Fortinet FortiAnalyzer OverviewUNIXBusinessApplication

Fortinet FortiAnalyzer is the #9 ranked solution in Log Management Software. PeerSpot users give Fortinet FortiAnalyzer an average rating of 8.0 out of 10. Fortinet FortiAnalyzer is most commonly compared to Wazuh: Fortinet FortiAnalyzer vs Wazuh. Fortinet FortiAnalyzer is popular among the large enterprise segment, accounting for 53% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 21% of all views.
Fortinet FortiAnalyzer Buyer's Guide

Download the Fortinet FortiAnalyzer Buyer's Guide including reviews and more. Updated: December 2022

What is Fortinet FortiAnalyzer?

Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.

Fortinet FortiAnalyzer Features

Fortinet FortiAnalyzer has many valuable key features. Some of the most useful ones include:

  • Advanced threat detection capabilities
  • Centralized security analytics
  • End-to-end security posture awareness
  • Integration with FortiGate NGFWs, FortiClient, FortiSandbox, FortiWeb, and FortiMail
  • Incident detection and response
  • Playbook automation
  • Event management
  • Security services
  • Analytics and reporting

Fortinet FortiAnalyzer Benefits

There are many l benefits to implementing Fortinet FortiAnalyzer. Some of the biggest advantages the solution offers include:

  • Flexible deployment options
  • Enterprise-grade high availability
  • Security automation to reduce complexity, leveraging REST API, scripts, connectors, and automation stitches
  • Multi-tenancy solution with quota management, leveraging (ADOMs) to separate customer data and manage domains for operational effectiveness and compliance

Reviews from Real Users

Below are some reviews and helpful feedback written by PeerSpot users currently using the Fortinet FortiAnalyzer solution.

PeerSpot user Imad A., Group IT Manager at a manufacturing company, says, “You can monitor all appliances from a centralized location. You have a front dashboard for all our operations and all the logs. If you need to search for anything you can just dig deep into the logs. The solution offers excellent customizable reports. In our case, we needed a monthly report of all internet consumption, and we were able to easily create this.” He goes on to add, “There are pre-defined templates. The logs cover any question or need that we populate within these templates. However, you can also build your own template. There is great analytics that can be used in different departments. For example, our marketing department can go more into media patterns and not just into browsing patterns. Everything is easily visible and can be tracked and studied.”

Luis G., Systems Architect at Zentius, mentions, “Log collection is the most valuable [feature]. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.”

Rupsan S., Technical Presales Engineer at Dristi Tech Pvt.ltd., comments, "The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."

Dilip S., Regional Head at Mass Infonet (P) Ltd., explains, “With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer. The solution is very complete. The product is very simple to use. It's regularly updated with many versions constantly adding more content and information. The solution has sandboxing, IPS, and DPS as well. The solution allows for a lot of customization.”

Fortinet FortiAnalyzer Customers

General Directorate of Information Technology

Fortinet FortiAnalyzer Video

Fortinet FortiAnalyzer Pricing Advice

What users are saying about Fortinet FortiAnalyzer pricing:
  • "I rate FortiAnalyzer six out of 10 for affordability. FortiAnalyzer pricing isn't steady. It changes each quarter or year. That's one of the main problems in West Abaco because most businesses here are small or medium-sized enterprises. It makes budgeting complicated. You always want to pay the same price on the subscription."
  • "I believe that these devices were procured with a five-year maintenance and support license up front. I work at a university, so the vendor provides a considerable higher ed discount."
  • "When you compare with other firewall vendors, FortiAnalyzer is quite competitive in pricing."
  • Fortinet FortiAnalyzer Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Daniel Coleman - PeerSpot reviewer
    CEO/CTO at Eunoia Design
    Real User
    Top 10
    It creates a central point of management and control, giving you real-time insight into what is going on.
    Pros and Cons
    • "One of the most valuable features is the ability to analyze data in real-time using AR features to pull data from the industrial DB. You can know what is going on and see in milliseconds where the network is underperforming."
    • "The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation."

    What is our primary use case?

    We have multiple firewalls linked through a VPN. There is traffic from several branches and multiple points of failure, so you need to analyze this traffic to know what's coming in and going out. When you have more chains, there are more points of failure that can be exploited.  

    I use FortiAnalyzer on-premise and on the cloud. I update the solution at least once a year. I always update the firewall to the latest edition, so I can have three months or four months to test it in the VM. I use even more products and also AWS and Azure Cloud. About 9 percent of my company is responsible for security and networking. Everybody's on my team works with FortiAnalyzer.

    Our department has three security architects and four network engineers. They are beginning to place assistant administrators on the network. 

    How has it helped my organization?

    FortiAnanalyzer ensures you have an accurate view of all your devices, so you don't need to check each one. The analyzer creates a central point of management and control, giving you insight into what is going on. 

    So you want to move through that traffic that's coming in as the lock the analyzer will like to analyze the traffic in real-time so you can know what is going on. Yeah, so you customize it to be able to analyze what you want it to be able to analyze.

    What is most valuable?

    One of the most valuable features is the ability to analyze data in real-time using AR features to pull data from the industrial DB. You can know what is going on and see in milliseconds where the network is underperforming. 

    FortiAnalyzer also has good storage capacity for storing the logs. The notification capabilities are excellent, too. It sends alerts so always know what is going on. For example, if you're on a break and something goes wrong, it lets you know so can immediately go back and fix it. You don't need to be constantly sitting in front of it. 

    What needs improvement?

    The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation. 

    They need to update guide so it's more aligned with what the UI shows. The guide has lots of stuff in it, there sometimes you still don't get it. It takes too long for a new version of the documentation to come out. It still works, but the problem is that the UI is completely different, so it's challenging to find things. 

    Buyer's Guide
    Fortinet FortiAnalyzer
    December 2022
    Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
    656,474 professionals have used our research since 2012.

    For how long have I used the solution?

    I have used FortiAnalyzer for the last three and a half years.

    What do I think about the stability of the solution?

    FortiAnalyzer is stable at the time of release. You don't have problems when you install it. There aren't configuration breaks that you have to go fix. When you update, the transition is smooth. 

    What do I think about the scalability of the solution?

    FortiAnalyzer is scalable.

    How are customer service and support?

    I have contacted Fortinet support once or twice, but not for FortiAnalyzer. Some of my clients had a problem with FortiGate and the traffic-shaping policy. The traffic-shaping policy in the later version of FortiGate doesn't work like it used to. 

    Fortinet's technical support was dependable, helpful, and knowledgeable about the product. They were prompt and responsive, so it was good. I rate Fortinet support 10 out of 10. 

    Which solution did I use previously and why did I switch?

    I was using Cisco ASA before FortiAnalyzer. I started using SonicWall six years ago, and five years I discovered FortiGate. I find FortiAnalyzer easier to use than the other products.

    How was the initial setup?

    Setting up FortiAnalyzer is a bit complex for a beginner because you have a shallow understanding of what it is. Configuring the advanced features is somewhat challenging, but the basic setup isn't that tough. 

    Setting up FortiAnalyzer takes around five to 10 minutes. I rate my setup experience 10 out of 10. After deployment, there isn't too much maintenance. It's just the usual updates. That's it.

    What about the implementation team?

    I do the setup in-house. If I'm setting FortiAnalyzer for a client, I will typically walk them through step by step with the team, so they know how to set it up and what everything does. 

    What's my experience with pricing, setup cost, and licensing?

    I rate FortiAnalyzer six out of 10 for affordability. FortiAnalyzer pricing isn't steady. It changes each quarter or year. That's one of the main problems in West Abaco because most businesses here are small or medium-sized enterprises. It makes budgeting complicated. You always want to pay the same price on the subscription.

    At the same time, I think Fortinet pricing is reasonable compared to all the others. The value you get from Fortinet is better because it beats other vendors in terms of performance, functionality, and efficiency. New firewalls like Alexa are trying to compete in pricing, and people are looking into it to see, but Fortinet is good for now. However, they need to work on keeping the price consistent.  

    What other advice do I have?

    I rate FortiAnalyzer nine out of 10. My advice to anyone implementing FortiAnalyzer is to read about a product. If you do your homework, it's easier to set up. The next thing is to understand your environment, especially if you have multiple links over your network that leave you more vulnerable to attacks. 

    The more links you have, the more exposed you are to attacks. It is possible that one link can be vulnerable, and you won't take notice.FortiAnalyzer is the best choice. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Luis Gerardo Gonzalez - PeerSpot reviewer
    Systems Architect at ZENTIUS
    Reseller
    Top 10
    Great UI, good performance, and never crashes
    Pros and Cons
    • "Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine."
    • "It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software. It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow."

    What is our primary use case?

    We mostly use the FortiAnalyzer VM. We sell the license for this solution and also the professional service to have it. 

    There are different types of business needs of our clients because they're in different business areas. We have firewalls on them. Some of them are on the perimeter network, and some of them are being used as the core network solution. We collect all the logs from their FortiGates. 

    In some cases, we also use FortiWeb, which is a web application firewall. We also use FortiMail, which is an email protection solution or email security solution. We gather all the logs on FortiAnalyzer, and we try to do some flat counting and identify behavior or do behavior analysis from those logs and see what is interesting. Our team analyzes those events so that we can prevent any disruption of service because of the security, vulnerability, or issue.

    What is most valuable?

    Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.

    What needs improvement?

    It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software.

    It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow

    For how long have I used the solution?

    I have been using this solution for five years. 

    What do I think about the stability of the solution?

    We have the box or the VM running for more than a couple of years now. We do upgrade so that we can add new features that Fortinet is releasing, but it is pretty stable. It never crashes.

    What do I think about the scalability of the solution?

    It is a little complex in terms of scalability and mostly because we're using a kind of high-end systems. For scaling, you have to order a different licensing and move more power and computing into a new architecture. It doesn't have that much scalability.

    Our clients are SMB or small and medium businesses, but we also have plenty of customers on the campus wide area network.

    How are customer service and technical support?

    I would rate them a five out of ten. They will have to move their base locations to a different city. I'm not a native speaker of English, and sometimes, when we're trying, there is a language barrier. They're located in India or some Middle East city. They can do really better. Sometimes their response is not as adequate as other vendors.

    How was the initial setup?

    It was very straightforward. The deployment could take a couple of days to fine-tune all the rules for log management.

    What other advice do I have?

    There are plenty of solutions. Fortinet FortiAnalyzer is very helpful if you are really into FortiGate devices. We handle other firewalls, but 80% to 85% of them are Fortinet, so it is a very good solution because it has native integration with everything, but I wouldn't recommend it if you have less than 50% of Fortinet firewalls. If you have agnostic technology, you can integrate all of them into the same solution. FortiAnalyzer is only for FortiGates right now.

    I would rate Fortinet FortiAnalyzer a nine out of ten. It just needs more integration with IT service management tools for endpoint detection and response, which is the main objective.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
    PeerSpot user
    Buyer's Guide
    Fortinet FortiAnalyzer
    December 2022
    Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
    656,474 professionals have used our research since 2012.
    Security Engineer at a recreational facilities/services company with 10,001+ employees
    Real User
    Top 5
    It runs very well on its own and doesn't really need much TLC
    Pros and Cons
    • "FortiAnalyzer has a robust ability to find a compromised host on your network, and when you identify a compromised host, you can address it."
    • "Though FortiAnalyzer has improved over the last few versions, the user interface still has room for improvement. It's a bit dated-looking."

    What is our primary use case?

    The normal use case for FortiAnalyzer is log review, log analysis, etc.

    How has it helped my organization?

    FortiAnalyzer makes it much easier for us to find an apparently compromised host on the network.

    What is most valuable?

    FortiAnalyzer has a robust ability to find a compromised host on your network, and when you identify a compromised host, you can address it.

    What needs improvement?

    Though FortiAnalyzer has improved over the last few versions, the user interface still has room for improvement. It's a bit dated-looking. I guess that's the nicest way to describe it. In FortiAnalyzer, I would like the ability to turn off some of the services. So, for example, FortiAnalyzer can take data from FortiCamera products and turn off the FortiCamera stuff to lighten the load on the box or turn off the FortiSock product.

    For how long have I used the solution?

    I've been using FortiAnalyzer for about seven years.

    What do I think about the stability of the solution?

    FortiAnalyzer is really stable. It runs very well on its own and doesn't really need much TLC. It's a good product.

    What do I think about the scalability of the solution?

    It's pretty scalable. The units that we have are the right size for the amount of stuff that we're running, but they do have products that scale up to handle significantly more Fortigate firewalls in log stuff than we do. I would say about 20 people use FortiAnalyzer. There's me, the security engineer, and the network engineering team, which uses it to look at stuff on the firewalls or check the firewall logs. And our information security group uses it to look at stuff that's going on with the firewalls as well as compromised hosts. It is being used pretty well as we get further down the path of deploying our FortiGate-managed endpoint product. There'll be more users and probably more use cases for it in the future.

    Which solution did I use previously and why did I switch?

    I haven't really used a different solution previously. We've always used FortiAnalyzer in concert with Splunk.

    How was the initial setup?

    FortiAnalyzer is a pretty straightforward product to deploy. It took half a day to deploy a pair of FortiAnalyzers and set them up in high availability mode. I deployed it by myself. These are hardware appliances, so there were a couple of devices that needed to be racked, powered, and configured.

    What's my experience with pricing, setup cost, and licensing?

    I believe that these devices were procured with a five-year maintenance and support license up front. I work at a university, so the vendor provides a considerable higher ed discount.

    Which other solutions did I evaluate?

    It's all part of our Fortinet ecosystem, so we didn't really consider alternatives. I have a significant investment in FortiGate firewalls, so it just made sense to add FortiAnalyzer.

    What other advice do I have?

    I rate FortiAnalyzer eight out of 10. It does an outstanding job of what it does. But the vendor doesn't necessarily live up to the hype, which is why it only got an eight out of 10. There's a lot of hype about the Fortinet security fabric. But for the large customers that buy their large firewalls and deploy them in infrastructure components, the Fortinet fabric does not work. If you are considering FortiAnalyzer, I suggest having a complete understanding of how your firewall infrastructure works in terms of what data you're going to and from it for analysis and what you're looking for in that analysis.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Implementation Manager at a tech services company with 51-200 employees
    Reseller
    Top 10
    Easy to implement and robust with good technical support
    Pros and Cons
    • "The solution is very easy to deploy."
    • "In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short."

    What is our primary use case?

    We're resellers of Fortinet. The solution is a product for doing diagnostics on their security environment. Our primary clients are banks or medical organizations.

    What is most valuable?

    The solution is very easy to deploy. 

    We are very familiar with the product. It makes it easy to use and implement. 

    The interface is easy to configure and fast to deploy. For that reason we use FortiAnalyzer.

    What needs improvement?

    FortiAnalyzer only works with other Fortinet products. If you need to analyze the data from other devices, other vendors, this solution is not the best one to use.

    The interoperability with other vendors is lacking. It's very limited. You can scan the logs from other vendors within FortiAnalyzer, however, it only collects these logs. You can't analyze anything coming from other devices or vendors. This works very well with Fortinet products. When you need to interoperate with other vendors, it's difficult, because you don't have that support.

    In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short.

    For how long have I used the solution?

    We've been using the solution for more than ten years at this point. It's been a decade or so.

    What do I think about the stability of the solution?

    The stability of the solution is excellent. It's very robust. We don't have issues with bugs or glitches. It doesn't crash or freeze. It's extremely reliable.

    What do I think about the scalability of the solution?

    The scalability is okay, however, it depends. If you do your homework and make the right sizing, you don't need the scalability. However, if you need scalability, it depends on the kind of client. You may need to change the box or move the FortiAnalyzer to another analyzer - something bigger - or maybe move the analyzer hardware to a better machine, depending on the customer.

    Normally, we deal with small to medium-sized organizations.

    How are customer service and technical support?

    The technical support is very good. We have support right here in our country, and they give us very good support. We don't have a problem in this case. We've very satisfied with the level of service we get.

    How was the initial setup?

    The initial setup is not complex at all. It's very, very straightforward.

    The deployment is quick and it's easy to configure. How long it takes depends on the size of the company that we are working for. Normally, we're able to do it within the same day, and we deploy the device or the virtual machine within that time frame. Depending on the requirements of the company, we may also optimize the reporting.

    What about the implementation team?

    We handle the deployment ourselves. We've been doing it for so long at this point, we've very comfortable with it.

    What other advice do I have?

    We use different deployment versions of Fortinet solutions. We use, for example, 200E and 200D and 100 too. These are the most popular. Right now, use the virtual environment.

    This is a product that is very good for when you're using a Fortinet ecosystem. If you have a mix of vendors, it's not recommended.

    Overall, I would rate the solution at a nine out of ten. We've been quite happy with their offering.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
    PeerSpot user
    Yati Gharat - PeerSpot reviewer
    Chief Technology Officer at Litmus
    Real User
    Top 5
    Can be used by institutions whose data needs to be on-premises and not in the cloud
    Pros and Cons
    • "I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the issues with the network traffic such as any security issues to be valuable. I also like the compliance reports."
    • "One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs. There were false positives, so we needed to have some ratings related to false positives."

    What is our primary use case?

    Most of our clients are banking and financial institutions, so their data doesn't go to the cloud as such. Their data is on-premises only. Some of our clients can go to the cloud to save the price and do management, administration, and so on, but then most of our clients, use on-premises FortiAnalyzer.

    How has it helped my organization?

    Fortianalyzer helped us to manage fortigate devices and update them from central location.

    What is most valuable?

    I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the issues with the network traffic such as any security issues to be valuable. I also like the compliance reports.

    It is a very stable and scalable solution.

    What needs improvement?

    One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs. There were false positives, so we needed to have some ratings related to false positives.

    It is easy to set up is you have FortiGate firewalls. We tried setting up with other devices, and I don't think it supports other firewalls or other devices. If it did, then it would have been great because we would have been able to use FortiAnalyzer for hybrid environments with different OEM firewalls.

    If we can have an intelligent analysis system which will detect false positives and detect the exact problem, it would be great.  If FortiAnalyzer can integrate with FortiSIEM and give us threat reports, that will also help because then I won't need to have another tool or another dashboard which I need to look out for.

    For how long have I used the solution?

    I've been using it for four years.

    What do I think about the stability of the solution?

    It is a very stable product, and we have had no issues at all.

    What do I think about the scalability of the solution?

    It is easy to scale; there are no challenges.

    How are customer service and support?

    The technical support is good. Most of the time, when we escalate the tickets the second line of support, FortiGate support, has been very good. The first line might take up time, but the second line of support resolves the case quite quickly.

    Which solution did I use previously and why did I switch?

    Yes we used checkpoint for our organisation , but it was a complex system to manage, we expect a firewall to be a simple device to avoid complexity.

    How was the initial setup?

    The initial setup is quite simple with FortiGate devices. So, if you have FortiGate firewalls, it is quite easy to set up. Once Fortinet FortiAnalyzer is configured, then the only thing we need to do is to monitor it.

    What's my experience with pricing, setup cost, and licensing?

    When you compare with other firewall vendors, FortiAnalyzer is quite competitive in pricing. They are very aggressive as well.

    Which other solutions did I evaluate?

    Yes we did evaluate paloa alto , but it went into backburner due cost factor.

    What other advice do I have?

    If you have critical objects to protect or critical data to protect, then you should go for FortiAnalyzer.

    On a scale from one to ten, I would rate Fortinet FortiAnalyzer at eight.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Conseiller en architecture technologique at a government with 1-10 employees
    Real User
    Top 10
    Stable with good technical support and a good user experience
    Pros and Cons
    • "The user interface is good and it is quite easy to use."
    • "From my point of view, at this time, the solution isn't lacking any features or functionalities."

    What is our primary use case?

    We primarily use the solution in order to analyze data.

    If you have two devices that need to communicate with each other, so you can see where any issue is as you can see every single communication. It shows the flux of communication.

    What is most valuable?

    The most valuable aspect of the solution is its ability to pinpoint where the issue is. If two devices need to communicate together, you can see which interfaces they are using. 

    The stability has been very good so far. We haven't had any issues with it.

    Technical support is always quite responsive and very helpful.

    Overall, the product is quite good. It integrates well and has good reporting and logging.

    The user interface is good and it is quite easy to use.

    What needs improvement?

    From my point of view, at this time, the solution isn't lacking any features or functionalities. It's very complete for our purposes.

    For how long have I used the solution?

    I've been working with the solution for less than a year. It's still quite new to me.

    What do I think about the stability of the solution?

    The product has been quite stable. There are no bugs or glitches. It doesn't crash or freeze. Its been reliable in terms of performance overall.

    What do I think about the scalability of the solution?

    I can't speak to the scalability. It's not an aspect of the solution I've tried to deal with. I'm unsure if it expands easily or if it would be difficult to do so.

    How are customer service and technical support?

    I personally have opened two tickets with technical support in the past and everything has gone very well. They were knowledgeable and responsive and they helped me solve the issues. I have no complaints about their level of service. I've been very satisfied with them.

    How was the initial setup?

    By the time I joined my current organization, the solution was already installed and configured. Unfortunately, I was not a part of the process and therefore can speak to how easy or difficult it was.

    What's my experience with pricing, setup cost, and licensing?

    I don't handle the licensing or the costs. I can't speak to how much it is for our company or if it is expensive or affordable. I'm not privy to that kind of information.

    That said, it's my understanding, as a comparison, that Fortinet products are cheaper than their Cisco counterparts.

    What other advice do I have?

    We just installed our latest version a few weeks ago. It's the brand-new version of the product.

    For those considering the solution, I've been told that it's cheaper to buy Fortinet or FortiGate instead of buying Cisco ASA. If cost is a concern, it might be a good idea to look at Fortinet.

    We are just customers and end-users of Fortinet. We don't have a business relationship with them.

    Overall, I would rate the solution at an eight out of ten. It's largely been very good.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Security Engineer at a tech services company with 1-10 employees
    Real User
    Top 5
    Easily allows for multiple cluster groups but the GUI needs improvement
    Pros and Cons
    • "The scalability is good. It is also good in the cluster nodes. You can make multiple FortiAnalyzer clusters groups, and you can distribute the logs between these FortiAnalyzer nodes. In other words, you can expand the scale."
    • "In terms of what could be improved, sometimes it's lagging and it also has some graphical issues with the GUI."

    What is most valuable?

    Fortinet FortiAnalyzer is simple and reliable. It does what the product says it would do. We have a lot of replacements in Turkey, Palo Alto, Check Point, and Forcepoint. We are replacing these various vendors with Fortinet products. But there are some software issues, like bugs or bug fixes. Otherwise, we are very happy with Fortinet products.

    What needs improvement?

    In terms of what could be improved, sometimes it's lagging and also has some graphical issues with the GUI. The correlation mechanism and the analytics are not as good as the competitors like Check Point or Panorama. But for IoT and SoT, it has graphical dashboards and analytical diagram tables that can correlate various logs from other products like FortiMail and FortiWeb, so it is a good mechanism for Fortinet products. If you have various Fortinet products for your firm, you can use FortiAnalyzer like a synchro mechanism.

    But it needs development for software issues like the GUI bug, some logs not showing, not collecting some logs... They need to fix them.

    For how long have I used the solution?

    I have been using Fortinet FortiAnalyzer for almost five years and maybe six years experience with Fortinet products.

    What do I think about the scalability of the solution?

    The scalability is good. It is also good in the cluster nodes. You can make multiple FortiAnalyzer clusters groups, and you can distribute the logs between these FortiAnalyzer nodes. In other words, you can expand the scale.

    How are customer service and technical support?

    We have SLA agreements with the customers, so we are giving the technical support.

    How was the initial setup?

    The initial setup is very simple.

    If it is an individual environment, it may take one hour to complete the entire initial setup.

    If the hardware requires physical adjustments for the cabinet location or the protected area, then it may take 2 hours.

    What other advice do I have?

    I would absolutely recommend FortiAnalyzer. Fortinet products have internal logging mechanisms if they have internal disks or stores. But if you have multiple location SD-WAN branches for multiple areas you are controlling with FortiGate, the hardware doesn't give any disk or storage, only limited storage. So if you want to go further on the logging, you have limited options, maybe one week or two weeks. So if you're using a FortiAnalyzer in the SD-WAN branches, you have a centralized logging mechanism, so you can collect all the logs in a  central location and you can make the correlations or analytics with all the devices. Otherwise, you can go device, device to see what is happening on each site.

    On a scale of one to ten, I would give Fortinet FortiAnalyzer a seven.

    To improve this rating, as I mentioned, I need to see the older bugs, the graphical user experience, made better, like Check Point. Check Point is more visual than FortiAnalyzer. If the customer has experience with the Check Point logging mechanism, they will seek additional features in the FortiAnalyzer, but it has to be more visual. 

    So as I said, the graphical issues must improve.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Senior Manager (Engineering Department) at a comms service provider with 10,001+ employees
    Real User
    Top 5
    User-friendly, easy to deploy and simple to create reports
    Pros and Cons
    • "The solution is quite easy to deploy."
    • "The solution should be more price competitive."

    How has it helped my organization?

    The clients using this solution have wifi for their guests and for their own users. They want to know which user has used their wifi to access the internet, and probably use this knowledge for a kind of security management purpose.

    What is most valuable?

    The solution is quite easy to deploy. For the user, they don't need to have a lot of technical know-how. It is easy to generate the report for review by the management.

    The solution is stable and reliable.

    We have not faced any scalability issues.

    What needs improvement?

    The solution should be more price competitive.

    For how long have I used the solution?

    I've used the solution for one or two years. I used it on a recent project.

    However, the first time I used this product was in 2006 for our own infrastructure. We are not using it in our infrastructure anymore.

    What do I think about the stability of the solution?

    The solution is stable. There are no bugs or glitches. It doesn't crash or freeze. The performance is reliable. 

    What do I think about the scalability of the solution?

    In terms of scalability, it really depends. For our customer, the SME customer, not that many people need it. If you talk about scalability around analysis, related to the hub and space, the hub disk size, and the capacity of the box, for the on-prem model, we need to choose it with some buffer. We can't foresee any scalability issue for that customer. 

    We only have one client on the solution. 

    How are customer service and support?

    While I haven't directly dealt with technical support, I have not heard any complaints from my colleagues that may have. I would say that the support has been satisfactory for the moment.

    How was the initial setup?

    The initial setup is pretty straightforward. That said, I didn't handle it directly. We had an internal team that did the implementation. 

    Most of the time, one engineer is sufficient for a small deployment, just two AP, one firewall, and one analyzer.

    What about the implementation team?

    The implementation work was done by my engineers. We did not need any outside assistance from any integrators or consultants. 

    What's my experience with pricing, setup cost, and licensing?

    I can't remember if they have a new license for software maintenance. They have maintenance that is charged annually. Unlike a firewall, they have a UTM license you need to pay annually and then only an annual maintenance cost for the hardware, for FortiAnalyzer.

    I'm not sure what the exact price is at the moment. However, my understanding is the pricing could be better.

    What other advice do I have?

    I would recommend the solution to others. We have been happy with its overall capabilities. I'd rate the solution at an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Buyer's Guide
    Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros sharing their opinions.
    Updated: December 2022
    Product Categories
    Log Management
    Buyer's Guide
    Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros sharing their opinions.