Fortinet FortiAnalyzer Reviews

The primary use case for Fortinet FortiAnalyzer is for analyzing and reviewing logs for every device related to Fortinet.

The most valuable feature of Fortinet FortiAnalyzer is its ability to report for several management tasks in a very short time. This allows for quick analysis and report generation for executives, saving time. Additionally, its incident response is considered decent, and its ease of setup and integration with Fortinet devices centralizes logs in one place.

In the next version, automation analysis should be enhanced.

I have used Fortinet FortiAnalyzer for two and a half years.

The deployment of Fortinet FortiAnalyzer depends on the environment. If it is a small environment, it takes one day with full implementation and integration with every device. A larger environment might take two or three days.

I rate the stability of the solution at nine out of ten.

I rate the scalability of the solution as eight out of ten.

I rate the technical support from Fortinet as eight out of ten.

Positive

I did not use a different solution prior to Fortinet FortiAnalyzer.

The initial setup of Fortinet FortiAnalyzer is very easy.

The price of the solution is fair, although I do not remember the exact price.

Based on my experience, I would recommend Fortinet FortiAnalyzer to small companies as it is easy to use and centralizes logs in one place, saving time. There are also options related to IOC and automation, as well as SOAR, which help small environments. Overall, I rate the solution as eight out of ten.

On-premises

It's working well enough. The solution allows fetching multiple logs across different firewalls. At our company, we use FortiAnalyzer to fetch event and traffic logs. 

In terms of productivity enhancement in our organization, I would rate the solution an eight out of ten. 

One of the solution's most vital features is that it can provide detailed log reports. Using the solution at our company, we can obtain details on the source IP, traffic, and logs for the last three months. 

The solution does not function well when integrated with third-party tools. Logs are not converted to the source and destination IP, and the address or port details are only available in textual format when Fortinet FortiAnalyzer integrates with other vendor tools like Cisco.

I have been using the solution for three years. 

I would rate the scalability an eight out of ten. In our organization, about 40 to 50 devices are integrated into Fortinet FortiAnalyzer. Our organization uses the solution once a week for reporting purposes, and the configuration has been implemented accordingly. 

I would rate the tech support an eight out of ten. 

Positive

Previously, at our company, we used software like Syslog. We switched to Fortinet FortiAnalyzer for the log reporting feature. 

The solution has a user-friendly interface, and our company did not face any issues with deployment or configuration. I would rate the initial setup a seven out of ten. The initial deployment of Fortinet FortiAnalyzer took a couple of weeks at our organization. 

At our company, we primarily deployed the device in a pilot phase, where only ten to fifteen devices were integrated. The solution's behavior was analyzed through log fetching. After analysis, our company deployed the product in the data center, and it started working in a live environment. 

I would rate the solution's pricing a seven out of ten. 

The solution is used for configuration changes, security features, IPS, application filtering and sometimes for manual report generation. 

I would rate the product's compliance an eight out of ten. In my opinion, Fortinet FortiAnalyzer is a better solution than its competitors. 

At our organization, we have used the solution to automate certain configurations, including email triggering. I would overall rate the solution a seven out of ten. 

I use Fortinet FortiAnalyzer for log storage, log analytics, and generating reports. It also acts as a syslog server as well as a SIEM and SOAR solution. It is integrated with Fortinet solutions like FortiGate, FortiClient, FortiMail, and FortiWeb.

The most valuable features of Fortinet FortiAnalyzer include its capability to act as a syslog server, its SIEM and SOAR capabilities with limited playbooks, and its integration with Fortinet solutions ensures ease of use for users with a Fortinet infrastructure. The device's pricing model also offers good value for money.

The log view for syslog in Fortinet FortiAnalyzer could be improved. A more comprehensive dashboard for syslog would enhance its value.

I have been working with Fortinet FortiAnalyzer for about five years.

I would rate the stability of Fortinet FortiAnalyzer as eight or nine out of ten. It provides a reliable solution for managing network-wide data.

The scalability of Fortinet FortiAnalyzer is excellent at a rating of ten out of ten. As a virtual machine or cloud-based solution, it scales efficiently to meet organizational needs.

The customer service and support from Fortinet are rated as eight out of ten. The support quality sometimes varies due to regional support issues, leading to longer response times.

Positive

Before using Fortinet FortiAnalyzer, I was using QRadar. I switched because QRadar was expensive.

The initial setup of Fortinet FortiAnalyzer is straightforward. It can be deployed on hardware or as a virtual machine, making it simple to execute.

I have seen a return on investment with Fortinet FortiAnalyzer due to its competitive pricing and straightforward licensing model based on the amount of log data processed per day.

Fortinet FortiAnalyzer offers competitive pricing. Its licensing model is based on the amount of log data processed per day, making it more cost-effective compared to QRadar, which is EPS and device-based.

I recommend Fortinet FortiAnalyzer to those who have other Fortinet solutions. It integrates well with Fortinet systems. However, for an organization with no Fortinet solutions, a dedicated SIEM might be better. Overall, I would rate Fortinet FortiAnalyzer eight out of ten.

On-premises

Other

Fortinet FortiAnalyzer is a solution that focuses specifically on analyzing and monitoring the performance and security of Fortinet security products. By utilizing this solution in conjunction with Fortinet products such as FortiSwitch, FortiGate, and FortiClient, the user is able to centralize all logging services and analysis in one place, allowing for easy correlation, playbook automation, and comprehensive visibility within the Fortinet services. However, the limitations of the solution are highlighted by the speaker, who wishes for expanded compatibility with other non-Fortinet products such as servers.

One of the greatest advantages of Fortinet FortiAnalyzer is its ability to integrate with a variety of software and solutions, providing comprehensive visibility into the network. The solution's strength lies in its capability to work with Fortinet's own products, such as the FortiAP access point, which allows for deep monitoring, automation, correlation, and incident management. However, this functionality is not present when utilizing other products, such as those from Cisco, limiting the visibility and benefits that can be gained.

The solution could improve by allowing the ability to search logs in integrated solutions.

If a new iteration of Fortinet FortiAnalyzer were to be released, and the option arose to incorporate a feature that would simplify my work processes, I would wish for the integration of various log sources. This includes fetching logs through APIs, as well as from non-Fortinet switches and firewalls. This feature would allow me to seamlessly access logs from various sources and ultimately enhance the overall functionality of the software.

I have been using Fortinet FortiAnalyzer for approximately two years.

The solution is stable.

Fortinet FortiAnalyzer is highly scalable. You can easily adjust its capabilities to meet your evolving needs. Unlike other solutions I've used in the past, this one does not present any licensing restrictions. I had a requirement for increased terabytes per day and I smoothly upgraded my license through a simple process. I was provided with a trial license for the interim period and then my previous license was updated accordingly. The upgrade resulted in the desired terabytes per day and I was thoroughly satisfied with the experience.

At my company, there are four individuals who are utilizing this solution. These individuals consist of two network engineers, one security engineer, and myself serving as an administrator.

I have not needed to use the support. It's a very simple and straightforward solution.

The initial setup of Fortinet FortiAnalyzer is straightforward. The process does not take more than 15 minutes.

The critical step is the virtual machine (VM) startup, which is dependent on the virtualization aspect, not the FortiAnalyzer itself. It took me no more than 10 minutes to complete this process when I was utilizing a high-performance hyper-converged infrastructure. Currently, deploying a VM with one terabyte should take less than 60 seconds.

The company's choice to utilize Fortinet FortiAnalyzer was based on the overall security strategy and compatibility with existing solutions. It was deemed the best fit as it provided a centralized point of visibility for all of their security solution, including Fortinet FortiGate firewall, FortiClient, Forti EMS, and FortiAP. The company conducted a thorough evaluation of various solutions in the market but found that none of them could fully integrate and manage all their solutions as effectively as Fortinet FortiAnalyzer.

I advise others that are thinking about using Fortinet FortiAnalyzer to only do so if they already have some Fortinet solutions. This is the best use of Fortinet FortiAnalyzer if they already had some Fortinet solutions.

I rate Fortinet FortiAnalyzer a nine out of ten.

On-premises

We use FortiAnalyzer as our indicator of compromise solution, and I'm also running some SOC into it. 

FortiAnalyzer's reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful. Fortinet knows how to do reporting. You can customize your reports to show exactly what you want to analyze. It's user-friendly and doesn't require a lot of effort. 

The hub is another feature that's good to use. FortiAnalyzer can be connected to other Fortinet devices via the hub. It isn't restricted, and it's all controlled by FortiManager. It can also integrate all the opcodes to one box. 

If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud. 

We've been using FortiAnalyzer since 2015. 

FortiAnalyzer is stable. It will do the work as long as your FortiGate is stable. It depends more on the FortiGate, so if your FortiGate is cool, there's no problem. If there is a problem, you can bypass it most of the time. I can't say that there are no issues. I don't want to lie.

FortiAnalyzer is scalable. It can even take over traffic from other analyzers. You can connect as many analyzers as you want to it. 

I used a McAfee SIEM solution before at my previous employer, but it's not as powerful as FortiAnalyzer. I used a Rapid7 solution and Cisco FirePOWER, which are both weak.

We don't need to do much to install FortiAnalyzer because it always depends on FortiGate. You need to deploy FortiGate before you install it. That's why I say that I see it as a dummy box. I don't see anything interesting in it. It's only a support structure.

I rate FortiAnalyzer seven out of 10. It's a very user-friendly box. You don't even need to know the CLI. It has a CLI, but you don't need to know it because the GUI is excellent. It's always doing its duty to keep up with the reporting. 

On-premises

I use the solution in my company to analyze logs and generate reports.

The most valuable features of the solution are report generation and traffic logs. The online traffic report in Fortinet FortiAnalyzer is very good. There are different types of reports that one can generate with the tool.

From my point of view, I think everything is okay with the product.

I need some improvements in the support team since it is an area where there are certain shortcomings.

I have been using Fortinet FortiAnalyzer for six months.

Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution a ten out of ten.

The IT team in our company uses the product for report generation. There are around 200 users in our organization, including our core IT team.

My company gets the product updated with the help of Fortinet's support team. My organization downloads the tool's firmware and updates the solution. The tool offers an easy setup phase.

I am a little bit disappointed with the support offered by Fortinet. Sometimes, the support team does not offer timely support or respond to our company's queries. Every time, the support team asks for logs and configuration from my company. Dealing with the support team is a very tedious task. I rate the technical support a seven out of ten.

Neutral

When it came to monitoring and reporting purposes, I used to only use FortiGate's inbuilt features for logs and traffic monitoring. It was only after a while that my company started to use Fortinet FortiAnalyzer.

I rate the product's initial setup phase a ten out of ten, where one means it was a difficult process, and ten means it was an easy phase.

The solution can be deployed in a day.

The product's prices are a bit higher than the other solutions available in the market, but I would say that the tool's quality and support are areas that are good.

Regarding the support, if a customer wants to support or any technical help with the area of configuration, I think the support team must in a timely manner help the customers and understand their problems.

I rate the tool a nine out of ten.

Our use case for Fortinet FortiAnalyzer is analyzing traffic. We use it to investigate complaints about account access, check if something is blocked or working, and understand what's happening inside them.

The solution provides visibility into traffic. We can view everything from one platform.

Fortinet FortiAnalyzer needs to improve its pricing flexibility. 

I have been using the product for a couple of months. 

I rate the tool's stability a seven out of ten. We have experienced downtime and glitches while using it. These were during the deployment stages, and the vendor helped to fix them. 

I rate Fortinet FortiAnalyzer's scalability a nine out of ten. My company has 100 users. 

I used Palo Alto Panorama before Fortinet FortiAnalyzer. I think Palo Alto Panorama is better. It offers more functionality. We typically need separate solutions for different needs with Fortinet FortiAnalyzer, but Palo Alto Panorama bundles everything into one package. Whether deploying and managing firewalls, analyzing traffic, or managing users, Palo Alto Panorama consolidates it into a single dashboard.

Fortinet FortiAnalyzer's deployment is easy. 

The tool's deployment was done by a third party. 

I rate Fortinet FortiAnalyzer's pricing as five out of ten. 

We recently switched to the product and are in the stages of a learning curve. I rate the overall product a five out of ten. 

On-premises

We are using the solution only for ticket logs and security logs, et cetera.

How the applications are working has been quite useful. It helps the users and how they are using the applications. We can see, for example, the utilization of all of the security fabric in a report. We are getting PDFs and Excel sheets that we can use to analyze everything, including how users are working on our internet services. We can generate reports quite easily.

It's been generally very efficient.

It is user-friendly and has a good GUI. 

The product works well with other products. 

The solution scales well. 

It's stable.

We found the pricing to be very reasonable. 

There are no areas that need to be improved. 

Technical support could respond to queries faster. 

We've been using the solution for five or six years. 

It's stable and very easy to use. Everything is generated very easily. The performance has been fine.

We have ten network engineers in India working on this product. There are between ten people directly working with it. 

In my location, we have 2,000 people and they are all users integrated into FortiAnalyzer. We are getting all logs for all these users through it. 

It is a very scalable solution.

The technical support, we are taking from SNS team. Whenever the SNS team is talking on any ticket, they may get help from FortiGate. My concern is that they are taking too much time to respond. They should respond faster to requests for help. 

Neutral

I have not installed or configured FortiAnalyzer. I came into this organization one year ago and it was already configured. I do not have that much of an idea about the installation.

I'm not sure what, if any, maintenance is required. 

The pricing is very good. I'd rate it four out of five in terms of affordability.

We are a customer and end-user.

Our firewall is FortiAnalyzer's 200D and it is not a new one. We are using the older one only. 

If an organization is using the FortiGate Firewall, then they should go with the FortiAnalyzer also. It is very helpful in terms of getting logs and tracking security threats. We can check the reports very easily.

I'd rate it eight out of ten.

On-premises