It's a lock storage correlation device. You can connect locks from different devices. Not just from Fortinet, but you can send locks from other devices to FortiAnalyzer. Basically, it is a centralized repository.
Network Security Specialist at GBM
Customer support is good, but the tool lacks a sophisticated and customizable dashboard
Pros and Cons
- "I would say that Fortinet's tech support is really good."
- "The deployment of Fortinet FortiAnalyzer is not complex, but integrating it with firewalls can take some time, depending on the number of firewalls."
What is our primary use case?
What is most valuable?
Fortinet FortiAnalyzer has a lock correlation feature. It simplifies the troubleshooting process for its customers. So now, instead of logging into every firewall, they can log into Fortinet FortiAnalyzer and check the locks. They can also check whether there are any issues with the network.
What needs improvement?
This is a difficult question for me to answer. I want the tool to have a sophisticated and customizable dashboard similar to the one in the SIEM solution. However, I'm not sure if that is in the pipeline. Basically, I would say that it's not a pure SIEM solution where your customer can have a layer on a view of dashboards or advanced dashboards.
For how long have I used the solution?
I work with Fortinet and Palo Alto. I am also a partner of Fortinet. Even though I have been working with Fortinet for more than five or six years now, Fortinet EDR is something very new for me and us in general. We have been working on firewalls, FortiAnalyzer, FortiManager, FortiMail, FortiADC, and FortiWeb. EDR, SDMA, and ZTNA are new to us. Speaking about Fortinet FortiAnalyzer, I have been working on it for more than six years now.
Buyer's Guide
Fortinet FortiAnalyzer
November 2024
Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
The stability of Fortinet FortiAnalyzer is okay. Although some customers have encountered issues, others have had a pretty okay experience and are doing pretty well with the solution.
What do I think about the scalability of the solution?
I would say that more than ten of our clients are working on this solution. I would say that it is kind of scalable since it comes in different form factors. Owing to the different form factors and sizing of the solution, you can add and get increased capacity. This can help a person to add more firewalls and devices.
How are customer service and support?
I would say that Fortinet's tech support is really good.
How would you rate customer service and support?
Neutral
How was the initial setup?
I can say that the setup is a mixture of both options. I wouldn't say it is difficult. I would rather say that the setup process is okay or moderate. Also, the straightforwardness and complexity of the setup process will depend on your environment.
The deployment of Fortinet FortiAnalyzer is not complex, but integrating it with firewalls can take some time, depending on the number of firewalls. So, the deployment of the entire solution can take approximately one week to complete.
What's my experience with pricing, setup cost, and licensing?
I'm not familiar with the cost point, because I am more of a technical person and I do not do pre-sales or sales.
Which other solutions did I evaluate?
I downloaded reports for CrowdStrike Falcon and FortiEDR from peerspot.com to see how they are in terms of performance.
What other advice do I have?
Based on current trends, people are shifting towards FortiGate devices for their attractive value proposition and exceptional performance. FortiGate is the go-to choice for firewalls. And for us, along with FortiGate, I'll even go with FortiManager and FortiAnalyzer. I rate this solution a seven out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior Network Engineer at Delta Line International
Provides great visibility into user logs and traffic
Pros and Cons
- "The traffic log information we receive from Fortinet FortiAnalyzer is valuable."
- "Fortinet FortiAnalyzer needs to have more out-of-the-box connectors for integration with other solutions."
What is our primary use case?
We use Fortinet FortiAnalyzer for logs and reports. We have a SOC subscription to monitor the end users' login activity and traffic.
Fortinet FortiAnalyzer is deployed by us in both on-premises and cloud environments.
How has it helped my organization?
Fortinet FortiAnalyzer provides more visibility into the logs.
What is most valuable?
The traffic log information we receive from Fortinet FortiAnalyzer is valuable.
What needs improvement?
Fortinet FortiAnalyzer needs to have more out-of-the-box connectors for integration with other solutions.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for three months.
What do I think about the stability of the solution?
Fortinet FortiAnalyzer is stable as long as we keep it up to date.
What do I think about the scalability of the solution?
Fortinet FortiAnalyzer is scalable.
How are customer service and support?
The technical support is great. We receive support within 24 hours of opening a ticket.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial deployment of Fortinet FortiAnalyzer is straightforward. There are two network interfaces involved: the Internet interface and the LAN interface. The LAN interface must be configured on the same subnet as the other Fortinet products to enable visibility of the network connector from the Fortinet console. Upon successful configuration, an authorization message will be received, allowing us to proceed with adding the devices to the FortiAnalyzer device manager and initiating log data collection. The deployment process is well-documented, requiring minimal personnel, and can be completed within five hours.
What's my experience with pricing, setup cost, and licensing?
The number of licenses required directly corresponds with the number of devices connected.
What other advice do I have?
I would rate Fortinet FortiAnalyzer a nine out of ten.
FortiAnalyzer enhances network security visibility with its comprehensive logging and analysis capabilities, making it a valuable tool for organizations seeking to improve their security posture. I highly recommend it.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Buyer's Guide
Fortinet FortiAnalyzer
November 2024
Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Cyber Security Specialist at EAST-NB
It aggregates and correlates all the events from multiple sources
Pros and Cons
- "Many of my clients are financial institutions that transmit files from around the country across a VPN. In a setup like this, it's helpful to have a centralized dashboard to manage firewalls and other security solutions across a distributed environment. You can do all sorts of analysis and configure it to trigger alarms."
- "FortiAnalyzer only integrates with Fortinet solutions. That is a limitation because many organizations use multiple vendors. It's often a mixture of Cisco network hardware and equipment from other vendors, such as switches, access points, etc."
What is our primary use case?
FortiAnalyzer provides a centralized dashboard for analyzing the output of all our Fortinet solutions, like FortiGate, FortiManager, FortiSandbox, etc. It aggregates and correlates all the events.
What is most valuable?
Many of my clients are financial institutions that transmit files from around the country across a VPN. In a setup like this, it's helpful to have a centralized dashboard to manage firewalls and other security solutions across a distributed environment. You can do all sorts of analysis and configure it to trigger alarms.
What needs improvement?
FortiAnalyzer only integrates with Fortinet solutions. That is a limitation because many organizations use multiple vendors. It's often a mixture of Cisco network hardware and equipment from other vendors, such as switches, access points, etc.
For how long have I used the solution?
We have used FortiAnalyzer for one year.
What do I think about the stability of the solution?
FortiAnalyzer is stable as long as you don't push it. It can cause trouble if you are overreliant on virtual machines and you don't have hardware acceleration. You might see some performance problems.
What do I think about the scalability of the solution?
FortiAnalyzer is scalable. It covers FortiGate firewalls, switches, etc. You can always buy more licenses or hardware if you need to upgrade.
How are customer service and support?
The response times could be faster.
How was the initial setup?
Setting up FortiAnalyzer is straightforward. It doesn't take long because everything is already built for you unless you need to do some virtualization. The specific steps depend on your environment and what kind of device fabrics you use.
What's my experience with pricing, setup cost, and licensing?
They have three-year licenses, but I usually recommend starting with a one-year license to try FortiAnalyzer out. After that, you can switch to a three-year license.
What other advice do I have?
I rate FortiAnalyzer nine out of 10. I recommend FortiAnalyzer to anyone who is using Fortinet products.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Technological Infrastructure Coordinator at IEST
Easy to configure and integrate with a straightforward setup
Pros and Cons
- "Support is helpful."
- "We are concerned about the compliance of our policy and institutional philosophy."
What is our primary use case?
The product is for reporting about the use or detecting some issues or activities.
What is most valuable?
The ability to track the activities of our users and some topics about security risks are the most valuable aspects.
It's simple to use.
It is not hard to set up.
The configuration is easy.
It offers good integration capabilities.
Support is helpful.
There is a lot of great documentation to be found online.
What needs improvement?
We are concerned about the compliance of our policy and institutional philosophy. We are a university and provide the tool to the users and to the infrastructure for the right use.
For how long have I used the solution?
I've been using the solution for six years.
What do I think about the scalability of the solution?
We have around 2,000 users.
How are customer service and support?
Support is good. We also use the documentation online and find help via some tutorials on the internet.
How was the initial setup?
The initial setup is very simple.
The deployment took about six months.
What about the implementation team?
We deployed it via our team, however, we used an external consultant from the reseller.
What's my experience with pricing, setup cost, and licensing?
We pay a standard licensing fee on a yearly basis.
The pricing is complex since we need to add some other products or tools to assure our infrastructure, then the amount of every one of the items of software otherwise the solution is expensive in the end.
What other advice do I have?
We are a customer and end-user.
I'd rate the solution nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Manager at Yarix S.r.l.
We can gather logs and generate reports, but the license cost is high
Pros and Cons
- "The most valuable feature is the capability to gather logs and generate reports."
- "The integration with other vendors for log collection could be enhanced."
What is our primary use case?
Fortinet FortiAnalyzer is utilized to gather logs from all Fortinet products and generate reports.
What is most valuable?
The most valuable feature is the capability to gather logs and generate reports. Without this solution, the firewalls exhibit limited proficiency in displaying logs.
What needs improvement?
The integration with other vendors for log collection could be enhanced.
The licensing cost has room for improvement.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for over three years.
What do I think about the stability of the solution?
I rate FortiAnalyzer's stability a nine out of ten. We have had instances of data loss or source loss.
What do I think about the scalability of the solution?
For our needs, FortiAnalyzer is scalable because we are not dealing with thousands of firewalls.
How are customer service and support?
The technical support is good.
How was the initial setup?
The initial setup is straightforward. The deployment took a couple of days.
For the deployment, we needed to create the server for deploying the FortiAnalyzer image and create the policy rules. We also had to complete the basic configuration of FortiAnalyzer. Following that, we configured all the resources and logs within FortiAnalyzer to collect and correlate the logs, which are then used to generate reports.
What about the implementation team?
We used a consultant for the implementation.
What's my experience with pricing, setup cost, and licensing?
We pay for an annual license, but we have the ability to determine the payment schedule with our distributor.
The cost of the license is high.
What other advice do I have?
I would give Fortinet FortiAnalyzer a rating of six out of ten. I am not satisfied with the solution as it falls short of a proper SIEM. Therefore, we would prefer to allocate more funds towards a SIEM in order to effectively collect logs.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Solutions Architect at a comms service provider with 501-1,000 employees
Easy to configure and understand with helpful support
Pros and Cons
- "The initial setup is easy, and the deployment is fast."
- "They could improve the user interface a bit."
What is our primary use case?
We primarily use the solution as a firewall and security gateway.
What is most valuable?
It is easy to configure.
The end-user finds it very easy to understand.
It's stable and reliable.
The solution is scalable.
The initial setup is easy, and the deployment is fast.
Technical support is generally helpful.
What needs improvement?
I'm not sure if any features need improvement.
They could improve the user interface a bit. The GUI could be easier to understand.
For how long have I used the solution?
I've used the solution for four years.
What do I think about the stability of the solution?
The solution is very stable. I'd rate the solution ten out of ten in terms of reliability. There are no bugs or glitches. It doesn't crash or freeze.
What do I think about the scalability of the solution?
It's a very scalable solution. I'd rate the ability to extend ten out of ten. It's excellent.
We work with mostly small and medium companies.
How are customer service and support?
I haven't been directly involved with support. However, I have an understanding that they are very good. I haven't heard of any complaints.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I'm also familiar with Check Point. I prefer Fortinet products.
How was the initial setup?
The initial setup is straightforward. I'd rate the ease of setup eight out of ten. It is quite simple.
Deployment only takes about one week. We can handle the customer's various policies and configurations.
It only takes one person to deploy and maintain the solution. It's easy to manage the product. The customer can self-learn the solution and manage it once it is launched.
What's my experience with pricing, setup cost, and licensing?
It is a fairly affordable solution. I'd rate the solution three or four out of ten with ten being the most expensive. It's cheap It's not costly.
What other advice do I have?
We mostly resell the solution to big and small customers.
We're using the latest version of the solution.
I'd recommend the solution to others. I'd recommend Fortigate products to users in general.
I would rate the solution ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Assistant Manager - Cloud Planning and Development at a comms service provider with 1,001-5,000 employees
An economical solution that provides good standard reports and is easy to troubleshoot
Pros and Cons
- "The solution provides good standardized reports and is easy to troubleshoot."
- "The solution should include the ability to customize reports so that customers receive greater value and high level reporting."
What is our primary use case?
Our company is partners with Fortinet and we provide log monitoring services to our customers. More than one hundred people in our company use the solution.
What is most valuable?
The solution provides good standardized reports and is easy to troubleshoot.
What needs improvement?
The solution should include the ability to customize reports so that customers receive greater value and high level reporting.
I would also like to be able to view a real-time log.
For how long have I used the solution?
I have been using the solution for seven years.
What do I think about the stability of the solution?
The solution is stable. I rate it an eight out of ten.
What do I think about the scalability of the solution?
The solution is scalable. I rate it a seven out of ten.
How are customer service and support?
Technical support is very good.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is very straightforward and is accomplished via quick installation.
What about the implementation team?
We install the solution for customers. One of our technicians handles base deployment which can take two or three years depending on our customer's needs.
What's my experience with pricing, setup cost, and licensing?
The hardware has a one-time cost and maintenance is paid by annual subscription.
Customers contracts are on a monthly basis and include log monitoring services, maintenance, and technical support provided by two technicians.
The solution is not that expensive and I rate it a five out of ten.
What other advice do I have?
The solution pairs very well with other Fortinet products.
I rate the solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
CEO/CTO at Eunoia Design
It creates a central point of management and control, giving you real-time insight into what is going on.
Pros and Cons
- "One of the most valuable features is the ability to analyze data in real-time using AR features to pull data from the industrial DB. You can know what is going on and see in milliseconds where the network is underperforming."
- "The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation."
What is our primary use case?
We have multiple firewalls linked through a VPN. There is traffic from several branches and multiple points of failure, so you need to analyze this traffic to know what's coming in and going out. When you have more chains, there are more points of failure that can be exploited.
I use FortiAnalyzer on-premise and on the cloud. I update the solution at least once a year. I always update the firewall to the latest edition, so I can have three months or four months to test it in the VM. I use even more products and also AWS and Azure Cloud. About 9 percent of my company is responsible for security and networking. Everybody's on my team works with FortiAnalyzer.
Our department has three security architects and four network engineers. They are beginning to place assistant administrators on the network.
How has it helped my organization?
FortiAnanalyzer ensures you have an accurate view of all your devices, so you don't need to check each one. The analyzer creates a central point of management and control, giving you insight into what is going on.
So you want to move through that traffic that's coming in as the lock the analyzer will like to analyze the traffic in real-time so you can know what is going on. Yeah, so you customize it to be able to analyze what you want it to be able to analyze.
What is most valuable?
One of the most valuable features is the ability to analyze data in real-time using AR features to pull data from the industrial DB. You can know what is going on and see in milliseconds where the network is underperforming.
FortiAnalyzer also has good storage capacity for storing the logs. The notification capabilities are excellent, too. It sends alerts so always know what is going on. For example, if you're on a break and something goes wrong, it lets you know so can immediately go back and fix it. You don't need to be constantly sitting in front of it.
What needs improvement?
The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation.
They need to update guide so it's more aligned with what the UI shows. The guide has lots of stuff in it, there sometimes you still don't get it. It takes too long for a new version of the documentation to come out. It still works, but the problem is that the UI is completely different, so it's challenging to find things.
For how long have I used the solution?
I have used FortiAnalyzer for the last three and a half years.
What do I think about the stability of the solution?
FortiAnalyzer is stable at the time of release. You don't have problems when you install it. There aren't configuration breaks that you have to go fix. When you update, the transition is smooth.
What do I think about the scalability of the solution?
FortiAnalyzer is scalable.
How are customer service and support?
I have contacted Fortinet support once or twice, but not for FortiAnalyzer. Some of my clients had a problem with FortiGate and the traffic-shaping policy. The traffic-shaping policy in the later version of FortiGate doesn't work like it used to.
Fortinet's technical support was dependable, helpful, and knowledgeable about the product. They were prompt and responsive, so it was good. I rate Fortinet support 10 out of 10.
Which solution did I use previously and why did I switch?
I was using Cisco ASA before FortiAnalyzer. I started using SonicWall six years ago, and five years I discovered FortiGate. I find FortiAnalyzer easier to use than the other products.
How was the initial setup?
Setting up FortiAnalyzer is a bit complex for a beginner because you have a shallow understanding of what it is. Configuring the advanced features is somewhat challenging, but the basic setup isn't that tough.
Setting up FortiAnalyzer takes around five to 10 minutes. I rate my setup experience 10 out of 10. After deployment, there isn't too much maintenance. It's just the usual updates. That's it.
What about the implementation team?
I do the setup in-house. If I'm setting FortiAnalyzer for a client, I will typically walk them through step by step with the team, so they know how to set it up and what everything does.
What's my experience with pricing, setup cost, and licensing?
I rate FortiAnalyzer six out of 10 for affordability. FortiAnalyzer pricing isn't steady. It changes each quarter or year. That's one of the main problems in West Abaco because most businesses here are small or medium-sized enterprises. It makes budgeting complicated. You always want to pay the same price on the subscription.
At the same time, I think Fortinet pricing is reasonable compared to all the others. The value you get from Fortinet is better because it beats other vendors in terms of performance, functionality, and efficiency. New firewalls like Alexa are trying to compete in pricing, and people are looking into it to see, but Fortinet is good for now. However, they need to work on keeping the price consistent.
What other advice do I have?
I rate FortiAnalyzer nine out of 10. My advice to anyone implementing FortiAnalyzer is to read about a product. If you do your homework, it's easier to set up. The next thing is to understand your environment, especially if you have multiple links over your network that leave you more vulnerable to attacks.
The more links you have, the more exposed you are to attacks. It is possible that one link can be vulnerable, and you won't take notice.FortiAnalyzer is the best choice.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Log ManagementPopular Comparisons
Splunk Enterprise Security
Dynatrace
IBM Security QRadar
Elastic Security
Elastic Observability
LogRhythm SIEM
Sumo Logic Security
Grafana Loki
Security Onion
syslog-ng
Amazon CloudWatch
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
- Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
- Which Windows event log monitoring tool do you recommend?
- What is the difference between log management and SIEM?
- Splunk vs. Elastic Stack
- How can Cloudtrail logs be used effectively to improve log monitoring?
- Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
- When evaluating Log Management solutions, what aspect do you think is the most important to look for?
- When evaluating Log Management solutions, what aspects do you think are the most important to look for?
- Why are Log Management tools important for companies?