We use Splunk over SOC, the security operations center because it is more user-friendly for our team. Our team uses the solution extensively for traffic analysis and threat hunting.
Information security manager at asa com
We can automate event-based handling solutions, is stable, and is great for heavy traffic
Pros and Cons
- "The event handling solution in the platform is very good and useful."
- "The setup of the solution can be improved because it is currently complex."
What is our primary use case?
What is most valuable?
The event handling solution in the platform is very good and useful. We can automate event-based handling solutions for example, if we have some events or issues on top of traffic, it triggers that function, and it can even get API for our firewall to ban that IP, or we can add a playbook for our attack, into the solution, and just manage the whole network based on that playbook.
What needs improvement?
The solution has very heavy features. Similar to when we get an app, usually, it's less than what we want. When we send all our logs over to the analyzer, it almost crashed on the first try. We must first get our logs tuned up and then set up the Fortinet FortiAnalyzer or it will crash. This is very complicated and heavy work for such a simple task, and it's a big issue for that app.
The setup of the solution can be improved because it is currently complex.
The cost of the solution is high and can be improved.
For how long have I used the solution?
I have been using the solution for seven years.
Buyer's Guide
Fortinet FortiAnalyzer
June 2025

Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
860,168 professionals have used our research since 2012.
What do I think about the stability of the solution?
The solution is very stable.
What do I think about the scalability of the solution?
The solution is not really scalable. The solution is the largest. The solution is not in the security world and they don't have to have a threat on them to be secure. When we have a threat, we can't get distributed because our chain of logs is broken, and we don't get very regular events. We can't depend on this in the event of an accident or if they have to be reported because the chain is broken.
Which solution did I use previously and why did I switch?
Previously I used the ManageEngine Eventlog Analyzer. The solution is very lazy, it's heavy, and it has some bugs with reports. ManageEngine Eventlog Analyzer is a very bad solution.
How was the initial setup?
The initial setup is complex.
Setting up and launching a network, depending on the size can take anywhere from one or two days up to a week or more. However, in order for the network to run smoothly and be effective, it is important to continually tune and optimize that network. This is not a solution that can be set and forgotten; we need to be constantly adjusting Fortinet FortiAnalyzer to meet the needs of our network and the services we are providing.
What was our ROI?
The solution has a very high return on investment because when we encounter any problems, even functional problems, not technical problems, it is very easy and very fast to fix them and detect them using Fortinet FortiAnalyzer. With the heavy traffic, we have a lot of difficulty in the network, we can't get through. But when we have visibility on the network, and we force it, the solution is for us on the firewall. We know that the firewall is very complex because nothing is easy to configure, from the interface to the IP addresses and connectivity. We also have one filtering layer over that, even in new-generation firewalls with layer seven features we may not know what happened to our traffic if it's blocked at layer three or layer four. We need visibility, and the solution can give it to us.
What's my experience with pricing, setup cost, and licensing?
Fortinet FortiAnalyzer is very expensive. Solutions from companies like Fortinet, F5, and Juniper are very expensive, due in part to the high license fees and technical support they charge.
What other advice do I have?
I give the solution a nine out of ten.
Currently, we have five people using the solution, and we have plans to increase the solution's usage. As business owners, we need to grow our business structures and grow our staff to manage those structures.
I highly recommend the solution for a business with high and heavy traffic.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.

Manager of Stragetic Accounts at Ondu
Provides robust cybersecurity capabilities with excellent customer support
What is our primary use case?
Fortinet FortiAnalyzer is used for vulnerabilities with cyber attacks.
The clients are in different industries, including private sectors such as retail, industry, healthcare, financial, banks, and others. There are no government clients.
For clients in banking, financial, and retail sectors, Fortinet FortiAnalyzer prepares them for attacks and helps prevent security incidents.
What is most valuable?
The predictive analytics of Fortinet FortiAnalyzer is very valuable for clients because this solution has a complete architecture for cybersecurity.
The ability to create custom reports and dashboards has helped improve understanding and provided clients with better cybersecurity solutions through the analyzer.
The integration of Fortinet FortiAnalyzer with SIEM solutions and other security solutions is very important because client solutions are not heterogeneous. Clients typically have multiple solution providers, making communication between all systems crucial.
What needs improvement?
Fortinet FortiAnalyzer can become even better with integration with other product providers and solution providers.
For how long have I used the solution?
I have five years of experience with Fortinet FortiAnalyzer.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
The customer service and technical support with Fortinet is very good. I have experience with two different client service models: on-premise solutions and MSP services on a monthly basis. On a scale from 1 to 10, I would rate it as nine.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Some clients did move to Fortinet from other solutions before, and they have had good experiences with the solution.
How was the initial setup?
The initial setup is not complex; it is straightforward.
What was our ROI?
The return on investment is very good, and the price-performance ratio is excellent. On a scale of 1 to 10, I would rate their return on investment as eight.
What's my experience with pricing, setup cost, and licensing?
I have experience with pricing, licensing, and setup costs as I prepare quotes for clients. While Fortinet FortiAnalyzer might be more expensive than some other solutions, it remains very competitive in the market.
Which other solutions did I evaluate?
I do not know the main differences between Fortinet and Cisco or Fortinet and Palo Alto.
What other advice do I have?
I have experience with Fortinet solutions and am familiar with FortiReporter, FortiManager, and Fortinet FortiAnalyzer.
I sell FortiGate but work only in commercial roles. My clients do not use Fortinet FortiAnalyzer with AWS, though I work with various cloud providers including AWS, Google, Azure, Huawei, and IBM for cloud solutions, both private and public.
The solution is very important for clients to complete their architecture in cybersecurity. Clients need the cyber analyzer and reporting analyzer to complete their security posture.
Overall rating: 9 out of 10.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Last updated: Jun 30, 2025
Flag as inappropriateBuyer's Guide
Fortinet FortiAnalyzer
June 2025

Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
860,168 professionals have used our research since 2012.
Information Security Engineer at a tech services company with 11-50 employees
Enables us to gain clearer view of threats through advanced analytics and comprehensive reporting
Pros and Cons
- "Fortinet FortiAnalyzer comes with a lot of prebuilt reports out of the box, making it easy for our team to generate necessary reports without much struggle."
- "I recommend Fortinet FortiAnalyzer."
- "One area for improvement could be better support for third-party products, as it doesn't have as much visibility with these compared to Fortinet's own products."
- "One area for improvement could be better support for third-party products, as it doesn't have as much visibility with these compared to Fortinet's own products."
What is our primary use case?
The primary use case of Fortinet FortiAnalyzer in our organization is to gain more visibility into traffic, such as creating reports on highest bandwidth users over time. It also serves as a central log repository, aiding in threat detection by showing indicators of compromise and emerging threats.
What is most valuable?
Fortinet FortiAnalyzer comes with a lot of prebuilt reports out of the box, making it easy for our team to generate necessary reports without much struggle. It provides better visibility, allowing us to have a clearer view of threats. The advanced analytics capabilities aid in threat detection by providing visibility into indicators of compromise.
What needs improvement?
One area for improvement could be better support for third-party products, as it doesn't have as much visibility with these compared to Fortinet's own products.
For how long have I used the solution?
I have been working with Fortinet FortiAnalyzer for five years.
What do I think about the stability of the solution?
There have been no significant performance or stability issues with Fortinet FortiAnalyzer. Sizing is always done well beforehand.
What do I think about the scalability of the solution?
Fortinet FortiAnalyzer is scalable, especially for the VM versions, as additional space can be provisioned from the servers as needed.
How are customer service and support?
Customer service and support for Fortinet FortiAnalyzer are quite helpful and responsive. I have interacted with them multiple times without any complaints.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I do not have experience working with any other log management solutions.
How was the initial setup?
The initial setup process was straightforward. It involved running the OVA on a virtual environment, setting up IPs, DNS, and static cloud, followed by accessing the web interface for integration with other products.
What's my experience with pricing, setup cost, and licensing?
I do not interact with the pricing or licensing component of the business, so I do not know about it.
What other advice do I have?
I recommend Fortinet FortiAnalyzer. It provides valuable tools for the organization by presenting better reports that help in management decision-making. It is a valuable solution that can be improved by enhancing its third-party product support.
Overall, I would rate Fortinet FortiAnalyzer nine out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Dec 30, 2024
Flag as inappropriateSenior Manager at Allsec Technologies Ltd
Centralized log management and real-time analysis enables efficient traffic log analysis and comprehensive network monitoring, but has an initial learning curve
Pros and Cons
- "The reporting features, which offer customization, real-time insights, and compliance support, are particularly noteworthy aspects."
- "Automated reports focusing on compliance issues would provide a clearer understanding of potential gaps and the need for remediation."
What is our primary use case?
I find it to be a valuable tool for utilizing traffic logs. The product's continuous improvements and Fortinet's commitment to enhancing its capabilities contribute to its effectiveness.
What is most valuable?
The reporting features, which offer customization, real-time insights, and compliance support, are particularly noteworthy aspects.
What needs improvement?
It would be beneficial to enhance the streamlining of the generation of automated reports related to compliance, such as PCI DSS or HIPAA, based on the logs collected. Automated reports focusing on compliance issues would provide a clearer understanding of potential gaps and the need for remediation. This feature would significantly simplify the process of identifying and addressing areas that require attention.
For how long have I used the solution?
I have been working with it for ten years.
What do I think about the stability of the solution?
I would rate its stability capabilities eight out of ten.
What do I think about the scalability of the solution?
We have approximately three thousand users within our company. I would rate its scalability seven out of ten, as it should be improved.
How are customer service and support?
Technical support is responsive. I would rate it eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
The majority of our network infrastructure is based on Fortinet, with a single device each on Palo Alto and Cisco.
How was the initial setup?
The initial setup was fairly easy. When approaching it for the first time, there might be some minor complexities. However, as you gain experience, the process becomes quite straightforward to manage.
What about the implementation team?
The setup typically takes a maximum of three to four hours, depending on the scenario. If it's hardware, there usually aren't any issues. For software installations, you need to consider server specifications, and the process involves loading the license, which may take about three to four hours for activation. For maintenance, we have a team of five members responsible for overseeing the entire network, which includes managing the Fortinet licenses.
What's my experience with pricing, setup cost, and licensing?
The pricing model is subscription-based. It involves payment for both the license and ongoing support. I would rate it seven out of ten.
What other advice do I have?
It serves as an excellent tool, especially for addressing compliance requirements. Analyzing traffic logs and monitoring network impressions, both inbound and outbound traffic, are essential needs that this tool effectively fulfills. Implementing it has proven to be highly beneficial. Overall, I would rate it seven out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Security Manager at Yarix S.r.l.
We can gather logs and generate reports, but the license cost is high
Pros and Cons
- "The most valuable feature is the capability to gather logs and generate reports."
- "The integration with other vendors for log collection could be enhanced."
What is our primary use case?
Fortinet FortiAnalyzer is utilized to gather logs from all Fortinet products and generate reports.
What is most valuable?
The most valuable feature is the capability to gather logs and generate reports. Without this solution, the firewalls exhibit limited proficiency in displaying logs.
What needs improvement?
The integration with other vendors for log collection could be enhanced.
The licensing cost has room for improvement.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for over three years.
What do I think about the stability of the solution?
I rate FortiAnalyzer's stability a nine out of ten. We have had instances of data loss or source loss.
What do I think about the scalability of the solution?
For our needs, FortiAnalyzer is scalable because we are not dealing with thousands of firewalls.
How are customer service and support?
The technical support is good.
How was the initial setup?
The initial setup is straightforward. The deployment took a couple of days.
For the deployment, we needed to create the server for deploying the FortiAnalyzer image and create the policy rules. We also had to complete the basic configuration of FortiAnalyzer. Following that, we configured all the resources and logs within FortiAnalyzer to collect and correlate the logs, which are then used to generate reports.
What about the implementation team?
We used a consultant for the implementation.
What's my experience with pricing, setup cost, and licensing?
We pay for an annual license, but we have the ability to determine the payment schedule with our distributor.
The cost of the license is high.
What other advice do I have?
I would give Fortinet FortiAnalyzer a rating of six out of ten. I am not satisfied with the solution as it falls short of a proper SIEM. Therefore, we would prefer to allocate more funds towards a SIEM in order to effectively collect logs.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Engineer at HINDUSTAN URVARAK & RASAYAN LIMITED
Useful to analyze logs and generate reports
Pros and Cons
- "The most valuable features of the solution are report generation and traffic logs."
- "I need some improvements in the support team since it is an area where there are certain shortcomings."
What is our primary use case?
I use the solution in my company to analyze logs and generate reports.
What is most valuable?
The most valuable features of the solution are report generation and traffic logs. The online traffic report in Fortinet FortiAnalyzer is very good. There are different types of reports that one can generate with the tool.
What needs improvement?
From my point of view, I think everything is okay with the product.
I need some improvements in the support team since it is an area where there are certain shortcomings.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for six months.
What do I think about the stability of the solution?
Stability-wise, I rate the solution a ten out of ten.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution a ten out of ten.
The IT team in our company uses the product for report generation. There are around 200 users in our organization, including our core IT team.
My company gets the product updated with the help of Fortinet's support team. My organization downloads the tool's firmware and updates the solution. The tool offers an easy setup phase.
How are customer service and support?
I am a little bit disappointed with the support offered by Fortinet. Sometimes, the support team does not offer timely support or respond to our company's queries. Every time, the support team asks for logs and configuration from my company. Dealing with the support team is a very tedious task. I rate the technical support a seven out of ten.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
When it came to monitoring and reporting purposes, I used to only use FortiGate's inbuilt features for logs and traffic monitoring. It was only after a while that my company started to use Fortinet FortiAnalyzer.
How was the initial setup?
I rate the product's initial setup phase a ten out of ten, where one means it was a difficult process, and ten means it was an easy phase.
The solution can be deployed in a day.
What's my experience with pricing, setup cost, and licensing?
The product's prices are a bit higher than the other solutions available in the market, but I would say that the tool's quality and support are areas that are good.
What other advice do I have?
Regarding the support, if a customer wants to support or any technical help with the area of configuration, I think the support team must in a timely manner help the customers and understand their problems.
I rate the tool a nine out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
TIO at Fundação de Serralves
Useful for log management and endpoint protection
Pros and Cons
- "The most valuable features of the solution are the reports and the playbooks."
- "I feel that Fortinet FortiAnalyzer is a little bit heavy, making it an area where improvements are required."
What is our primary use case?
I use the solution in my company for log management and to comply with requirements associated with endpoint protection and FortiGate, as well as with all the other solutions from Fortinet.
What is most valuable?
The most valuable features of the solution are the reports and the playbooks.
What needs improvement?
I feel that Fortinet FortiAnalyzer is a little bit heavy, making it an area where improvements are required.
For how long have I used the solution?
I have been using Fortinet FortiAnalyzer for three years. I am an end user of the solution.
What do I think about the stability of the solution?
Stability-wise, I rate the solution an eight out of ten.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution an eight out of ten.
Two people in my company use the product.
I use the solution in my company every day.
How are customer service and support?
I rate the technical support a nine out of ten.
Which solution did I use previously and why did I switch?
I have experience with some other solutions in the past. My company has not switched from the solution we use currently because we don't have an alternative product. My company does want to use an SIEM solution, and we purchased Fortinet FortiAnalyzer since it offered a bit of SIEM functionalities.
How was the initial setup?
My company took care of the tool's initial setup phase for our internal projects.
The solution is deployed on an on-premises model.
The solution can be deployed in two days.
What about the implementation team?
An implementer took care of the product's implementation process.
What was our ROI?
I have seen a return on investment from the use of the product. I rate the tool's ROI a nine out of ten.
What's my experience with pricing, setup cost, and licensing?
I rate the product's price a six on a scale of one to ten, where one is cheap, and ten is expensive.
What other advice do I have?
The log management capability has benefited our organization, and it is important because we need to write and send proactive information that playbooks can cater to, and the product also prevents my company's systems from being attacked.
I recommend the product to others since it is easy to work with and it works very well.
I don't know much about the artificial integration capabilities of the product, but the solution works to detect and analyze threats.
I rate the overall tool an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Senior Systems Engineer at a pharma/biotech company with 51-200 employees
Offers visibility and helps to analyze the traffic but improvement is needed in pricing
Pros and Cons
- "Our use case for Fortinet FortiAnalyzer is analyzing traffic. We use it to investigate complaints about account access, check if something is blocked or working, and understand what's happening inside them."
- "Fortinet FortiAnalyzer needs to improve its pricing flexibility."
What is our primary use case?
Our use case for Fortinet FortiAnalyzer is analyzing traffic. We use it to investigate complaints about account access, check if something is blocked or working, and understand what's happening inside them.
What is most valuable?
The solution provides visibility into traffic. We can view everything from one platform.
What needs improvement?
Fortinet FortiAnalyzer needs to improve its pricing flexibility.
For how long have I used the solution?
I have been using the product for a couple of months.
What do I think about the stability of the solution?
I rate the tool's stability a seven out of ten. We have experienced downtime and glitches while using it. These were during the deployment stages, and the vendor helped to fix them.
What do I think about the scalability of the solution?
I rate Fortinet FortiAnalyzer's scalability a nine out of ten. My company has 100 users.
Which solution did I use previously and why did I switch?
I used Palo Alto Panorama before Fortinet FortiAnalyzer. I think Palo Alto Panorama is better. It offers more functionality. We typically need separate solutions for different needs with Fortinet FortiAnalyzer, but Palo Alto Panorama bundles everything into one package. Whether deploying and managing firewalls, analyzing traffic, or managing users, Palo Alto Panorama consolidates it into a single dashboard.
How was the initial setup?
Fortinet FortiAnalyzer's deployment is easy.
What about the implementation team?
The tool's deployment was done by a third party.
What's my experience with pricing, setup cost, and licensing?
I rate Fortinet FortiAnalyzer's pricing as five out of ten.
What other advice do I have?
We recently switched to the product and are in the stages of a learning curve. I rate the overall product a five out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.

Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2025
Product Categories
Log ManagementPopular Comparisons
Dynatrace
Splunk Enterprise Security
IBM Security QRadar
Elastic Security
Elastic Observability
Grafana Loki
Security Onion
LogRhythm SIEM
Elastic Stack
syslog-ng
Amazon CloudWatch
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
- Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
- Which Windows event log monitoring tool do you recommend?
- What is the difference between log management and SIEM?
- Splunk vs. Elastic Stack
- How can Cloudtrail logs be used effectively to improve log monitoring?
- Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
- When evaluating Log Management solutions, what aspect do you think is the most important to look for?
- When evaluating Log Management solutions, what aspects do you think are the most important to look for?
- Why are Log Management tools important for companies?