using the solution only for ticket logs and security logs, et cetera.

    What is most valuable?

    How the applications are working has been quite useful. It helps the users and how they are using the applications. We can see, for example, the utilization of all of the security fabric in a report. We are getting PDFs and Excel sheets that we can use to analyze everything, including how users are working on our internet services. We can generate reports quite easily.

    It's been generally very efficient.

    It is user-friendly and has a good GUI. 

    The product works well with other products. 

    The solution scales well. 

    It's stable.

    We found the pricing to be very reasonable. 

    What needs improvement?

    There are no areas that need to be improved. 

    Technical support could respond to queries faster. 

    For how long have I used the solution?

    We've been using the solution for five or six years. 

    What do I think about the stability of the solution?

    It's stable and very easy to use. Everything is generated very easily. The performance has been fine.

    What do I think about the scalability of the solution?

    We have ten network engineers in India working on this product. There are between ten people directly working with it. 

    In my location, we have 2,000 people and they are all users integrated into FortiAnalyzer. We are getting all logs for all these users through it. 

    It is a very scalable solution.

    How are customer service and support?

    The technical support, we are taking from SNS team. Whenever the SNS team is talking on any ticket, they may get help from FortiGate. My concern is that they are taking too much time to respond. They should respond faster to requests for help. 

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    I have not installed or configured FortiAnalyzer. I came into this organization one year ago and it was already configured. I do not have that much of an idea about the installation.

    I'm not sure what, if any, maintenance is required. 

    What's my experience with pricing, setup cost, and licensing?

    The pricing is very good. I'd rate it four out of five in terms of affordability.

    What other advice do I have?

    We are a customer and end-user.

    Our firewall is FortiAnalyzer's 200D and it is not a new one. We are using the older one only. 

    If an organization is using the FortiGate Firewall, then they should go with the FortiAnalyzer also. It is very helpful in terms of getting logs and tracking security threats. We can check the reports very easily.

    I'd rate it eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros sharing their opinions.
    Updated: April 2025
    Product Categories
    Log Management
    Buyer's Guide
    Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros sharing their opinions.