Try our new research platform with insights from 80,000+ expert users
Consultor de Seguridad at Netrix, LLC (X956)
MSP
It supports SQL for logging and reporting
Pros and Cons
  • "It supports SQL for logging and reporting. Log data is inserted into the SQL database for log view and report generation."
  • "It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs."

What is our primary use case?

It receives logs from the FortiGate 5000 Series (about 12 FortiGate blades), and it was configured for keep logs for about 1,050 days. The logs are divided by archive (raw logs) and analytics (logs indexed in a database). 

The use case is primarily for getting graphical data to make quick decisions.

How has it helped my organization?

FAZ has improved the organization because it stores events in the past so we can correlate incidents using another monitor tools; the problem is that it can´t recognize logs from FortiController blades, not even specifying it as a syslog device so this is a big lack. Devices from another brand are compatible only as syslog devices if they support.

What is most valuable?

It supports SQL for logging and reporting. Log data is inserted into the SQL database for log view and report generation. 

Another feature is the custom reports, where you can obtain a chart builder from a log view: traffic, event, or security log.

What needs improvement?

It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs.

Buyer's Guide
Fortinet FortiAnalyzer
November 2024
Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues at all. It is a reliable product.  

The problems come when you are using different OS versions between FortiGate and FortiAnalyzer.

What do I think about the scalability of the solution?

No scalability issues. You should know how many logs per second or minute are generated in your network to avoid issues with scalability.

How are customer service and support?

The technical support with Fortinet has risen considerably. Now, they respond in three to four hours instead of two days.

Which solution did I use previously and why did I switch?

We did not use a previous solution.

How was the initial setup?

The FAZ includes a wizard, which is very simple to follow during the initial setup.

What about the implementation team?

We implemented it in-house. We have had some experience implementing FAZ.

What was our ROI?

I do not have this value yet.

What's my experience with pricing, setup cost, and licensing?

The cost and pricing should be in accordance with the calculation of log storage capacity for a time period required for historical analysis.

Which other solutions did I evaluate?

We did not look at any other options, because Fortinet was elected for use by the end user.

What other advice do I have?

My only experience is with a very important customer, the most recognized in Latin America.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are Grupo CEPRA, a channel for Fortinet sales.
PeerSpot user
it_user369339 - PeerSpot reviewer
Project manager at IRIDIS Group
Vendor
Our company uses a virtual infrastructure. Implementing this product supplements the protection of our infrastructure.

What is most valuable?

The key functions for us are the next-gen firewall and network analytics. To ensure the best protection, we need to constantly analyze the situation in the network, as well as internal and external threats, as well as actual AV protection. The Fortinet products and FortiGuard services give us all of this.

How has it helped my organization?

Our company uses a virtual infrastructure. Implementing this product supplements the protection of our infrastructure.

What needs improvement?

The current version of the product is easy to use. Based on my experience, I can't recommend any areas of improvement. It's important, however, to know what you want prior to implementation. Otherwise, it may not meet your future needs based on the initial configurations.

For how long have I used the solution?

We've used it for about four months.

What was my experience with deployment of the solution?

During installation, we had no problems with deployment.

What do I think about the stability of the solution?

We have had no problems with stability.

What do I think about the scalability of the solution?

We have had no problems with scalability.

How are customer service and technical support?

The level of local customer service was very good. Per our request, tested the product. We got all answers to our questions from technical support. I rate both of them highly.

Which solution did I use previously and why did I switch?

We used Wallix AdminBastion together with it.

How was the initial setup?

The initial setup was straightforward.

What about the implementation team?

A successful implementation for this product depends on how clearly the customer understands what they have and what they need in the future. In most cases, the customer turns out to be unsatisfied when it's unclear that they knew what they wanted prior to implementation. My main recommendation is to implement it together with the vendor, writing down the tasks, solutions, and the expected result before you begin.

What's my experience with pricing, setup cost, and licensing?

I think Fortinet has a balanced offering of prices and licenses.

What other advice do I have?

Fortinet's strategy is based on the dividing the product line depending on functionality. This allows customers to choose only the necessary feature set for them.

The Fortinet product line is wide – you can choose from SOHO to Enterprise, and from hardware to virtual solution. The presence of a free client (Win/Android/OS X) provides protection for client workstations. Each customer will be able to find the most suitable solution for them.

The balanced policy product line and licensing allows customers to choose only the necessary feature set for them. Also you can easily migrate from other vendors using single tools for conversion. Another tool helps you plan the placement of Wi-Fi points in the building. Also, it's very important that equipment has international and national certification such as PCI, DSS, etc. Presentation of products for SDN (Software-defined Networks including SDDC - Software-defined Data Center) confirms the company's leading position in the market.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Alireza Ghahrood - PeerSpot reviewer
Alireza GhahroodConsultant & Instructor -Cyber Security,GovernanceRIskCompliance (CISO as a Services) at Independent
Top 10Real User

I think Fortinet has a balanced offering of prices and licenses.

%50 %50

Buyer's Guide
Fortinet FortiAnalyzer
November 2024
Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Mohamed Gohary - PeerSpot reviewer
Project Manager at a tech services company with 51-200 employees
Real User
Enriches visibility for security solutions
Pros and Cons
  • "FortiAnalyzer's best feature is centralized log analysis. It's based on SQL database, so I can fully customize my report, chart-wise and log-wise, and can create as many reports as I want without any limit."
  • "FortiAnalyzer's price could be lower."

What is our primary use case?

I mainly use FortiAnalyzer to centralize logs from multiple devices and generate local reports. It can work in two operation modes: as a collector only or an analyzer.

How has it helped my organization?

FortiAnalyzer has enriched the visibility for all our security solutions.

What is most valuable?

FortiAnalyzer's best feature is centralized log analysis. It's based on SQL database, so I can fully customize my report, chart-wise and log-wise, and can create as many reports as I want without any limit. It also has an important feature called Indicators of Compromise, an artificial intelligence feature that detects and alerts you when there is a breach in your entity. 

For how long have I used the solution?

I've been using FortiAnalyzer for ten years.

What do I think about the stability of the solution?

FortiAnalyzer is a very mature and stable product.

What do I think about the scalability of the solution?

FortiAnalyzer is scalable. When my organization expands in any way, I can implement a FortiAnalyzer as a collector only, it will collect the log, and I can send this to the main analyzer. If I use the virtual alert mode, this is a stackable license, so I can expand the log size or the internal hard-disc log size by purchasing a license. There is also a workaround solution, to automatically upload the old log file to shared storage and delete the old one, which gives more space in the hard drive.

How are customer service and support?

FortiAnalyzer's technical support is helpful.

How would you rate customer service and support?

Positive

How was the initial setup?

FortiAnalyzer is straightforward to implement and integrate, but a little experience is needed to generate a technical level.

What was our ROI?

We get good ROI from FortiAnalyzer.

What's my experience with pricing, setup cost, and licensing?

FortiAnalyzer's price could be lower, but it is cheaper than competitors like Palo Alto, Forcepoint, or Sophos. The basic license is available on a yearly basis, but some other licenses can be for three, six, or nine months as required. There are no hidden costs associated with this product.

What other advice do I have?

Don't just depend on the basic reports, you can get much more out of FortiAnalyzer if you know how to create customized reports from the SQL queries. I would give FortiAnalyzer a rating of eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
PeerSpot user
Regional Head at MASS INFONET (P) LTD.
Real User
Enables us to see what the user is doing and what sites he goes to
Pros and Cons
  • "The solution allows for a lot of customization."
  • "Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues."

What is our primary use case?

We primarily distribute this product to our clients.

What is most valuable?

When you need the reporting on the ISP, you will hand it to FortiAnalyzer. It works amazingly well. 

With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer.

The solution is very complete.

The product is very simple to use. 

It's regularly updated with many versions constantly adding more content and information.

The solution has sandboxing, IPS, and DPS as well.

The solution allows for a lot of customization.

Whether it's FortiAnalyzer, FortiManager, FortiGate, FortiIP, and FortiSwitch you can manage everything through a single console. That is the beauty of Fortinet. It's the security fabrics on offer. When you use the security fabrics, harnessing that control on a single dashboard makes everything so easy and manageable. 

What needs improvement?

There aren't any features missing. It's very complete.

Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues.

The solution has some limitations. We use MNC, and it has a US patent. Here we can do this thing but we maybe can't do that thing. They provide some documents to customers, but the customers want remote support to take on and/or finish the work. That's why I have the deployment team in place. It's a team within our team.

For how long have I used the solution?

We don't really use the solution. We sell the solution to our clients.

What do I think about the stability of the solution?

We've never had issues with stability. It's excellent. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable.

What do I think about the scalability of the solution?

The scalability is good. If a company needs to scale the solution, they are able to do so very easily.

How are customer service and support?

We have our own technical support offering and have 22 people handling everything from tickets to critical issues. It's L3 support, not L2 or L1.

Fortinet's support, on the other hand, has a slow response time. That's why we handle issues. If you put in a ticket with Fortinet, you may not get a response for 15 or 20 days. Our response time is much quicker.

Which solution did I use previously and why did I switch?

We deal specifically in Fortinet products. We don't sell other solutions to our clients.

How was the initial setup?

The initial setup is not complex at all. It's very straightforward.

Deployment is very easy. If you're using multiple gateways you can just connect through a single gateway. 

What other advice do I have?

We are an official partner and distributor of Fortinet in Maharashtra and Goa. We have only Fortinet products, and we are the sales stockist and we also offer our services. We have a limited portfolio and handle products such as FortiGate, FortiManager, FortiSwitch, and FortiED as well as FortiAnalyzer.

You can see in the Gartner report, Fortinet remains in the top tier of products, alongside Palo Alto and Check Point. Even Sophos and Sonic Wall aren't as highly ranked as Fortinet.

There isn't much competition locally on the market here. Palo Alto is technically a competitor, however, it lacks a few things that Fortinet already has.

I would definitely recommend the product. In fact, I would recommend the whole Fortinet portfolio to each and every client. Of course, which product would depend on the client requirements. All are excellent.

I'd rate the solution ten out of ten. Technical support is lacking, however, we have an internal team that can fulfill those needs.

Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
PeerSpot user
Pre-sales Engineer at a wholesaler/distributor with 51-200 employees
Reseller
A stable solution that provides information about the state of all firewalls
Pros and Cons
  • "The most important feature is to be able to get reports or information about the state of all firewalls."
  • "Fortinet FortiAnalyzer is not in the cloud environment like some of the other products. There could be a possibility of extending its functionality to the cloud environment. If possible, they could have a deal with or integrate with other firewall manufacturers, like Palo Alto and Cisco, and mix the information. It is a difficult functionality. I don't know if any product in the market provides such functionality."

What is most valuable?

The most important feature is to be able to get reports or information about the state of all firewalls.

What needs improvement?

Fortinet FortiAnalyzer is not in the cloud environment like some of the other products. There could be a possibility of extending its functionality to the cloud environment. 

If possible, they could have a deal with or integrate with other firewall manufacturers, like Palo Alto and Cisco, and mix the information. It is a difficult functionality. I don't know if any product in the market provides such functionality.

For how long have I used the solution?

I have been using Fortinet FortiAnalyzer for around one year.

What do I think about the stability of the solution?

It is very stable.

What do I think about the scalability of the solution?

It is scalable up to the maximum requirement of our customers. Our customers don't require a lot of firewalls, such as 100 or 1,000.

How are customer service and technical support?

We have contacted their technical support, and there was no problem. In general, we can directly communicate with their technical support and technicians.

Which solution did I use previously and why did I switch?

I have used products from Palo Alto and Cisco.

How was the initial setup?

The initial setup is not complex. The configuration of Fortinet FortiAnalyzer is easy for basic information. The configuration can be complex if you want to do a lot of reporting.

What's my experience with pricing, setup cost, and licensing?

It is not very expensive when customers understand the value of this product and the importance of the information that it provides for security. 

What other advice do I have?

We are a reseller. We have some customers who use this product, and I help them with the configuration of the basic features. 

Fortinet FortiAnalyzer is useful for seeing the problems of the network and analyzing what is happening in your network. If you have an attack or some security problem, you can immediately see the information in the logs. 

I would rate Fortinet FortiAnalyzer an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
PeerSpot user
Network Security Engineer at ZOL Zimbabwe
Real User
Offers visibility of critical data in real-time for our clients, but the reports are over-summarized
Pros and Cons
  • "The most valuable features are customizing reports, and the ability to drill down to display critical information in real-time."
  • "The reports are good, but they are over-summarized."

What is our primary use case?

We use this solution for reporting. We also use it to keep logs for our clients that require logs with a history of more than seven days.

In addition to our own firewalls, we have several clients with firewalls that report into the same FortiAnalyzer.

We have a private cloud deployment, set up on-premises.

What is most valuable?

The most valuable features are customizing reports, and the ability to drill down to display critical information in real-time. FortiGate itself, for example, doesn't offer all of this information on the entry-level firewalls. You can get more detailed information from FortiAnalyzer based on the log that is retrieved from FortiGate while it is operating.

What needs improvement?

I would like to be able to do more customization. For example, I would like to be able to develop my own set of reports that I can upload to the analyzer, and then it can report in a fashionable way as to what I really expect, rather than the ones that are preconfigured. Then we can play around with them in terms of where you can position your top bandwidth users, and such.

The reports are good, but they are over-summarized.

For how long have I used the solution?

We have been using this solution for four years.

What do I think about the stability of the solution?

The device has been pretty much stable. We haven't really had issues with it in the time that we've been using it.

What do I think about the scalability of the solution?

The licensing limits the storage in terms of how much information it can store. For example, you can collect seven gigs of log files in a day.

We have twenty firewalls connecting to FortiAnalyzer. We are moving some of them to the FortiCloud platform because we get thirty days of reporting on a non-subscription basis with FortiCloud. With FortiAnalyzer, we would have to pay for more licenses.

At this stage, we do not plan to increase usage. The majority of our clients who have entry-level firewalls are now depending on FortiCloud. It is more robust than us having more of the FortiAnalyzer devices. Because FortiCloud is accessible from anywhere, a client can easily manage it, rather than us giving them access to the Fortianalyzer. So, we're finding FortiCloud being a better option than us having an on-site FortiAnalyzer.

How are customer service and technical support?

When I speak with Fortinet technical support it is usually in regards to FortiGate. I would rate their support team an eight out of ten. Sometimes, what happens is that we open a webchat with them where you don't have to open a ticket. The problem is that you may end up dealing with the level-one support who doesn't really give you the answer, so they then refer you to open a ticket. This delay can be a problem when you have a client that needs an issue resolved right then and there.

Which solution did I use previously and why did I switch?

We have not used any other solutions for log analysis.

How was the initial setup?

The initial setup of this solution is pretty straightforward. We have a few FortiGate firewalls, and they communicate with FortiAnalyzer over the public networks by sending their logs.

The deployment was not difficult and did not take much time. It is just the initial configuration on FortiAnalyzer, which takes no more than ten minutes. Then, the analyzer will be synchronized with FortiGate. It is just a matter of entering the FortiAnalyzer IP address, then allowing it to register. In total, it takes about twenty minutes.

There are three administrators for this solution, and I handle the maintenance myself.

What about the implementation team?

We handled the deployment ourselves. The documentation from Fortinet is pretty straightforward.

What's my experience with pricing, setup cost, and licensing?

The pricing of this solution is fair, and it is based on what you can manage. There are no costs in addition to the licensing fees.

Which other solutions did I evaluate?

We tried NetFlow Analyzer, and the product was good but it was highly expensive.

What other advice do I have?

This solution, at every stage, does what I expect it to.

My advice for anybody researching this solution is to consider the size of their organization. If it is very big and they need to retain a log for a specific number of days or a period of time, for example, going back to thirty days and they also need to analyze the traffic in real-time, then FortiAnalyzer would be ideal. However, the same service is now available on FortiCloud, which is something else that I highly recommend.

With other solutions, such as NetFlow Analyzer, you can really customize your report to what you expect. Together you can insert logs, you can customize your reports with the logs that you're receiving, unlike with FortiAnalyzer. This is a major drawback.

I would rate this solution a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
PeerSpot user
Adriaan Boshoff - PeerSpot reviewer
Network and Security Engineer at RaytonCOrp
Real User
Top 20
Provides detailed reporting, customizable dashboards, and an easy deployment
Pros and Cons
  • "The most valuable feature is the capability to create a customized dashboard."
  • "The integration between specific tenants and FortiAnalyzer can be simplified when utilizing a multi-tenant EMS for our FortiClient."

What is our primary use case?

Fortinet FortiAnalyzer is primarily utilized to generate quarterly reports showcasing blocked attacks and vulnerabilities. It employs features like WAV porting triggers and DNS triggers to effectively demonstrate to the client the security of their environment.

How has it helped my organization?

Fortinet FortiAnalyzer assists in showcasing the value of Fortinet and facilitates the upselling of additional Fortinet products to our customers.

What is most valuable?

The most valuable feature is the capability to create a customized dashboard. We can subsequently input our EMS, FortiClient, and FortiGate data into it and generate reports.

What needs improvement?

The integration between specific tenants and FortiAnalyzer can be simplified when utilizing a multi-tenant EMS for our FortiClient.

For how long have I used the solution?

I have been using Fortinet FortiAnalyzer for three months.

What do I think about the stability of the solution?

Fortinet FortiAnalyzer is stable.

What do I think about the scalability of the solution?

Fortinet FortiAnalyzer is scalable.

How are customer service and support?

I utilized the technical support services once, and I received a prompt response.

How was the initial setup?

The initial setup is straightforward. The deployment was an easy and smooth process. The deployment took one day and I did it myself.

What other advice do I have?

I would rate Fortinet FortiAnalyzer a nine out of ten.

Fortinet FortiAnalyzer does not require maintenance after the initial report setup. We simply have to remove and add FortiGate as needed for each report.

Before utilizing Fortinet FortiAnalyzer, individuals should determine the type of reporting they require. Additionally, they ought to be acquainted with FortiGate before endeavoring to use FortiAnalyzer.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
Security Engineer at a financial services firm with 501-1,000 employees
Real User
Overall features useful, reliable, but need more integration
Pros and Cons
  • "Overall we are satisfied with all the features the solution provides."
  • "There are a lot of solutions on the market and Fortinet FortiAnalyzer is limited. It cannot be used across multiple vendors. They can improve by advancing their technology."

What is our primary use case?

We are using Fortinet FortiAnalyzer for analyzing network traffic and it provides us with log analytics.

What is most valuable?

Overall we are satisfied with all the features the solution provides.

What needs improvement?

There are a lot of solutions on the market and Fortinet FortiAnalyzer is limited. It cannot be used across multiple vendors. They can improve by advancing their technology.

The solution could improve by having better integration and support with Apple, Linux, and Microsoft solutions.

For how long have I used the solution?

I have been using Fortinet FortiAnalyzer for approximately five years.

What do I think about the stability of the solution?

We have been making changes to the cloud signatures and categories because the market is changing and Fortinet FortiAnalyzer has been stable and reliable.

What do I think about the scalability of the solution?

The solution is scalable but there are additional costs if you want to increase the scalability.

How are customer service and technical support?

We have been satisfied with the support.

How was the initial setup?

The installation was not difficult.

What about the implementation team?

We did the implementation ourselves.

What's my experience with pricing, setup cost, and licensing?

In the local market sometimes people are being charged more than other solutions. Although the market is competitive, legitimate suppliers do not receive a large enough discount to pass onto the customers. 

Fortinet FortiAnalyzer is not suitable for everyone, it is best suited for mid-sized businesses but if the price could be reduced there would be more customers in all-sized businesses.

What other advice do I have?

I rate Fortinet FortiAnalyzer a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Product Categories
Log Management
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros sharing their opinions.