What needs improvement with Fortinet FortiAnalyzer?

The solution provides details like category, IP address, and location. It would be good if the product could provide data about the websites users visit. It will be better if the product can build its UI like Cisco Meraki’s.

Fortinet FortiAnalyzer needs to improve its pricing flexibility.

The upgrade process for Fortinet FortiAnalyzer is slow.

Fortinet has a new bug every month, which needs to be improved.

I feel that Fortinet FortiAnalyzer is a little bit heavy, making it an area where improvements are required.

The product's high price is an area of concern where improvements are required.

The solution could embed monitoring.

It would be beneficial to enhance the streamlining of the generation of automated reports related to compliance, such as PCI DSS or HIPAA, based on the logs collected. Automated reports focusing on compliance issues would provide a clearer understanding of potential gaps and the need for remediation. This feature would significantly simplify the process of identifying and addressing areas that require attention.

I don't find Fortinet FortiAnalyzer to be as robust as Check Point Security Management. However, this perception might be attributed to my limited familiarity with Fortinet FortiAnalyzer. For instance, with Check Point, I can easily make modifications to rules such as identifying issues, making corrections, or adding new features. This includes creating exceptions or adding elements to the current rule set.

The integration between specific tenants and FortiAnalyzer can be simplified when utilizing a multi-tenant EMS for our FortiClient.

Our organization desired a feature in the solution, but it was unavailable. Our organization wants the solution to be able to provide us access to a centralized dashboard that displays a log view for all firewalls under Fortinet FortiAnalyzer. We also wanted to be able to monitor the utilization of our internet proactively through the dashboard. Since such a facility is unavailable, we approached the technical team, who informed us that this task is not within their purview. The solution's failure to offer a centralized dashboard with certain essential capabilities is an area where the solution can improve. It would be highly beneficial if the solution offered a centralized dashboard to its users.

The deployment is complex and has room for improvement.

It can be a difficult solution to sell. The solution is expensive. The customer needs to have extensive knowledge in order to use the solution properly.

We'd like to see more embedded features. We'd like to see more SIEM capabilities. I'd love to see this merged with FortiSIEM for example.

This is a difficult question for me to answer. I want the tool to have a sophisticated and customizable dashboard similar to the one in the SIEM solution. However, I'm not sure if that is in the pipeline. Basically, I would say that it's not a pure SIEM solution where your customer can have a layer on a view of dashboards or advanced dashboards.

The solution costs too much.

Software reports are good but should match the dashboard and include top-level output instead of just base or low-level devices. Currently, we need to look into web URLs to analyze information. We are planning to move to the next level because we need threads for other devices such as HDMI or VGA output.

Fortinet FortiAnalyzer could improve the user interface, and the experience of users receiving the reports and tracking could be better.

The fact that it only works with FortiGate devices is quite unfair. We would like to do the reporting, logging, and administration of all the public devices and all the IoT devices. We wish to add the switches, and routers from different vendors, so it's not a vendor-specific diagnostic solution.

We are concerned about the compliance of our policy and institutional philosophy. We are a university and provide the tool to the users and to the infrastructure for the right use.

The user interface could be a bit more user-friendly, and they could have more robust support. The support does not respond quickly. They should be able to solve the problems in one or two days, but sometimes it takes time. They constantly ask for logs, and it takes time.

The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation. They need to update guide so it's more aligned with what the UI shows. The guide has lots of stuff in it, there sometimes you still don't get it. It takes too long for a new version of the documentation to come out. It still works, but the problem is that the UI is completely different, so it's challenging to find things.

Feature-wise, it is working very well for us. We don't need any additional features. However, its pricing can be improved. For small business customers, price is an important factor.

The pricing could be better. We'd like integration with more providers. The initial setup can be difficult.

Fortinet FortiAnalyzer could improve by having better integration with other vendors.

The traffic monitoring could be better, and stability could be improved.

The solution should be more price competitive.

The cloud version can be expensive. If the customers could get the resources to store the logs on-premises, it would be much better. In terms of features, there is no need for additional features.

Areas for improvement would be the default template reporting and the user-friendliness of the report customization. In the next release, I would like to see more information about tracking intelligence.

Though FortiAnalyzer has improved over the last few versions, the user interface still has room for improvement. It's a bit dated-looking. I guess that's the nicest way to describe it. In FortiAnalyzer, I would like the ability to turn off some of the services. So, for example, FortiAnalyzer can take data from FortiCamera products and turn off the FortiCamera stuff to lighten the load on the box or turn off the FortiSock product.

Fortinet FortiAnalyzer cannot use as SNMP Manager so cannnot receive any queries of SNMP. They should add this feature in the future to help manage solutions.

There are a lot of solutions on the market and Fortinet FortiAnalyzer is limited. It cannot be used across multiple vendors. They can improve by advancing their technology. The solution could improve by having better integration and support with Apple, Linux, and Microsoft solutions.

The pricing could be better. They could work to make it more competitive on the market. The report module could be simplified a bit to make it easier to use. Technical support has been very bad. They should work to improve their level of service.

One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs. There were false positives, so we needed to have some ratings related to false positives. It is easy to set up is you have FortiGate firewalls. We tried setting up with other devices, and I don't think it supports other firewalls or other devices. If it did, then it would have been great because we would have been able to use FortiAnalyzer for hybrid environments with different OEM firewalls. If we can have an intelligent analysis system which will detect false positives and detect the exact problem, it would be great. If FortiAnalyzer can integrate with FortiSIEM and give us threat reports, that will also help because then I won't need to have another tool or another dashboard which I need to look out for.

From my point of view, at this time, the solution isn't lacking any features or functionalities. It's very complete for our purposes.

In terms of what could be improved, sometimes it's lagging and also has some graphical issues with the GUI. The correlation mechanism and the analytics are not as good as the competitors like Check Point or Panorama. But for IoT and SoT, it has graphical dashboards and analytical diagram tables that can correlate various logs from other products like FortiMail and FortiWeb, so it is a good mechanism for Fortinet products. If you have various Fortinet products for your firm, you can use FortiAnalyzer like a synchro mechanism. But it needs development for software issues like the GUI bug, some logs not showing, not collecting some logs... They need to fix them.

FortiAnalyzer only works with other Fortinet products. If you need to analyze the data from other devices, other vendors, this solution is not the best one to use. The interoperability with other vendors is lacking. It's very limited. You can scan the logs from other vendors within FortiAnalyzer, however, it only collects these logs. You can't analyze anything coming from other devices or vendors. This works very well with Fortinet products. When you need to interoperate with other vendors, it's difficult, because you don't have that support. In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short.

It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software. It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow.

We should be able to do the patch upgrades in a centralized manner. This functionality is currently not there. It would be good to be able to do the firmware updates from one place and at the same time. Currently, if we want to update all appliances, we require FortiManager, which is another solution from Fortinet. Its documentation can be improved. It will be helpful for implementing the product and gaining knowledge for management purposes.

It is a pretty big software package. It has a lot of features which maybe aren't that useful. It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot. The could be more automation and more artificial intelligence integrated into the solution. It was a service model application originally. It needs to have some artificial intelligence in dealing with the analysis of the nodes, and not just showing the nodes. I'm one version behind the latest version, so I don't know if they added it yet, however, if they haven't it would be a good thing to put into their roadmap.

Currently, no solution can offer you 100% protection from viruses such as WannaCry ransomware. Fortinet should strive to improve their prevention systems.

There aren't any features missing. It's very complete. Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues. The solution has some limitations. We use MNC, and it has a US patent. Here we can do this thing but we maybe can't do that thing. They provide some documents to customers, but the customers want remote support to take on and/or finish the work. That's why I have the deployment team in place. It's a team within our team.

Fortinet FortiAnalyzer is not in the cloud environment like some of the other products. There could be a possibility of extending its functionality to the cloud environment. If possible, they could have a deal with or integrate with other firewall manufacturers, like Palo Alto and Cisco, and mix the information. It is a difficult functionality. I don't know if any product in the market provides such functionality.

They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products. It would also be good to include customizable reports and customizable views of the reports.

One of the main disadvantages is not having a direct link to the security policy when you see something in the log. You should be able to right-click and go directly to the security policy. When you compare with Checkpoint, they are very good with reporting and logging, and when you right-click on the log you can go to the policy and edit it. In the next release, I would like to have a feature added where you can right-click and it takes you directly to the policy to edit it.

The solution doesn't have online analysis. We can't analyze certain parts of the logs. For example, we can't analyze current logs. It would be helpful if we could use the system we use to monitor everything to also check the live traffic or live logs. The solution lacks business intelligence features. It's much too basic.

I would like to be able to do more customization. For example, I would like to be able to develop my own set of reports that I can upload to the analyzer, and then it can report in a fashionable way as to what I really expect, rather than the ones that are preconfigured. Then we can play around with them in terms of where you can position your top bandwidth users, and such. The reports are good, but they are over-summarized.

Reporting wasn't very good in the previous version, but I believe it has greatly improved. The newer version has more features and the quality of reporting is better too. I would also like to see an improvement in the rebooting.

With FortiAnalyzer, most of the time, although the interface is simplified, when you are new to it you have issues of navigating through it. And when it comes to pushing logs to a SIEM, most of the time we have some issues when it comes to filtering. Also, reports need to be simplified because its reporting currently includes more detailed and technical things. If we could get a simplified or executive summary, that would be good.

The solution is quite expensive. The solution could use more graphics and be more specific in the dashboard. This way, I'm able to understand everything and effectively understand what's going on, including what's incoming and outgoing. Right now, I have to look up everything. I need a dashboard so that I can see specific items right there in one place.

Every time there is a firmware upgrade the interface changes, and you'll have to maneuver that interface to see how to use it. When somebody is new to the system they find it difficult to perform certain operations, like backups, and to see where the reports are. A more user-friendly interface would be an improvement. I would like to see support for analyzing the wireless site, without going through the controller. For example, I would like to see a report on the full data including the APs that were up or down, and whether something has been upgraded.

I would like to see an improvement in the technical support. Stronger authentication will also be a plus. In the next version, I would like to have authentication for 40 tokens.

I'm looking for something more efficient to analyze different foreign things. That's why FortiSIEM could compete with FortiAnalyzer.

It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs.