Fortinet FortiAnalyzer Reviews

We use Fortinet FortiAnalyzer for logs and reports. We have a SOC subscription to monitor the end users' login activity and traffic.

Fortinet FortiAnalyzer is deployed by us in both on-premises and cloud environments.

Fortinet FortiAnalyzer provides more visibility into the logs.

The traffic log information we receive from Fortinet FortiAnalyzer is valuable.

Fortinet FortiAnalyzer needs to have more out-of-the-box connectors for integration with other solutions.

I have been using Fortinet FortiAnalyzer for three months.

Fortinet FortiAnalyzer is stable as long as we keep it up to date. 

Fortinet FortiAnalyzer is scalable.

The technical support is great. We receive support within 24 hours of opening a ticket.

Positive

The initial deployment of Fortinet FortiAnalyzer is straightforward. There are two network interfaces involved: the Internet interface and the LAN interface. The LAN interface must be configured on the same subnet as the other Fortinet products to enable visibility of the network connector from the Fortinet console. Upon successful configuration, an authorization message will be received, allowing us to proceed with adding the devices to the FortiAnalyzer device manager and initiating log data collection. The deployment process is well-documented, requiring minimal personnel, and can be completed within five hours.

The number of licenses required directly corresponds with the number of devices connected.

I would rate Fortinet FortiAnalyzer a nine out of ten.

FortiAnalyzer enhances network security visibility with its comprehensive logging and analysis capabilities, making it a valuable tool for organizations seeking to improve their security posture. I highly recommend it.

Fortinet FortiAnalyzer is utilized to gather logs from all Fortinet products and generate reports.

The most valuable feature is the capability to gather logs and generate reports. Without this solution, the firewalls exhibit limited proficiency in displaying logs.

The integration with other vendors for log collection could be enhanced.

The licensing cost has room for improvement.

I have been using Fortinet FortiAnalyzer for over three years.

I rate FortiAnalyzer's stability a nine out of ten. We have had instances of data loss or source loss.

For our needs, FortiAnalyzer is scalable because we are not dealing with thousands of firewalls.

The technical support is good.

The initial setup is straightforward. The deployment took a couple of days.

For the deployment, we needed to create the server for deploying the FortiAnalyzer image and create the policy rules. We also had to complete the basic configuration of FortiAnalyzer. Following that, we configured all the resources and logs within FortiAnalyzer to collect and correlate the logs, which are then used to generate reports.

We used a consultant for the implementation.

We pay for an annual license, but we have the ability to determine the payment schedule with our distributor.

The cost of the license is high.

I would give Fortinet FortiAnalyzer a rating of six out of ten. I am not satisfied with the solution as it falls short of a proper SIEM. Therefore, we would prefer to allocate more funds towards a SIEM in order to effectively collect logs.

I use the solution for the configuration process.

Logs are the most useful feature of the solution. The solution is easy to use and easy to integrate. It helps to configure multiple devices at once.

The solution provides details like category, IP address, and location. It would be good if the product could provide data about the websites users visit.

It will be better if the product can build its UI like Cisco Meraki’s.

I have been using the solution for around seven years.

I rate the stability an eight out of ten.

Compared to most other solutions, it is easier to scale Fortinet FortiAnalyzer. We also use FortiAnalyzer VM, so the scalability is pretty flexible. Around 1000 employees in our organization use the solution.

It is a bit of a challenge to return devices. Once we return the device to Fortinet, they will send us a replacement. This process takes a bit of time. The cost of sending the device is very high. With that money, we can buy a smaller device.

The initial setup was very simple.

We need three employees to maintain the solution.

The product’s price is much better than its competitors.

We need to have a license for individual devices to use the solution. We end up in a loop when we try to access the websites and different routes. We also have to provide the options ourselves for all our queries. The process would be better if reports and records were more readily available.

Cisco Meraki is an online portal that provides organized and in-depth reports. Overall, I rate the solution an eight out of ten.

We use the product to review firewall logs.

The solution works fine. Separating sections or conditions on Fortinet FortiAnalyzer is quite clear.

The product should be integrated with other third-party solutions for context exchange.

I have been using the solution for the past two years.

The solution is stable. I would rate the stability a nine out of ten.

The solution is scalable. Around 20 to 30 IT employees in our organization use the solution. I would rate the scalability a nine out of ten.

The product is easy to set up.

Around 120 employees work in the technical and maintenance department. I would recommend the solution to other users. I don’t know whether FortiNAC can be integrated with the Fortinet FortiAnalyzer. I rate the solution a nine out of ten.

FortiAnalyzer provides a centralized dashboard for analyzing the output of all our Fortinet solutions, like FortiGate, FortiManager, FortiSandbox, etc. It aggregates and correlates all the events.

Many of my clients are financial institutions that transmit files from around the country across a VPN. In a setup like this, it's helpful to have a centralized dashboard to manage firewalls and other security solutions across a distributed environment. You can do all sorts of analysis and configure it to trigger alarms. 

FortiAnalyzer only integrates with Fortinet solutions. That is a limitation because many organizations use multiple vendors. It's often a mixture of Cisco network hardware and equipment from other vendors, such as switches, access points, etc. 

We have used FortiAnalyzer for one year.

FortiAnalyzer is stable as long as you don't push it. It can cause trouble if you are overreliant on virtual machines and you don't have hardware acceleration. You might see some performance problems. 

FortiAnalyzer is scalable. It covers FortiGate firewalls, switches, etc. You can always buy more licenses or hardware if you need to upgrade. 

The response times could be faster.

Setting up FortiAnalyzer is straightforward. It doesn't take long because everything is already built for you unless you need to do some virtualization. The specific steps depend on your environment and what kind of device fabrics you use. 

They have three-year licenses, but I usually recommend starting with a one-year license to try FortiAnalyzer out. After that, you can switch to a three-year license. 

I rate FortiAnalyzer nine out of 10. I recommend FortiAnalyzer to anyone who is using Fortinet products. 

It's a lock storage correlation device. You can connect locks from different devices. Not just from Fortinet, but you can send locks from other devices to FortiAnalyzer. Basically, it is a centralized repository.

Fortinet FortiAnalyzer has a lock correlation feature. It simplifies the troubleshooting process for its customers. So now, instead of logging into every firewall, they can log into Fortinet FortiAnalyzer and check the locks. They can also check whether there are any issues with the network.

This is a difficult question for me to answer. I want the tool to have a sophisticated and customizable dashboard similar to the one in the SIEM solution. However, I'm not sure if that is in the pipeline. Basically, I would say that it's not a pure SIEM solution where your customer can have a layer on a view of dashboards or advanced dashboards.

I work with Fortinet and Palo Alto. I am also a partner of Fortinet. Even though I have been working with Fortinet for more than five or six years now, Fortinet EDR is something very new for me and us in general. We have been working on firewalls, FortiAnalyzer, FortiManager, FortiMail, FortiADC, and FortiWeb. EDR, SDMA, and ZTNA are new to us. Speaking about Fortinet FortiAnalyzer, I have been working on it for more than six years now.

The stability of Fortinet FortiAnalyzer is okay. Although some customers have encountered issues, others have had a pretty okay experience and are doing pretty well with the solution.

I would say that more than ten of our clients are working on this solution. I would say that it is kind of scalable since it comes in different form factors. Owing to the different form factors and sizing of the solution, you can add and get increased capacity. This can help a person to add more firewalls and devices.

I would say that Fortinet's tech support is really good.

Neutral

I can say that the setup is a mixture of both options. I wouldn't say it is difficult. I would rather say that the setup process is okay or moderate. Also, the straightforwardness and complexity of the setup process will depend on your environment.

The deployment of Fortinet FortiAnalyzer is not complex, but integrating it with firewalls can take some time, depending on the number of firewalls. So, the deployment of the entire solution can take approximately one week to complete.

I'm not familiar with the cost point, because I am more of a technical person and I do not do pre-sales or sales.

I downloaded reports for CrowdStrike Falcon and FortiEDR from peerspot.com to see how they are in terms of performance.

Based on current trends, people are shifting towards FortiGate devices for their attractive value proposition and exceptional performance. FortiGate is the go-to choice for firewalls. And for us, along with FortiGate, I'll even go with FortiManager and FortiAnalyzer. I rate this solution a seven out of ten.

The product is for reporting about the use or detecting some issues or activities.

The ability to track the activities of our users and some topics about security risks are the most valuable aspects.

It's simple to use.

It is not hard to set up.

The configuration is easy.

It offers good integration capabilities.

Support is helpful.

There is a lot of great documentation to be found online. 

We are concerned about the compliance of our policy and institutional philosophy. We are a university and provide the tool to the users and to the infrastructure for the right use.

I've been using the solution for six years. 

We have around 2,000 users.

Support is good. We also use the documentation online and find help via some tutorials on the internet.

The initial setup is very simple. 

The deployment took about six months. 

We deployed it via our team, however, we used an external consultant from the reseller.

We pay a standard licensing fee on a yearly basis. 

The pricing is complex since we need to add some other products or tools to assure our infrastructure, then the amount of every one of the items of software otherwise the solution is expensive in the end.

We are a customer and end-user.

I'd rate the solution nine out of ten.

We use FortiAnalyzer as our indicator of compromise solution, and I'm also running some SOC into it. 

FortiAnalyzer's reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful. Fortinet knows how to do reporting. You can customize your reports to show exactly what you want to analyze. It's user-friendly and doesn't require a lot of effort. 

The hub is another feature that's good to use. FortiAnalyzer can be connected to other Fortinet devices via the hub. It isn't restricted, and it's all controlled by FortiManager. It can also integrate all the opcodes to one box. 

If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud. 

We've been using FortiAnalyzer since 2015. 

FortiAnalyzer is stable. It will do the work as long as your FortiGate is stable. It depends more on the FortiGate, so if your FortiGate is cool, there's no problem. If there is a problem, you can bypass it most of the time. I can't say that there are no issues. I don't want to lie.

FortiAnalyzer is scalable. It can even take over traffic from other analyzers. You can connect as many analyzers as you want to it. 

I used a McAfee SIEM solution before at my previous employer, but it's not as powerful as FortiAnalyzer. I used a Rapid7 solution and Cisco FirePOWER, which are both weak.

We don't need to do much to install FortiAnalyzer because it always depends on FortiGate. You need to deploy FortiGate before you install it. That's why I say that I see it as a dummy box. I don't see anything interesting in it. It's only a support structure.

I rate FortiAnalyzer seven out of 10. It's a very user-friendly box. You don't even need to know the CLI. It has a CLI, but you don't need to know it because the GUI is excellent. It's always doing its duty to keep up with the reporting.