Our clients use Fortinet FortiAnalyzer to analyze and locate the traffic in their network. Since it's a big customer, they have both Fortinet FortiAnalyzer and Fortinet FortiManager.
System Specialist at Databros
Easy to get reports and read specific logs
Pros and Cons
- "With Fortinet FortiAnalyzer, it is easy to get reports and read specific logs."
- "Fortinet has a new bug every month, which needs to be improved."
What is our primary use case?
What is most valuable?
With Fortinet FortiAnalyzer, it is easy to get reports and read specific logs. It provides fast log analysis for getting information. The solution helps locate if a destination is blocked or a machine communicates with the right port or server. Basic debugging can be done quickly using Fortinet FortiAnalyzer.
What needs improvement?
Fortinet has a new bug every month, which needs to be improved.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for four years.
Buyer's Guide
Fortinet FortiAnalyzer
April 2025

Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.
What do I think about the stability of the solution?
Fortinet FortiAnalyzer is a really stable solution and does not have any bugs.
What do I think about the scalability of the solution?
Fortinet FortiAnalyzer is a scalable solution.
Which solution did I use previously and why did I switch?
I have previously used the Kibana tool.
How was the initial setup?
The solution's initial setup is easy because it's a virtual machine. You have to upgrade it once every two to three years, which is a slow process. However, there aren't many features that need to be updated because the product is good.
What was our ROI?
The solution has been in our organization before I joined. Based on that, I have to say it's a good investment.
What's my experience with pricing, setup cost, and licensing?
Fortinet FortiAnalyzer is quite an expensive tool.
On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing an eight out of ten.
What other advice do I have?
Users should never upgrade to the newest firmware. In the last decade, we have learned to always wait and see. Fortinet has had some bad releases. You must have good quality assurance that the product is bug-free. It is easy to maintain the solution.
Overall, I rate the solution an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Last updated: Aug 30, 2024
Flag as inappropriate
Senior Network Engineer at Delta Line International
Provides great visibility into user logs and traffic
Pros and Cons
- "The traffic log information we receive from Fortinet FortiAnalyzer is valuable."
- "Fortinet FortiAnalyzer needs to have more out-of-the-box connectors for integration with other solutions."
What is our primary use case?
We use Fortinet FortiAnalyzer for logs and reports. We have a SOC subscription to monitor the end users' login activity and traffic.
Fortinet FortiAnalyzer is deployed by us in both on-premises and cloud environments.
How has it helped my organization?
Fortinet FortiAnalyzer provides more visibility into the logs.
What is most valuable?
The traffic log information we receive from Fortinet FortiAnalyzer is valuable.
What needs improvement?
Fortinet FortiAnalyzer needs to have more out-of-the-box connectors for integration with other solutions.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for three months.
What do I think about the stability of the solution?
Fortinet FortiAnalyzer is stable as long as we keep it up to date.
What do I think about the scalability of the solution?
Fortinet FortiAnalyzer is scalable.
How are customer service and support?
The technical support is great. We receive support within 24 hours of opening a ticket.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial deployment of Fortinet FortiAnalyzer is straightforward. There are two network interfaces involved: the Internet interface and the LAN interface. The LAN interface must be configured on the same subnet as the other Fortinet products to enable visibility of the network connector from the Fortinet console. Upon successful configuration, an authorization message will be received, allowing us to proceed with adding the devices to the FortiAnalyzer device manager and initiating log data collection. The deployment process is well-documented, requiring minimal personnel, and can be completed within five hours.
What's my experience with pricing, setup cost, and licensing?
The number of licenses required directly corresponds with the number of devices connected.
What other advice do I have?
I would rate Fortinet FortiAnalyzer a nine out of ten.
FortiAnalyzer enhances network security visibility with its comprehensive logging and analysis capabilities, making it a valuable tool for organizations seeking to improve their security posture. I highly recommend it.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Buyer's Guide
Fortinet FortiAnalyzer
April 2025

Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
849,190 professionals have used our research since 2012.
Team Lead Manager at Wizlynx
We can collect all gateway information and logs in one location, but it is difficult to modify rules
Pros and Cons
- "The ability to gather all gateway information and logs in a single location is the most valuable feature."
- "I don't find Fortinet FortiAnalyzer to be as robust as Check Point Security Management."
What is our primary use case?
I utilize Fortinet FortiAnalyzer to gather various logs from FortiGate, enabling me to conduct specific investigations in particular cases.
What is most valuable?
The ability to gather all gateway information and logs in a single location is the most valuable feature.
What needs improvement?
I don't find Fortinet FortiAnalyzer to be as robust as Check Point Security Management. However, this perception might be attributed to my limited familiarity with Fortinet FortiAnalyzer. For instance, with Check Point, I can easily make modifications to rules such as identifying issues, making corrections, or adding new features. This includes creating exceptions or adding elements to the current rule set.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for four months.
What do I think about the stability of the solution?
In our current environment, Fortinet FortiAnalyzer is stable.
What do I think about the scalability of the solution?
I am currently utilizing the cloud version of Fortinet FortiAnalyzer, and the scalability it offers is exceptional. Unlike the on-premises version, I have not encountered any issues.
How was the initial setup?
The initial setup is straightforward. The deployment takes a few minutes and the configuration is easy.
What's my experience with pricing, setup cost, and licensing?
I would rate FortiAnalyzer's price a seven out of ten, with ten being the most expensive.
What other advice do I have?
I would rate Fortinet FortiAnalyzer a seven out of ten.
We are paying for vendor maintenance support, and so far, the maintenance has been minimal.
I recommend completing training before utilizing Fortinet FortiAnalyzer. I was suddenly tasked with using the solution when my organization decided to change technologies, and it was initially challenging to understand how it operates.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technological Infrastructure Coordinator at IEST
Easy to configure and integrate with a straightforward setup
Pros and Cons
- "Support is helpful."
- "We are concerned about the compliance of our policy and institutional philosophy."
What is our primary use case?
The product is for reporting about the use or detecting some issues or activities.
What is most valuable?
The ability to track the activities of our users and some topics about security risks are the most valuable aspects.
It's simple to use.
It is not hard to set up.
The configuration is easy.
It offers good integration capabilities.
Support is helpful.
There is a lot of great documentation to be found online.
What needs improvement?
We are concerned about the compliance of our policy and institutional philosophy. We are a university and provide the tool to the users and to the infrastructure for the right use.
For how long have I used the solution?
I've been using the solution for six years.
What do I think about the scalability of the solution?
We have around 2,000 users.
How are customer service and support?
Support is good. We also use the documentation online and find help via some tutorials on the internet.
How was the initial setup?
The initial setup is very simple.
The deployment took about six months.
What about the implementation team?
We deployed it via our team, however, we used an external consultant from the reseller.
What's my experience with pricing, setup cost, and licensing?
We pay a standard licensing fee on a yearly basis.
The pricing is complex since we need to add some other products or tools to assure our infrastructure, then the amount of every one of the items of software otherwise the solution is expensive in the end.
What other advice do I have?
We are a customer and end-user.
I'd rate the solution nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Corporate IT Manager at PRopex Furnishing Solutions
Stable log management support system that offers a centralized view of incident reports
Pros and Cons
- "This solution offers one view of incident management which has been the most valuable feature."
- "When using this solution, you need a high-level expert to make it work as it should."
What is our primary use case?
We use this solution to centralize the monitoring on Forti Fabrics. We monitor all firewalls and use this solution for incident management.
What is most valuable?
This solution offers one view of incident management which has been the most valuable feature.
What needs improvement?
When using this solution, you need a high-level expert to make it work as it should. We hired IT support who had knowledge of the network and firewall. For the initial step, you need a Forti expert.
For how long have I used the solution?
We have used this solution for one year.
What do I think about the stability of the solution?
This is a stable solution.
What do I think about the scalability of the solution?
This is a scalable solution.
How are customer service and support?
We have a support expert who contacts Forti when we have a problem. If we come across a bug, we need to involve Forti and open a ticket for support.
How was the initial setup?
We hired a consultant to complete the setup as it is not straightforward and requires an expert. The setup took a few days. Four IT staff look after maintenance of this solution.
What's my experience with pricing, setup cost, and licensing?
The enterprise version of this solution is costly. We have considered FortiAuthenticator for network control, but the pricing was focused on the larger companies and didn't suit our needs as a smaller business.
The pricing for this solution is on an annual basis. Databases, a virus scanner, and intrusion detection is included.
Which other solutions did I evaluate?
We have previously looked into Sophos UTM and Palo Alto.
What other advice do I have?
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Manager at a manufacturing company with 201-500 employees
Notifications and alerts are helpful, and it is a natural choice for Fortinet security devices
Pros and Cons
- "Special notifications about compromised phones are valuable because we have some guest networks, and sometimes, people are connecting phones that are connected to compromised websites. We want to be informed about it. We sometimes have some cases where we want to analyze the connection from inside to outside ports. So, it helps with a lot of things. It depends on our needs."
- "The interface or GUI does not work properly on Microsoft Edge. The behavior or the view is different on Microsoft Edge versus on Chrome or Firefox. When some buttons do not work, I am forced to switch to Firefox."
What is our primary use case?
We take all the logs from FortiGate.
We have it deployed on-premises, and we are definitely using its latest version because we are creating a new virtual machine.
What is most valuable?
Special notifications about compromised phones are valuable because we have some guest networks, and sometimes, people are connecting phones that are connected to compromised websites. We want to be informed about it. We sometimes have some cases where we want to analyze the connection from inside to outside ports. So, it helps with a lot of things. It depends on our needs.
What needs improvement?
The interface or GUI does not work properly on Microsoft Edge. The behavior or the view is different on Microsoft Edge versus on Chrome or Firefox. When some buttons do not work, I am forced to switch to Firefox.
There could be better analysis from the client's perspective. If you have FortiClient EMS, you should be able to analyze users more than the connections.
For how long have I used the solution?
We started using Fortinet FortiAnalyzer this year. It was bought by our main company in the Netherlands.
What do I think about the stability of the solution?
It is now stable, but our previous instance was unstable. We had problems with connectivity. It was strange because it is a virtual machine, and it was on the same hypervisor or host, but only Fortinet FortiAnalyzer had connectivity problems. The connection was dropped, and it was not always possible to log in. We moved it to a different environment. We have now moved it to a Hyper-V cluster on a different site in Poland, and it is now stable.
What do I think about the scalability of the solution?
It is scalable. We could change the size. It was easy.
We have mainly two people working with Fortinet FortiAnalyzer. My colleague and I from the Netherlands work on it. All IT departments also can access it. In total, we have five or six users, but mainly, two of us work on it.
How are customer service and support?
I use their technical support when I have problems. They solve my problems, but sometimes, they take time because it is difficult to understand each other. I prefer a phone call over the email or ticket system because we can share more information in a short time. I would rate them a nine out of ten. They sometimes do not have a fast solution, but they always resolve an issue in the end.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I did not work on any similar product previously.
How was the initial setup?
It was easy to deploy. It took one hour.
What about the implementation team?
We deployed it ourselves. We know the product. We know how to register devices and how to join devices. It was easy. We used our knowledge.
What's my experience with pricing, setup cost, and licensing?
I do not know the price of Fortinet FortiAnalyzer. I did not pay for it, but I know the price of other Fortinet products. They are not cheap. I am from Poland. We have Zloty, not Euro, so for us, everything is expensive.
I had also tried to buy it in the past, but it was too expensive.
What other advice do I have?
If you have FortiGate and FortiClient EMS, FortiAnalyzer is a natural choice. You can have notifications and alerts. Some things are automatically done by FortiAnalyzer. From a security perspective, it is a very good product.
Overall, we are satisfied with it. I would rate Fortinet FortiAnalyzer an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Specialist at EAST-NB
It aggregates and correlates all the events from multiple sources
Pros and Cons
- "Many of my clients are financial institutions that transmit files from around the country across a VPN. In a setup like this, it's helpful to have a centralized dashboard to manage firewalls and other security solutions across a distributed environment. You can do all sorts of analysis and configure it to trigger alarms."
- "FortiAnalyzer only integrates with Fortinet solutions. That is a limitation because many organizations use multiple vendors. It's often a mixture of Cisco network hardware and equipment from other vendors, such as switches, access points, etc."
What is our primary use case?
FortiAnalyzer provides a centralized dashboard for analyzing the output of all our Fortinet solutions, like FortiGate, FortiManager, FortiSandbox, etc. It aggregates and correlates all the events.
What is most valuable?
Many of my clients are financial institutions that transmit files from around the country across a VPN. In a setup like this, it's helpful to have a centralized dashboard to manage firewalls and other security solutions across a distributed environment. You can do all sorts of analysis and configure it to trigger alarms.
What needs improvement?
FortiAnalyzer only integrates with Fortinet solutions. That is a limitation because many organizations use multiple vendors. It's often a mixture of Cisco network hardware and equipment from other vendors, such as switches, access points, etc.
For how long have I used the solution?
We have used FortiAnalyzer for one year.
What do I think about the stability of the solution?
FortiAnalyzer is stable as long as you don't push it. It can cause trouble if you are overreliant on virtual machines and you don't have hardware acceleration. You might see some performance problems.
What do I think about the scalability of the solution?
FortiAnalyzer is scalable. It covers FortiGate firewalls, switches, etc. You can always buy more licenses or hardware if you need to upgrade.
How are customer service and support?
The response times could be faster.
How was the initial setup?
Setting up FortiAnalyzer is straightforward. It doesn't take long because everything is already built for you unless you need to do some virtualization. The specific steps depend on your environment and what kind of device fabrics you use.
What's my experience with pricing, setup cost, and licensing?
They have three-year licenses, but I usually recommend starting with a one-year license to try FortiAnalyzer out. After that, you can switch to a three-year license.
What other advice do I have?
I rate FortiAnalyzer nine out of 10. I recommend FortiAnalyzer to anyone who is using Fortinet products.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Chief Technology Officer at Future Point Technologies
Comprehensive reporting and efficient log management
Pros and Cons
- "The most valuable is its robust and comprehensive reporting functionality, providing a thorough overview of various metrics."
- "I believe that its technical support is the only aspect that requires significant improvement."
What is our primary use case?
The primary use case for our clients revolves around robust reporting capabilities, addressing key aspects such as understanding diverse utilizations and the performance of network links. They specifically sought insights into bandwidth usage and detailed reporting at the application level. Additionally, an essential requirement was efficient log management. This is crucial because FortiGate has limitations on retaining logs for an extended duration, and our clients needed a solution, such as FortiAnalyzer, to effectively manage and analyze logs over an extended period.
What is most valuable?
The most valuable is its robust and comprehensive reporting functionality, providing a thorough overview of various metrics. Additionally, its ability to centrally capture logs from multiple devices proves indispensable for our SOC. This centralized log management facilitates automation processes, and we also greatly appreciate the effectiveness of its analytics features.
What needs improvement?
I believe that its technical support is the only aspect that requires significant improvement. With the current trend toward AI advancements, there's an opportunity for improved AI analytics. This could empower us to better leverage technology to detect attacks in a more effective manner.
For how long have I used the solution?
I have been working with it for more than five years.
What do I think about the stability of the solution?
It offers excellent stability capabilities. I would rate it nine out of ten.
What do I think about the scalability of the solution?
It offers a capacity of up to two thousand gigabytes of logs daily, showcasing considerable scalability. I believe it is a scalable solution that can easily accommodate increasing needs without compromising performance. Our clients fall into the enterprise category. I would rate it eight out of ten.
How are customer service and support?
The support services are often outsourced to specific regions, resulting in varying levels of technical expertise. While regions like America, the USA, Europe, and certain countries in Australia benefit from reasonable and proficient engineers, other locations may experience subpar tech support. Consequently, issue resolution can be time-consuming, leading customers to sometimes address problems independently. Particularly in terms of time efficiency, there is a need for improvement to expedite the support process. I would rate it six out of ten.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup was straightforward. I would rate it eight out of ten.
What about the implementation team?
The deployment process is straightforward and efficient, requiring minimal time and effort. It takes approximately thirty minutes and it's quite user-friendly.
What's my experience with pricing, setup cost, and licensing?
The pricing is reasonable. The cost structure is primarily based on factors such as the number of logs, log sizes, and the daily log storage capacity, with a minimum requirement of two gigabytes per day. The maximum storage capacity can extend up to eight thousand gigabytes of logs per day.
What other advice do I have?
I would strongly recommend utilizing it. It's an excellent product with abundant features, offered at a very reasonable price point. Overall, I would rate it eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller

Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros
sharing their opinions.
Updated: April 2025
Product Categories
Log ManagementPopular Comparisons
Dynatrace
Splunk Enterprise Security
IBM Security QRadar
Elastic Security
Elastic Observability
Grafana Loki
Security Onion
LogRhythm SIEM
Elastic Stack
syslog-ng
Amazon CloudWatch
Sumo Logic Security
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
- Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
- Which Windows event log monitoring tool do you recommend?
- What is the difference between log management and SIEM?
- Splunk vs. Elastic Stack
- How can Cloudtrail logs be used effectively to improve log monitoring?
- Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
- When evaluating Log Management solutions, what aspect do you think is the most important to look for?
- When evaluating Log Management solutions, what aspects do you think are the most important to look for?
- Why are Log Management tools important for companies?