Fortinet FortiAnalyzer Reviews

We primarily use it for logging collection. 

It's a simple log collection tool. There isn't too much that's special or unique about it. 

It meets our expectations for the most part.

The solution does offer very useful integration capabilities. 

The interface is fine.

The initial setup is straightforward. 

The pricing could be better. They could work to make it more competitive on the market.

The report module could be simplified a bit to make it easier to use. 

Technical support has been very bad. They should work to improve their level of service.

I've been dealing with the solution for about seven years at this point. It's been a while. I have a lot of experience with it. 

The solution is stable and there are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is good. 

The scalability might be limited depending on the installation.

We haven't been happy with technical support. We find the service to be quite bad. For example, in our last experience dealing with them, we had multiple issues and the outcomes were not great. We were disappointed with the help we received. 

The initial setup is not overly complex or difficult. It's straightforward enough. A company shouldn't have any issues with the setup.

The pricing isn't the least expensive on the market. They could work to improve it to make it more interesting for other companies. Adjusting pricing might be a good move.

I've personally looked into other security solutions, just to understand the market for myself. I've personally compared Fortinet, Meraki, Check Point, and Cisco ASA Firewall in terms of their safety and security capabilities. 

We're Fortinet partners. We have a business relationship with the company.

I'd give the solution a rating of six out of ten.

I'd still recommend it to other users, however. If the reporting, interface, and tech support were a bit better, I'd rate it higher. 

Fortinet FortiAnalyzer is simple and reliable. It does what the product says it would do. We have a lot of replacements in Turkey, Palo Alto, Check Point, and Forcepoint. We are replacing these various vendors with Fortinet products. But there are some software issues, like bugs or bug fixes. Otherwise, we are very happy with Fortinet products.

In terms of what could be improved, sometimes it's lagging and also has some graphical issues with the GUI. The correlation mechanism and the analytics are not as good as the competitors like Check Point or Panorama. But for IoT and SoT, it has graphical dashboards and analytical diagram tables that can correlate various logs from other products like FortiMail and FortiWeb, so it is a good mechanism for Fortinet products. If you have various Fortinet products for your firm, you can use FortiAnalyzer like a synchro mechanism.

But it needs development for software issues like the GUI bug, some logs not showing, not collecting some logs... They need to fix them.

I have been using Fortinet FortiAnalyzer for almost five years and maybe six years experience with Fortinet products.

The scalability is good. It is also good in the cluster nodes. You can make multiple FortiAnalyzer clusters groups, and you can distribute the logs between these FortiAnalyzer nodes. In other words, you can expand the scale.

We have SLA agreements with the customers, so we are giving the technical support.

The initial setup is very simple.

If it is an individual environment, it may take one hour to complete the entire initial setup.

If the hardware requires physical adjustments for the cabinet location or the protected area, then it may take 2 hours.

I would absolutely recommend FortiAnalyzer. Fortinet products have internal logging mechanisms if they have internal disks or stores. But if you have multiple location SD-WAN branches for multiple areas you are controlling with FortiGate, the hardware doesn't give any disk or storage, only limited storage. So if you want to go further on the logging, you have limited options, maybe one week or two weeks. So if you're using a FortiAnalyzer in the SD-WAN branches, you have a centralized logging mechanism, so you can collect all the logs in a  central location and you can make the correlations or analytics with all the devices. Otherwise, you can go device, device to see what is happening on each site.

On a scale of one to ten, I would give Fortinet FortiAnalyzer a seven.

To improve this rating, as I mentioned, I need to see the older bugs, the graphical user experience, made better, like Check Point. Check Point is more visual than FortiAnalyzer. If the customer has experience with the Check Point logging mechanism, they will seek additional features in the FortiAnalyzer, but it has to be more visual. 

So as I said, the graphical issues must improve.

We're resellers of Fortinet. The solution is a product for doing diagnostics on their security environment. Our primary clients are banks or medical organizations.

The solution is very easy to deploy. 

We are very familiar with the product. It makes it easy to use and implement. 

The interface is easy to configure and fast to deploy. For that reason we use FortiAnalyzer.

FortiAnalyzer only works with other Fortinet products. If you need to analyze the data from other devices, other vendors, this solution is not the best one to use.

The interoperability with other vendors is lacking. It's very limited. You can scan the logs from other vendors within FortiAnalyzer, however, it only collects these logs. You can't analyze anything coming from other devices or vendors. This works very well with Fortinet products. When you need to interoperate with other vendors, it's difficult, because you don't have that support.

In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short.

We've been using the solution for more than ten years at this point. It's been a decade or so.

The stability of the solution is excellent. It's very robust. We don't have issues with bugs or glitches. It doesn't crash or freeze. It's extremely reliable.

The scalability is okay, however, it depends. If you do your homework and make the right sizing, you don't need the scalability. However, if you need scalability, it depends on the kind of client. You may need to change the box or move the FortiAnalyzer to another analyzer - something bigger - or maybe move the analyzer hardware to a better machine, depending on the customer.

Normally, we deal with small to medium-sized organizations.

The technical support is very good. We have support right here in our country, and they give us very good support. We don't have a problem in this case. We've very satisfied with the level of service we get.

The initial setup is not complex at all. It's very, very straightforward.

The deployment is quick and it's easy to configure. How long it takes depends on the size of the company that we are working for. Normally, we're able to do it within the same day, and we deploy the device or the virtual machine within that time frame. Depending on the requirements of the company, we may also optimize the reporting.

We handle the deployment ourselves. We've been doing it for so long at this point, we've very comfortable with it.

We use different deployment versions of Fortinet solutions. We use, for example, 200E and 200D and 100 too. These are the most popular. Right now, use the virtual environment.

This is a product that is very good for when you're using a Fortinet ecosystem. If you have a mix of vendors, it's not recommended.

Overall, I would rate the solution at a nine out of ten. We've been quite happy with their offering.

We mostly use the FortiAnalyzer VM. We sell the license for this solution and also the professional service to have it. 

There are different types of business needs of our clients because they're in different business areas. We have firewalls on them. Some of them are on the perimeter network, and some of them are being used as the core network solution. We collect all the logs from their FortiGates. 

In some cases, we also use FortiWeb, which is a web application firewall. We also use FortiMail, which is an email protection solution or email security solution. We gather all the logs on FortiAnalyzer, and we try to do some flat counting and identify behavior or do behavior analysis from those logs and see what is interesting. Our team analyzes those events so that we can prevent any disruption of service because of the security, vulnerability, or issue.

Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.

It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software.

It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow. 

I have been using this solution for five years. 

We have the box or the VM running for more than a couple of years now. We do upgrade so that we can add new features that Fortinet is releasing, but it is pretty stable. It never crashes.

It is a little complex in terms of scalability and mostly because we're using a kind of high-end systems. For scaling, you have to order a different licensing and move more power and computing into a new architecture. It doesn't have that much scalability.

Our clients are SMB or small and medium businesses, but we also have plenty of customers on the campus wide area network.

I would rate them a five out of ten. They will have to move their base locations to a different city. I'm not a native speaker of English, and sometimes, when we're trying, there is a language barrier. They're located in India or some Middle East city. They can do really better. Sometimes their response is not as adequate as other vendors.

It was very straightforward. The deployment could take a couple of days to fine-tune all the rules for log management.

There are plenty of solutions. Fortinet FortiAnalyzer is very helpful if you are really into FortiGate devices. We handle other firewalls, but 80% to 85% of them are Fortinet, so it is a very good solution because it has native integration with everything, but I wouldn't recommend it if you have less than 50% of Fortinet firewalls. If you have agnostic technology, you can integrate all of them into the same solution. FortiAnalyzer is only for FortiGates right now.

I would rate Fortinet FortiAnalyzer a nine out of ten. It just needs more integration with IT service management tools for endpoint detection and response, which is the main objective.

We basically use it for security. We are using the latest version.

Its robust security and performance are the two main features. We also use the log reporting feature. 

We should be able to do the patch upgrades in a centralized manner. This functionality is currently not there. It would be good to be able to do the firmware updates from one place and at the same time. Currently, if we want to update all appliances, we require FortiManager, which is another solution from Fortinet.

Its documentation can be improved. It will be helpful for implementing the product and gaining knowledge for management purposes.

I have been using Fortinet FortiAnalyzer for three years.

It is stable.

It is scalable. This solution is being used for a government department with a lot of users.

Their technical support is good. We don't have any issues with their support.

In my earlier organization, I have used solutions from CheckPoint and Palo Alto. These are good products, but they are expensive as compared to Fortinet. 

The initial setup is very easy. 

We got help from Fortinet engineers. We have a tie-up with the Fortinet support team. They install it for us. 

We have three people for its deployment and maintenance. We have two network engineers and one technical support engineer.

Its price is okay for us. Fortinet products are cheaper than other solutions.

I would recommend this solution, but it also depends on the organization. We are using this solution, and we are getting good results. 

I would rate Fortinet FortiAnalyzer a ten out of ten. It is the best. 

The anti-virus protection it offers our clients is solid.

Currently, no solution can offer you 100% protection from viruses such as WannaCry ransomware. Fortinet should strive to improve their prevention systems.

I have been using this solution for about two to three years.

This solution is stable.

FortiAnalyzer does slow down when there is a heavy load of users, but it still does its job. Also, when many logs are generated throughout many sessions, the Analyser slows down. 

The technical support is not very reliable. Sometimes it takes them up to a week to get back to us. 

The initial setup is not complex. The basic setup takes roughly 30 minutes to one hour — reconfiguration can take up to one day.

If you have Fortinet Firewall, you must implement FortiAnalyzer because, without the Analyzer, you can't generate the polls. 

On a scale from one to ten, I would give this solution a rating of seven. I would give them a higher rating if they improved their scalability.

We primarily distribute this product to our clients.

When you need the reporting on the ISP, you will hand it to FortiAnalyzer. It works amazingly well. 

With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer.

The solution is very complete.

The product is very simple to use. 

It's regularly updated with many versions constantly adding more content and information.

The solution has sandboxing, IPS, and DPS as well.

The solution allows for a lot of customization.

Whether it's FortiAnalyzer, FortiManager, FortiGate, FortiIP, and FortiSwitch you can manage everything through a single console. That is the beauty of Fortinet. It's the security fabrics on offer. When you use the security fabrics, harnessing that control on a single dashboard makes everything so easy and manageable. 

There aren't any features missing. It's very complete.

Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues.

The solution has some limitations. We use MNC, and it has a US patent. Here we can do this thing but we maybe can't do that thing. They provide some documents to customers, but the customers want remote support to take on and/or finish the work. That's why I have the deployment team in place. It's a team within our team.

We don't really use the solution. We sell the solution to our clients.

We've never had issues with stability. It's excellent. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable.

The scalability is good. If a company needs to scale the solution, they are able to do so very easily.

We have our own technical support offering and have 22 people handling everything from tickets to critical issues. It's L3 support, not L2 or L1.

Fortinet's support, on the other hand, has a slow response time. That's why we handle issues. If you put in a ticket with Fortinet, you may not get a response for 15 or 20 days. Our response time is much quicker.

We deal specifically in Fortinet products. We don't sell other solutions to our clients.

The initial setup is not complex at all. It's very straightforward.

Deployment is very easy. If you're using multiple gateways you can just connect through a single gateway. 

We are an official partner and distributor of Fortinet in Maharashtra and Goa. We have only Fortinet products, and we are the sales stockist and we also offer our services. We have a limited portfolio and handle products such as FortiGate, FortiManager, FortiSwitch, and FortiED as well as FortiAnalyzer.

You can see in the Gartner report, Fortinet remains in the top tier of products, alongside Palo Alto and Check Point. Even Sophos and Sonic Wall aren't as highly ranked as Fortinet.

There isn't much competition locally on the market here. Palo Alto is technically a competitor, however, it lacks a few things that Fortinet already has.

I would definitely recommend the product. In fact, I would recommend the whole Fortinet portfolio to each and every client. Of course, which product would depend on the client requirements. All are excellent.

I'd rate the solution ten out of ten. Technical support is lacking, however, we have an internal team that can fulfill those needs.

Generally, Fortinet FortiAnalyzer gives you visibility around the network. You can track and monitor devices and pick the surrounding network. You can see which packets are being sent to the network, who the users are, and what are they using. You can also view the policies and firewall rules that are being used, the IDs that are being connected to, and the IP address a particular user is using.

Basically, it's a SOC. It's a security operations device. We use it for continuous monitoring, and it takes a team to do so. In my organization, three to four people are using it on a daily basis.

The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. 

It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well.

They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products.

It would also be good to include customizable reports and customizable views of the reports. 

I have been using Fortinet FortiAnalyzer for about five to eight months. We are using the latest version. We have deployed it on-premises as a VM.

It's pretty stable.

I'd say that it's very scalable. Scalability depends on which version of the appliance you're using. 

If you're using a hardware-based appliance, it's obviously tough to scale as that would require purchasing new devices. If you go to cloud services or virtual services, it's pretty easy to scale. You need to purchase new VMs and add the IOCs that you need, which is easy. 

I have contacted technical support, but not particularly regarding Fortinet FortiAnalyzer. I have only contacted them for firewalls and routing issues. I have not yet contacted them for things related to Fortinet FortiAnalyzer.

It's very easy and straightforward. You just need the point the FortiGate devices to your Fortinet FortiAnalyzer, and it just automatically configures the security fabric. The time depends on how many devices you're actually using. Configuring one device into your Fortinet FortiAnalyzer takes about five minutes or so.

The deployment was pretty straightforward. I didn't need any help in setting it up. I did it myself very easily. It comes with useful guidelines for setting it up. They also provide documentation and information through their website.

One person can easily do the deployment, but the main goal of the solution is to continue to monitor the regular network traffic for which a team is required. Our software team is responsible for handling such things.

This product is only dedicated to packet analyzing, automation, and things like that. I have not used analyzers of other vendors. However, other solutions do provide similar functionalities. 

It is kind of a very good network packet analyzer solution. It does what a network analyzer should do, and it does it very well. 

In terms of firewalls and using network analyzers, Fortinet has always been the leader among the leaders. Fortinet provides very good features and products. Specifically, if you want to use Fortinet FortiAnalyzer, you need to have a FortiGate environment. You need at least one FortiGate or other similar product in your network. So, if you are already using or are into Fortinet products, then FortiAnalyzer is a very good product to add on top of other products. Having only FortiAnalyzer in your network is kind of useless.

I would rate Fortinet FortiAnalyzer a nine out of ten. It's a very good product.