Fortinet FortiAnalyzer Reviews

It receives logs from the FortiGate 5000 Series (about 12 FortiGate blades), and it was configured for keep logs for about 1,050 days. The logs are divided by archive (raw logs) and analytics (logs indexed in a database). 

The use case is primarily for getting graphical data to make quick decisions.

FAZ has improved the organization because it stores events in the past so we can correlate incidents using another monitor tools; the problem is that it can´t recognize logs from FortiController blades, not even specifying it as a syslog device so this is a big lack. Devices from another brand are compatible only as syslog devices if they support.

It supports SQL for logging and reporting. Log data is inserted into the SQL database for log view and report generation. 

Another feature is the custom reports, where you can obtain a chart builder from a log view: traffic, event, or security log.

It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs.

No issues at all. It is a reliable product.  

The problems come when you are using different OS versions between FortiGate and FortiAnalyzer.

No scalability issues. You should know how many logs per second or minute are generated in your network to avoid issues with scalability.

The technical support with Fortinet has risen considerably. Now, they respond in three to four hours instead of two days.

We did not use a previous solution.

The FAZ includes a wizard, which is very simple to follow during the initial setup.

We implemented it in-house. We have had some experience implementing FAZ.

I do not have this value yet.

The cost and pricing should be in accordance with the calculation of log storage capacity for a time period required for historical analysis.

We did not look at any other options, because Fortinet was elected for use by the end user.

My only experience is with a very important customer, the most recognized in Latin America.

The key functions for us are the next-gen firewall and network analytics. To ensure the best protection, we need to constantly analyze the situation in the network, as well as internal and external threats, as well as actual AV protection. The Fortinet products and FortiGuard services give us all of this.

Our company uses a virtual infrastructure. Implementing this product supplements the protection of our infrastructure.

The current version of the product is easy to use. Based on my experience, I can't recommend any areas of improvement. It's important, however, to know what you want prior to implementation. Otherwise, it may not meet your future needs based on the initial configurations.

We've used it for about four months.

During installation, we had no problems with deployment.

We have had no problems with stability.

We have had no problems with scalability.

The level of local customer service was very good. Per our request, tested the product. We got all answers to our questions from technical support. I rate both of them highly.

We used Wallix AdminBastion together with it.

The initial setup was straightforward.

A successful implementation for this product depends on how clearly the customer understands what they have and what they need in the future. In most cases, the customer turns out to be unsatisfied when it's unclear that they knew what they wanted prior to implementation. My main recommendation is to implement it together with the vendor, writing down the tasks, solutions, and the expected result before you begin.

I think Fortinet has a balanced offering of prices and licenses.

Fortinet's strategy is based on the dividing the product line depending on functionality. This allows customers to choose only the necessary feature set for them.

The Fortinet product line is wide – you can choose from SOHO to Enterprise, and from hardware to virtual solution. The presence of a free client (Win/Android/OS X) provides protection for client workstations. Each customer will be able to find the most suitable solution for them.

The balanced policy product line and licensing allows customers to choose only the necessary feature set for them. Also you can easily migrate from other vendors using single tools for conversion. Another tool helps you plan the placement of Wi-Fi points in the building. Also, it's very important that equipment has international and national certification such as PCI, DSS, etc. Presentation of products for SDN (Software-defined Networks including SDDC - Software-defined Data Center) confirms the company's leading position in the market.

I mainly use FortiAnalyzer to centralize logs from multiple devices and generate local reports. It can work in two operation modes: as a collector only or an analyzer.

FortiAnalyzer has enriched the visibility for all our security solutions.

FortiAnalyzer's best feature is centralized log analysis. It's based on SQL database, so I can fully customize my report, chart-wise and log-wise, and can create as many reports as I want without any limit. It also has an important feature called Indicators of Compromise, an artificial intelligence feature that detects and alerts you when there is a breach in your entity. 

I've been using FortiAnalyzer for ten years.

FortiAnalyzer is a very mature and stable product.

FortiAnalyzer is scalable. When my organization expands in any way, I can implement a FortiAnalyzer as a collector only, it will collect the log, and I can send this to the main analyzer. If I use the virtual alert mode, this is a stackable license, so I can expand the log size or the internal hard-disc log size by purchasing a license. There is also a workaround solution, to automatically upload the old log file to shared storage and delete the old one, which gives more space in the hard drive.

FortiAnalyzer's technical support is helpful.

Positive

FortiAnalyzer is straightforward to implement and integrate, but a little experience is needed to generate a technical level.

We get good ROI from FortiAnalyzer.

FortiAnalyzer's price could be lower, but it is cheaper than competitors like Palo Alto, Forcepoint, or Sophos. The basic license is available on a yearly basis, but some other licenses can be for three, six, or nine months as required. There are no hidden costs associated with this product.

Don't just depend on the basic reports, you can get much more out of FortiAnalyzer if you know how to create customized reports from the SQL queries. I would give FortiAnalyzer a rating of eight out of ten.

We primarily distribute this product to our clients.

When you need the reporting on the ISP, you will hand it to FortiAnalyzer. It works amazingly well. 

With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer.

The solution is very complete.

The product is very simple to use. 

It's regularly updated with many versions constantly adding more content and information.

The solution has sandboxing, IPS, and DPS as well.

The solution allows for a lot of customization.

Whether it's FortiAnalyzer, FortiManager, FortiGate, FortiIP, and FortiSwitch you can manage everything through a single console. That is the beauty of Fortinet. It's the security fabrics on offer. When you use the security fabrics, harnessing that control on a single dashboard makes everything so easy and manageable. 

There aren't any features missing. It's very complete.

Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues.

The solution has some limitations. We use MNC, and it has a US patent. Here we can do this thing but we maybe can't do that thing. They provide some documents to customers, but the customers want remote support to take on and/or finish the work. That's why I have the deployment team in place. It's a team within our team.

We don't really use the solution. We sell the solution to our clients.

We've never had issues with stability. It's excellent. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable.

The scalability is good. If a company needs to scale the solution, they are able to do so very easily.

We have our own technical support offering and have 22 people handling everything from tickets to critical issues. It's L3 support, not L2 or L1.

Fortinet's support, on the other hand, has a slow response time. That's why we handle issues. If you put in a ticket with Fortinet, you may not get a response for 15 or 20 days. Our response time is much quicker.

We deal specifically in Fortinet products. We don't sell other solutions to our clients.

The initial setup is not complex at all. It's very straightforward.

Deployment is very easy. If you're using multiple gateways you can just connect through a single gateway. 

We are an official partner and distributor of Fortinet in Maharashtra and Goa. We have only Fortinet products, and we are the sales stockist and we also offer our services. We have a limited portfolio and handle products such as FortiGate, FortiManager, FortiSwitch, and FortiED as well as FortiAnalyzer.

You can see in the Gartner report, Fortinet remains in the top tier of products, alongside Palo Alto and Check Point. Even Sophos and Sonic Wall aren't as highly ranked as Fortinet.

There isn't much competition locally on the market here. Palo Alto is technically a competitor, however, it lacks a few things that Fortinet already has.

I would definitely recommend the product. In fact, I would recommend the whole Fortinet portfolio to each and every client. Of course, which product would depend on the client requirements. All are excellent.

I'd rate the solution ten out of ten. Technical support is lacking, however, we have an internal team that can fulfill those needs.

The most important feature is to be able to get reports or information about the state of all firewalls.

Fortinet FortiAnalyzer is not in the cloud environment like some of the other products. There could be a possibility of extending its functionality to the cloud environment. 

If possible, they could have a deal with or integrate with other firewall manufacturers, like Palo Alto and Cisco, and mix the information. It is a difficult functionality. I don't know if any product in the market provides such functionality.

I have been using Fortinet FortiAnalyzer for around one year.

It is very stable.

It is scalable up to the maximum requirement of our customers. Our customers don't require a lot of firewalls, such as 100 or 1,000.

We have contacted their technical support, and there was no problem. In general, we can directly communicate with their technical support and technicians.

I have used products from Palo Alto and Cisco.

The initial setup is not complex. The configuration of Fortinet FortiAnalyzer is easy for basic information. The configuration can be complex if you want to do a lot of reporting.

It is not very expensive when customers understand the value of this product and the importance of the information that it provides for security. 

We are a reseller. We have some customers who use this product, and I help them with the configuration of the basic features. 

Fortinet FortiAnalyzer is useful for seeing the problems of the network and analyzing what is happening in your network. If you have an attack or some security problem, you can immediately see the information in the logs. 

I would rate Fortinet FortiAnalyzer an eight out of ten.

We use this solution for reporting. We also use it to keep logs for our clients that require logs with a history of more than seven days.

In addition to our own firewalls, we have several clients with firewalls that report into the same FortiAnalyzer.

We have a private cloud deployment, set up on-premises.

The most valuable features are customizing reports, and the ability to drill down to display critical information in real-time. FortiGate itself, for example, doesn't offer all of this information on the entry-level firewalls. You can get more detailed information from FortiAnalyzer based on the log that is retrieved from FortiGate while it is operating.

I would like to be able to do more customization. For example, I would like to be able to develop my own set of reports that I can upload to the analyzer, and then it can report in a fashionable way as to what I really expect, rather than the ones that are preconfigured. Then we can play around with them in terms of where you can position your top bandwidth users, and such.

The reports are good, but they are over-summarized.

The device has been pretty much stable. We haven't really had issues with it in the time that we've been using it.

The licensing limits the storage in terms of how much information it can store. For example, you can collect seven gigs of log files in a day.

We have twenty firewalls connecting to FortiAnalyzer. We are moving some of them to the FortiCloud platform because we get thirty days of reporting on a non-subscription basis with FortiCloud. With FortiAnalyzer, we would have to pay for more licenses.

At this stage, we do not plan to increase usage. The majority of our clients who have entry-level firewalls are now depending on FortiCloud. It is more robust than us having more of the FortiAnalyzer devices. Because FortiCloud is accessible from anywhere, a client can easily manage it, rather than us giving them access to the Fortianalyzer. So, we're finding FortiCloud being a better option than us having an on-site FortiAnalyzer.

When I speak with Fortinet technical support it is usually in regards to FortiGate. I would rate their support team an eight out of ten. Sometimes, what happens is that we open a webchat with them where you don't have to open a ticket. The problem is that you may end up dealing with the level-one support who doesn't really give you the answer, so they then refer you to open a ticket. This delay can be a problem when you have a client that needs an issue resolved right then and there.

We have not used any other solutions for log analysis.

The initial setup of this solution is pretty straightforward. We have a few FortiGate firewalls, and they communicate with FortiAnalyzer over the public networks by sending their logs.

The deployment was not difficult and did not take much time. It is just the initial configuration on FortiAnalyzer, which takes no more than ten minutes. Then, the analyzer will be synchronized with FortiGate. It is just a matter of entering the FortiAnalyzer IP address, then allowing it to register. In total, it takes about twenty minutes.

There are three administrators for this solution, and I handle the maintenance myself.

We handled the deployment ourselves. The documentation from Fortinet is pretty straightforward.

The pricing of this solution is fair, and it is based on what you can manage. There are no costs in addition to the licensing fees.

We tried NetFlow Analyzer, and the product was good but it was highly expensive.

This solution, at every stage, does what I expect it to.

My advice for anybody researching this solution is to consider the size of their organization. If it is very big and they need to retain a log for a specific number of days or a period of time, for example, going back to thirty days and they also need to analyze the traffic in real-time, then FortiAnalyzer would be ideal. However, the same service is now available on FortiCloud, which is something else that I highly recommend.

With other solutions, such as NetFlow Analyzer, you can really customize your report to what you expect. Together you can insert logs, you can customize your reports with the logs that you're receiving, unlike with FortiAnalyzer. This is a major drawback.

I would rate this solution a seven out of ten.

Fortinet FortiAnalyzer is primarily utilized to generate quarterly reports showcasing blocked attacks and vulnerabilities. It employs features like WAV porting triggers and DNS triggers to effectively demonstrate to the client the security of their environment.

Fortinet FortiAnalyzer assists in showcasing the value of Fortinet and facilitates the upselling of additional Fortinet products to our customers.

The most valuable feature is the capability to create a customized dashboard. We can subsequently input our EMS, FortiClient, and FortiGate data into it and generate reports.

The integration between specific tenants and FortiAnalyzer can be simplified when utilizing a multi-tenant EMS for our FortiClient.

I have been using Fortinet FortiAnalyzer for three months.

Fortinet FortiAnalyzer is stable.

Fortinet FortiAnalyzer is scalable.

I utilized the technical support services once, and I received a prompt response.

The initial setup is straightforward. The deployment was an easy and smooth process. The deployment took one day and I did it myself.

I would rate Fortinet FortiAnalyzer a nine out of ten.

Fortinet FortiAnalyzer does not require maintenance after the initial report setup. We simply have to remove and add FortiGate as needed for each report.

Before utilizing Fortinet FortiAnalyzer, individuals should determine the type of reporting they require. Additionally, they ought to be acquainted with FortiGate before endeavoring to use FortiAnalyzer.

We are using Fortinet FortiAnalyzer for analyzing network traffic and it provides us with log analytics.

Overall we are satisfied with all the features the solution provides.

There are a lot of solutions on the market and Fortinet FortiAnalyzer is limited. It cannot be used across multiple vendors. They can improve by advancing their technology.

The solution could improve by having better integration and support with Apple, Linux, and Microsoft solutions.

I have been using Fortinet FortiAnalyzer for approximately five years.

We have been making changes to the cloud signatures and categories because the market is changing and Fortinet FortiAnalyzer has been stable and reliable.

The solution is scalable but there are additional costs if you want to increase the scalability.

We have been satisfied with the support.

The installation was not difficult.

We did the implementation ourselves.

In the local market sometimes people are being charged more than other solutions. Although the market is competitive, legitimate suppliers do not receive a large enough discount to pass onto the customers. 

Fortinet FortiAnalyzer is not suitable for everyone, it is best suited for mid-sized businesses but if the price could be reduced there would be more customers in all-sized businesses.

I rate Fortinet FortiAnalyzer a seven out of ten.