We use FortiAnalyzer as our indicator of compromise solution, and I'm also running some SOC into it.
Senior IP Network Defense at MTN
Reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful
Pros and Cons
- "FortiAnalyzer's reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful. Fortinet knows how to do reporting. You can customize your reports to show exactly what you want to analyze. It's user-friendly and doesn't require a lot of effort."
- "If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud."
What is our primary use case?
What is most valuable?
FortiAnalyzer's reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful. Fortinet knows how to do reporting. You can customize your reports to show exactly what you want to analyze. It's user-friendly and doesn't require a lot of effort.
The hub is another feature that's good to use. FortiAnalyzer can be connected to other Fortinet devices via the hub. It isn't restricted, and it's all controlled by FortiManager. It can also integrate all the opcodes to one box.
What needs improvement?
If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud.
For how long have I used the solution?
We've been using FortiAnalyzer since 2015.
Buyer's Guide
Fortinet FortiAnalyzer
November 2024
Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
What do I think about the stability of the solution?
FortiAnalyzer is stable. It will do the work as long as your FortiGate is stable. It depends more on the FortiGate, so if your FortiGate is cool, there's no problem. If there is a problem, you can bypass it most of the time. I can't say that there are no issues. I don't want to lie.
What do I think about the scalability of the solution?
FortiAnalyzer is scalable. It can even take over traffic from other analyzers. You can connect as many analyzers as you want to it.
Which solution did I use previously and why did I switch?
I used a McAfee SIEM solution before at my previous employer, but it's not as powerful as FortiAnalyzer. I used a Rapid7 solution and Cisco FirePOWER, which are both weak.
How was the initial setup?
We don't need to do much to install FortiAnalyzer because it always depends on FortiGate. You need to deploy FortiGate before you install it. That's why I say that I see it as a dummy box. I don't see anything interesting in it. It's only a support structure.
What other advice do I have?
I rate FortiAnalyzer seven out of 10. It's a very user-friendly box. You don't even need to know the CLI. It has a CLI, but you don't need to know it because the GUI is excellent. It's always doing its duty to keep up with the reporting.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Assistant Manager IT at Hamilton Housewares
A reliable solution with no crashing issues and a good technical support
Pros and Cons
- "Stability-wise, I rate the solution a ten out of ten since, in our company, we have never experienced the solution crashing or having any other issues."
- "Our organization wants the solution to be able to provide us access to a centralized dashboard that displays a log view for all firewalls under Fortinet FortiAnalyzer."
What is our primary use case?
Our organization uses Fortinet FortiAnalyzer for logging purposes, including looking and digging deeper into the logs. The second use of the solution is for reporting, especially when we need some bandwidth utilization report with specific applications being used. We even use the solution's alerting functionality, especially during scenarios when our interface goes down.
What is most valuable?
The solution's most important feature is how it allows us in our organization to monitor the traffic. The log analyzer is the most important and best feature of the solution, in my view.
What needs improvement?
Our organization desired a feature in the solution, but it was unavailable. Our organization wants the solution to be able to provide us access to a centralized dashboard that displays a log view for all firewalls under Fortinet FortiAnalyzer. We also wanted to be able to monitor the utilization of our internet proactively through the dashboard. Since such a facility is unavailable, we approached the technical team, who informed us that this task is not within their purview. The solution's failure to offer a centralized dashboard with certain essential capabilities is an area where the solution can improve. It would be highly beneficial if the solution offered a centralized dashboard to its users.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for two and a half years. Since we use Fortinet FortiAnalyzer 6.2.0 in our company, I would say that we are not working on the latest version of the solution. Also, we are customers of Fortinet FortiAnalyzer.
What do I think about the stability of the solution?
Stability-wise, I rate the solution a ten out of ten since, in our company, we have never experienced the solution crashing or having any other issues. In short, the solution works fine.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution an eight out of ten. Approximately five administrators and some others to whom I have given read-only access use the solution.
How are customer service and support?
Since I am quite satisfied with the technical support of the solution, I rate it a nine out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup process was quite good because the solution was user-friendly, and anyone could access and track the solution. Even though I rate this solution an initial setup somewhere between seven to eight out of ten, to be more specific, I rate it an eight. Also, in our company, we have deployed the solution on the cloud.
What was our ROI?
In our organization, we would say that the solution is worth its money. The solution comes into the picture when there is some drastic failure in our environment, and we need it while trying to find out what went wrong. So, the solution can give an in-depth analysis of such problems.
What's my experience with pricing, setup cost, and licensing?
I won't say the solution is too costly since it is available at a fair price.
What other advice do I have?
I would recommend the solution to those seeking a detailed view of what is going on in their environment. Also, I wish that a centralized dashboard is made available in Fortinet FortiAnalyzer so that a company does not have to look for a better alternative elsewhere since a centralized dashboard would suffice their requirements. Overall, I rate the solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Fortinet FortiAnalyzer
November 2024
Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
TIO at Fundação de Serralves
Useful for log management and endpoint protection
Pros and Cons
- "The most valuable features of the solution are the reports and the playbooks."
- "I feel that Fortinet FortiAnalyzer is a little bit heavy, making it an area where improvements are required."
What is our primary use case?
I use the solution in my company for log management and to comply with requirements associated with endpoint protection and FortiGate, as well as with all the other solutions from Fortinet.
What is most valuable?
The most valuable features of the solution are the reports and the playbooks.
What needs improvement?
I feel that Fortinet FortiAnalyzer is a little bit heavy, making it an area where improvements are required.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for three years. I am an end user of the solution.
What do I think about the stability of the solution?
Stability-wise, I rate the solution an eight out of ten.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution an eight out of ten.
Two people in my company use the product.
I use the solution in my company every day.
How are customer service and support?
I rate the technical support a nine out of ten.
Which solution did I use previously and why did I switch?
I have experience with some other solutions in the past. My company has not switched from the solution we use currently because we don't have an alternative product. My company does want to use an SIEM solution, and we purchased Fortinet FortiAnalyzer since it offered a bit of SIEM functionalities.
How was the initial setup?
My company took care of the tool's initial setup phase for our internal projects.
The solution is deployed on an on-premises model.
The solution can be deployed in two days.
What about the implementation team?
An implementer took care of the product's implementation process.
What was our ROI?
I have seen a return on investment from the use of the product. I rate the tool's ROI a nine out of ten.
What's my experience with pricing, setup cost, and licensing?
I rate the product's price a six on a scale of one to ten, where one is cheap, and ten is expensive.
What other advice do I have?
The log management capability has benefited our organization, and it is important because we need to write and send proactive information that playbooks can cater to, and the product also prevents my company's systems from being attacked.
I recommend the product to others since it is easy to work with and it works very well.
I don't know much about the artificial integration capabilities of the product, but the solution works to detect and analyze threats.
I rate the overall tool an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: May 15, 2024
Flag as inappropriateSenior Systems Engineer at a pharma/biotech company with 51-200 employees
Offers visibility and helps to analyze the traffic but improvement is needed in pricing
Pros and Cons
- "Our use case for Fortinet FortiAnalyzer is analyzing traffic. We use it to investigate complaints about account access, check if something is blocked or working, and understand what's happening inside them."
- "Fortinet FortiAnalyzer needs to improve its pricing flexibility."
What is our primary use case?
Our use case for Fortinet FortiAnalyzer is analyzing traffic. We use it to investigate complaints about account access, check if something is blocked or working, and understand what's happening inside them.
What is most valuable?
The solution provides visibility into traffic. We can view everything from one platform.
What needs improvement?
Fortinet FortiAnalyzer needs to improve its pricing flexibility.
For how long have I used the solution?
I have been using the product for a couple of months.
What do I think about the stability of the solution?
I rate the tool's stability a seven out of ten. We have experienced downtime and glitches while using it. These were during the deployment stages, and the vendor helped to fix them.
What do I think about the scalability of the solution?
I rate Fortinet FortiAnalyzer's scalability a nine out of ten. My company has 100 users.
Which solution did I use previously and why did I switch?
I used Palo Alto Panorama before Fortinet FortiAnalyzer. I think Palo Alto Panorama is better. It offers more functionality. We typically need separate solutions for different needs with Fortinet FortiAnalyzer, but Palo Alto Panorama bundles everything into one package. Whether deploying and managing firewalls, analyzing traffic, or managing users, Palo Alto Panorama consolidates it into a single dashboard.
How was the initial setup?
Fortinet FortiAnalyzer's deployment is easy.
What about the implementation team?
The tool's deployment was done by a third party.
What's my experience with pricing, setup cost, and licensing?
I rate Fortinet FortiAnalyzer's pricing as five out of ten.
What other advice do I have?
We recently switched to the product and are in the stages of a learning curve. I rate the overall product a five out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: May 14, 2024
Flag as inappropriateIT Manager at TiThink
Good for diagnostics, assists in preventing attacks, and is reliable
Pros and Cons
- "It is very stable and reliable."
- "The solution is expensive."
What is our primary use case?
We have some customers that have more than just two branches, and we use FortiManager to manage the network and have FortiAnalyzer in case we have an attack or need more information to understand when something happens. If you have some sort of loss, it's very difficult to identify what is happening without this solution's help.
What is most valuable?
The solution helps prevent attacks, and in the event of an attack, it can act as a forensic device, which is very useful. We find it helpful for diagnostic purposes.
It helps, when you have several smaller firewalls, to manage the monitoring.
The solution is scalable.
It is very stable and reliable.
What needs improvement?
It can be a difficult solution to sell.
The solution is expensive.
The customer needs to have extensive knowledge in order to use the solution properly.
For how long have I used the solution?
I've used the solution for a few months. We started using it last year around August. It's been around seven months or so.
What do I think about the stability of the solution?
The solution is stable and reliable. I'd rate it nine out of ten. There are no bugs or glitches. It doesn't crash or freeze.
What do I think about the scalability of the solution?
We have different customers and are managing the network. We might have 500 people using the solution and maybe eight to ten customers utilizing the solution.
The solution is expensive. However, the issue is the cost. It will be expensive to scale. That said, if you want to expand, you can. I'd rate the scalability nine out of ten.
Which solution did I use previously and why did I switch?
We did not previously use a different solution.
How was the initial setup?
We have seven people available to handle the deployment and maintenance of the product. They are engineers.
What's my experience with pricing, setup cost, and licensing?
The solution can be a bit expensive. I cannot speak to the exact costs. There are no hidden fees attached to the service.
What other advice do I have?
We are a Fortinet partner.
I'd recommend the solution to others. I would rate the product eight out of ten.
While I do not use it often, I find it can be difficult to identify when we have an issue to identify what happened. It would be helpful if there was some sort of business intelligence tool attached to it. Or, perhaps it is due to the fact that we may lack a certain level of training in this area.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer:
Network manager admin at Yamaha
Help global support, beneficial reports, and suitable for all business sizes
Pros and Cons
- "The most valuable feature of Fortinet FortiAnalyzer is the capturing of traffic for reports."
- "Fortinet FortiAnalyzer should come bundled with other Fortinet solutions. Additionally, the performance and updates could improve. They need to test their updates better so there are not as many bugs."
What is our primary use case?
Fortinet FortiAnalyzer is for log collection and reporting.
What is most valuable?
The most valuable feature of Fortinet FortiAnalyzer is the capturing of traffic for reports.
What needs improvement?
Fortinet FortiAnalyzer should come bundled with other Fortinet solutions. Additionally, the performance and updates could improve. They need to test their updates better so there are not as many bugs.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for approximately 10 years.
What do I think about the stability of the solution?
Fortinet FortiAnalyzer is stable.
What do I think about the scalability of the solution?
The scalability of Fortinet FortiAnalyzer is good.
We have approximately 2,800 people using this solution in my organization on a daily basis.
The solution is suitable for all sized businesses.
How are customer service and support?
The support from Fortinet FortiAnalyzer is responsive. If the Indian support can support only the lowest priority work and the global team can support any kind of topic. The global support is experienced and technically sound. The Indian support can improve by having better knowledge.
Which solution did I use previously and why did I switch?
I have used Palo Alto and when comparing it to Fortinet FortiAnalyzer, Palo Alto is better. However, it is priced too high.
How was the initial setup?
The initial setup of Fortinet FortiAnalyzer is simple.
I rate the initial setup of Fortinet FortiAnalyzer a four out of five.
What about the implementation team?
We did the deployment of the solution in-house.
What's my experience with pricing, setup cost, and licensing?
We pay approximately $11,000 for a three-year license to use Fortinet FortiAnalyzer. When we compared the price of this solution to others it is not expensive. Palo Alto is a more expensive solution.
I rate the price from Fortinet FortiAnalyzer a four out of five.
What other advice do I have?
My advice to others is if there are not any budget restraints then I would recommend choosing Palo Alto or FireEye. If there is a budget then Fortinet FortiAnalyzer is good.
I rate Fortinet FortiAnalyzer an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Chief Technology Officer at Future Point Technologies
Comprehensive reporting and efficient log management
Pros and Cons
- "The most valuable is its robust and comprehensive reporting functionality, providing a thorough overview of various metrics."
- "I believe that its technical support is the only aspect that requires significant improvement."
What is our primary use case?
The primary use case for our clients revolves around robust reporting capabilities, addressing key aspects such as understanding diverse utilizations and the performance of network links. They specifically sought insights into bandwidth usage and detailed reporting at the application level. Additionally, an essential requirement was efficient log management. This is crucial because FortiGate has limitations on retaining logs for an extended duration, and our clients needed a solution, such as FortiAnalyzer, to effectively manage and analyze logs over an extended period.
What is most valuable?
The most valuable is its robust and comprehensive reporting functionality, providing a thorough overview of various metrics. Additionally, its ability to centrally capture logs from multiple devices proves indispensable for our SOC. This centralized log management facilitates automation processes, and we also greatly appreciate the effectiveness of its analytics features.
What needs improvement?
I believe that its technical support is the only aspect that requires significant improvement. With the current trend toward AI advancements, there's an opportunity for improved AI analytics. This could empower us to better leverage technology to detect attacks in a more effective manner.
For how long have I used the solution?
I have been working with it for more than five years.
What do I think about the stability of the solution?
It offers excellent stability capabilities. I would rate it nine out of ten.
What do I think about the scalability of the solution?
It offers a capacity of up to two thousand gigabytes of logs daily, showcasing considerable scalability. I believe it is a scalable solution that can easily accommodate increasing needs without compromising performance. Our clients fall into the enterprise category. I would rate it eight out of ten.
How are customer service and support?
The support services are often outsourced to specific regions, resulting in varying levels of technical expertise. While regions like America, the USA, Europe, and certain countries in Australia benefit from reasonable and proficient engineers, other locations may experience subpar tech support. Consequently, issue resolution can be time-consuming, leading customers to sometimes address problems independently. Particularly in terms of time efficiency, there is a need for improvement to expedite the support process. I would rate it six out of ten.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup was straightforward. I would rate it eight out of ten.
What about the implementation team?
The deployment process is straightforward and efficient, requiring minimal time and effort. It takes approximately thirty minutes and it's quite user-friendly.
What's my experience with pricing, setup cost, and licensing?
The pricing is reasonable. The cost structure is primarily based on factors such as the number of logs, log sizes, and the daily log storage capacity, with a minimum requirement of two gigabytes per day. The maximum storage capacity can extend up to eight thousand gigabytes of logs per day.
What other advice do I have?
I would strongly recommend utilizing it. It's an excellent product with abundant features, offered at a very reasonable price point. Overall, I would rate it eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Team Lead Manager at Wizlynx
We can collect all gateway information and logs in one location, but it is difficult to modify rules
Pros and Cons
- "The ability to gather all gateway information and logs in a single location is the most valuable feature."
- "I don't find Fortinet FortiAnalyzer to be as robust as Check Point Security Management."
What is our primary use case?
I utilize Fortinet FortiAnalyzer to gather various logs from FortiGate, enabling me to conduct specific investigations in particular cases.
What is most valuable?
The ability to gather all gateway information and logs in a single location is the most valuable feature.
What needs improvement?
I don't find Fortinet FortiAnalyzer to be as robust as Check Point Security Management. However, this perception might be attributed to my limited familiarity with Fortinet FortiAnalyzer. For instance, with Check Point, I can easily make modifications to rules such as identifying issues, making corrections, or adding new features. This includes creating exceptions or adding elements to the current rule set.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for four months.
What do I think about the stability of the solution?
In our current environment, Fortinet FortiAnalyzer is stable.
What do I think about the scalability of the solution?
I am currently utilizing the cloud version of Fortinet FortiAnalyzer, and the scalability it offers is exceptional. Unlike the on-premises version, I have not encountered any issues.
How was the initial setup?
The initial setup is straightforward. The deployment takes a few minutes and the configuration is easy.
What's my experience with pricing, setup cost, and licensing?
I would rate FortiAnalyzer's price a seven out of ten, with ten being the most expensive.
What other advice do I have?
I would rate Fortinet FortiAnalyzer a seven out of ten.
We are paying for vendor maintenance support, and so far, the maintenance has been minimal.
I recommend completing training before utilizing Fortinet FortiAnalyzer. I was suddenly tasked with using the solution when my organization decided to change technologies, and it was initially challenging to understand how it operates.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Log ManagementPopular Comparisons
Splunk Enterprise Security
Dynatrace
IBM Security QRadar
Elastic Security
Elastic Observability
LogRhythm SIEM
Sumo Logic Security
Grafana Loki
Security Onion
Securonix Next-Gen SIEM
syslog-ng
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
- Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
- Which Windows event log monitoring tool do you recommend?
- What is the difference between log management and SIEM?
- Splunk vs. Elastic Stack
- How can Cloudtrail logs be used effectively to improve log monitoring?
- Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
- When evaluating Log Management solutions, what aspect do you think is the most important to look for?
- When evaluating Log Management solutions, what aspects do you think are the most important to look for?
- Why are Log Management tools important for companies?