Fortinet FortiAnalyzer Reviews

We use the product to review firewall logs.

The solution works fine. Separating sections or conditions on Fortinet FortiAnalyzer is quite clear.

The product should be integrated with other third-party solutions for context exchange.

I have been using the solution for the past two years.

The solution is stable. I would rate the stability a nine out of ten.

The solution is scalable. Around 20 to 30 IT employees in our organization use the solution. I would rate the scalability a nine out of ten.

The product is easy to set up.

Around 120 employees work in the technical and maintenance department. I would recommend the solution to other users. I don’t know whether FortiNAC can be integrated with the Fortinet FortiAnalyzer. I rate the solution a nine out of ten.

FortiAnalyzer provides a centralized dashboard for analyzing the output of all our Fortinet solutions, like FortiGate, FortiManager, FortiSandbox, etc. It aggregates and correlates all the events.

Many of my clients are financial institutions that transmit files from around the country across a VPN. In a setup like this, it's helpful to have a centralized dashboard to manage firewalls and other security solutions across a distributed environment. You can do all sorts of analysis and configure it to trigger alarms. 

FortiAnalyzer only integrates with Fortinet solutions. That is a limitation because many organizations use multiple vendors. It's often a mixture of Cisco network hardware and equipment from other vendors, such as switches, access points, etc. 

We have used FortiAnalyzer for one year.

FortiAnalyzer is stable as long as you don't push it. It can cause trouble if you are overreliant on virtual machines and you don't have hardware acceleration. You might see some performance problems. 

FortiAnalyzer is scalable. It covers FortiGate firewalls, switches, etc. You can always buy more licenses or hardware if you need to upgrade. 

The response times could be faster.

Setting up FortiAnalyzer is straightforward. It doesn't take long because everything is already built for you unless you need to do some virtualization. The specific steps depend on your environment and what kind of device fabrics you use. 

They have three-year licenses, but I usually recommend starting with a one-year license to try FortiAnalyzer out. After that, you can switch to a three-year license. 

I rate FortiAnalyzer nine out of 10. I recommend FortiAnalyzer to anyone who is using Fortinet products. 

It's a lock storage correlation device. You can connect locks from different devices. Not just from Fortinet, but you can send locks from other devices to FortiAnalyzer. Basically, it is a centralized repository.

Fortinet FortiAnalyzer has a lock correlation feature. It simplifies the troubleshooting process for its customers. So now, instead of logging into every firewall, they can log into Fortinet FortiAnalyzer and check the locks. They can also check whether there are any issues with the network.

This is a difficult question for me to answer. I want the tool to have a sophisticated and customizable dashboard similar to the one in the SIEM solution. However, I'm not sure if that is in the pipeline. Basically, I would say that it's not a pure SIEM solution where your customer can have a layer on a view of dashboards or advanced dashboards.

I work with Fortinet and Palo Alto. I am also a partner of Fortinet. Even though I have been working with Fortinet for more than five or six years now, Fortinet EDR is something very new for me and us in general. We have been working on firewalls, FortiAnalyzer, FortiManager, FortiMail, FortiADC, and FortiWeb. EDR, SDMA, and ZTNA are new to us. Speaking about Fortinet FortiAnalyzer, I have been working on it for more than six years now.

The stability of Fortinet FortiAnalyzer is okay. Although some customers have encountered issues, others have had a pretty okay experience and are doing pretty well with the solution.

I would say that more than ten of our clients are working on this solution. I would say that it is kind of scalable since it comes in different form factors. Owing to the different form factors and sizing of the solution, you can add and get increased capacity. This can help a person to add more firewalls and devices.

I would say that Fortinet's tech support is really good.

Neutral

I can say that the setup is a mixture of both options. I wouldn't say it is difficult. I would rather say that the setup process is okay or moderate. Also, the straightforwardness and complexity of the setup process will depend on your environment.

The deployment of Fortinet FortiAnalyzer is not complex, but integrating it with firewalls can take some time, depending on the number of firewalls. So, the deployment of the entire solution can take approximately one week to complete.

I'm not familiar with the cost point, because I am more of a technical person and I do not do pre-sales or sales.

I downloaded reports for CrowdStrike Falcon and FortiEDR from peerspot.com to see how they are in terms of performance.

Based on current trends, people are shifting towards FortiGate devices for their attractive value proposition and exceptional performance. FortiGate is the go-to choice for firewalls. And for us, along with FortiGate, I'll even go with FortiManager and FortiAnalyzer. I rate this solution a seven out of ten.

We are using the solution only for ticket logs and security logs, et cetera.

How the applications are working has been quite useful. It helps the users and how they are using the applications. We can see, for example, the utilization of all of the security fabric in a report. We are getting PDFs and Excel sheets that we can use to analyze everything, including how users are working on our internet services. We can generate reports quite easily.

It's been generally very efficient.

It is user-friendly and has a good GUI. 

The product works well with other products. 

The solution scales well. 

It's stable.

We found the pricing to be very reasonable. 

There are no areas that need to be improved. 

Technical support could respond to queries faster. 

We've been using the solution for five or six years. 

It's stable and very easy to use. Everything is generated very easily. The performance has been fine.

We have ten network engineers in India working on this product. There are between ten people directly working with it. 

In my location, we have 2,000 people and they are all users integrated into FortiAnalyzer. We are getting all logs for all these users through it. 

It is a very scalable solution.

The technical support, we are taking from SNS team. Whenever the SNS team is talking on any ticket, they may get help from FortiGate. My concern is that they are taking too much time to respond. They should respond faster to requests for help. 

Neutral

I have not installed or configured FortiAnalyzer. I came into this organization one year ago and it was already configured. I do not have that much of an idea about the installation.

I'm not sure what, if any, maintenance is required. 

The pricing is very good. I'd rate it four out of five in terms of affordability.

We are a customer and end-user.

Our firewall is FortiAnalyzer's 200D and it is not a new one. We are using the older one only. 

If an organization is using the FortiGate Firewall, then they should go with the FortiAnalyzer also. It is very helpful in terms of getting logs and tracking security threats. We can check the reports very easily.

I'd rate it eight out of ten.

We use FortiAnalyzer as our indicator of compromise solution, and I'm also running some SOC into it. 

FortiAnalyzer's reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful. Fortinet knows how to do reporting. You can customize your reports to show exactly what you want to analyze. It's user-friendly and doesn't require a lot of effort. 

The hub is another feature that's good to use. FortiAnalyzer can be connected to other Fortinet devices via the hub. It isn't restricted, and it's all controlled by FortiManager. It can also integrate all the opcodes to one box. 

If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud. 

We've been using FortiAnalyzer since 2015. 

FortiAnalyzer is stable. It will do the work as long as your FortiGate is stable. It depends more on the FortiGate, so if your FortiGate is cool, there's no problem. If there is a problem, you can bypass it most of the time. I can't say that there are no issues. I don't want to lie.

FortiAnalyzer is scalable. It can even take over traffic from other analyzers. You can connect as many analyzers as you want to it. 

I used a McAfee SIEM solution before at my previous employer, but it's not as powerful as FortiAnalyzer. I used a Rapid7 solution and Cisco FirePOWER, which are both weak.

We don't need to do much to install FortiAnalyzer because it always depends on FortiGate. You need to deploy FortiGate before you install it. That's why I say that I see it as a dummy box. I don't see anything interesting in it. It's only a support structure.

I rate FortiAnalyzer seven out of 10. It's a very user-friendly box. You don't even need to know the CLI. It has a CLI, but you don't need to know it because the GUI is excellent. It's always doing its duty to keep up with the reporting. 

I am using Fortinet and Red Hat myself as a consultant. I am dealing with Fortinet products and can provide information about them. I am working with Fortinet products, including firewalls and other Fortinet products. I am working with Fortinet products such as Fortinet FortiAnalyzer and FortiManager. I use Fortinet FortiAnalyzer.

I find it easy to deploy Fortinet products, including the firewall, Fortinet FortiAnalyzer, and many other Fortinet products.

The interface of Fortinet FortiAnalyzer is intuitive enough. Fortinet provides training through many training documents and videos.

It is very important to integrate Fortinet products for my customers because it provides many network information for them.

I don't know what the main room for improvement is for Fortinet FortiAnalyzer, but perhaps I don't have much experience, so I cannot answer this question comprehensively.

I have been working with Fortinet FortiAnalyzer for two years.

Fortinet FortiAnalyzer is very stable.

I do not recommend Fortinet FortiAnalyzer for bigger companies because it is not scalable enough.

I always ask Fortinet support about their technical support, and I think they are good.

I rate their technical support as seven out of ten. Sometimes they can answer the question immediately, but they could be more quick.

Positive

Palo Alto also provides log management and has this product, but I have never used Palo Alto.

I find it easy to deploy Fortinet products, including the firewall, Fortinet FortiAnalyzer, and many other Fortinet products.

I usually help my customers with the implementation of Fortinet products, and they always use Fortinet products.

I think Fortinet FortiAnalyzer has fifty percent market share in my region.

The pricing of Fortinet FortiAnalyzer is okay. For smaller companies, the pricing is acceptable.

Palo Alto also provides log management and has this product, but I have never used Palo Alto.

I recommend Fortinet FortiAnalyzer for big companies. I rate this review an eight overall.

The primary use case for our clients revolves around robust reporting capabilities, addressing key aspects such as understanding diverse utilizations and the performance of network links. They specifically sought insights into bandwidth usage and detailed reporting at the application level. Additionally, an essential requirement was efficient log management. This is crucial because FortiGate has limitations on retaining logs for an extended duration, and our clients needed a solution, such as FortiAnalyzer, to effectively manage and analyze logs over an extended period.

The most valuable is its robust and comprehensive reporting functionality, providing a thorough overview of various metrics. Additionally, its ability to centrally capture logs from multiple devices proves indispensable for our SOC. This centralized log management facilitates automation processes, and we also greatly appreciate the effectiveness of its analytics features.

I believe that its technical support is the only aspect that requires significant improvement. With the current trend toward AI advancements, there's an opportunity for improved AI analytics. This could empower us to better leverage technology to detect attacks in a more effective manner.

I have been working with it for more than five years.

It offers excellent stability capabilities. I would rate it nine out of ten.

It offers a capacity of up to two thousand gigabytes of logs daily, showcasing considerable scalability. I believe it is a scalable solution that can easily accommodate increasing needs without compromising performance. Our clients fall into the enterprise category. I would rate it eight out of ten.

The support services are often outsourced to specific regions, resulting in varying levels of technical expertise. While regions like America, the USA, Europe, and certain countries in Australia benefit from reasonable and proficient engineers, other locations may experience subpar tech support. Consequently, issue resolution can be time-consuming, leading customers to sometimes address problems independently. Particularly in terms of time efficiency, there is a need for improvement to expedite the support process. I would rate it six out of ten.

Neutral

The initial setup was straightforward. I would rate it eight out of ten.

The deployment process is straightforward and efficient, requiring minimal time and effort. It takes approximately thirty minutes and it's quite user-friendly.

The pricing is reasonable. The cost structure is primarily based on factors such as the number of logs, log sizes, and the daily log storage capacity, with a minimum requirement of two gigabytes per day. The maximum storage capacity can extend up to eight thousand gigabytes of logs per day.

I would strongly recommend utilizing it. It's an excellent product with abundant features, offered at a very reasonable price point. Overall, I would rate it eight out of ten.

We take all the logs from FortiGate. 

We have it deployed on-premises, and we are definitely using its latest version because we are creating a new virtual machine.

Special notifications about compromised phones are valuable because we have some guest networks, and sometimes, people are connecting phones that are connected to compromised websites. We want to be informed about it. We sometimes have some cases where we want to analyze the connection from inside to outside ports. So, it helps with a lot of things. It depends on our needs.

The interface or GUI does not work properly on Microsoft Edge. The behavior or the view is different on Microsoft Edge versus on Chrome or Firefox. When some buttons do not work, I am forced to switch to Firefox.

There could be better analysis from the client's perspective. If you have FortiClient EMS, you should be able to analyze users more than the connections.

We started using Fortinet FortiAnalyzer this year. It was bought by our main company in the Netherlands.

It is now stable, but our previous instance was unstable. We had problems with connectivity. It was strange because it is a virtual machine, and it was on the same hypervisor or host, but only Fortinet FortiAnalyzer had connectivity problems. The connection was dropped, and it was not always possible to log in. We moved it to a different environment. We have now moved it to a Hyper-V cluster on a different site in Poland, and it is now stable.

It is scalable. We could change the size. It was easy.

We have mainly two people working with Fortinet FortiAnalyzer. My colleague and I from the Netherlands work on it. All IT departments also can access it. In total, we have five or six users, but mainly, two of us work on it.

I use their technical support when I have problems. They solve my problems, but sometimes, they take time because it is difficult to understand each other. I prefer a phone call over the email or ticket system because we can share more information in a short time. I would rate them a nine out of ten. They sometimes do not have a fast solution, but they always resolve an issue in the end.

Positive

I did not work on any similar product previously.

It was easy to deploy. It took one hour.

We deployed it ourselves. We know the product. We know how to register devices and how to join devices. It was easy. We used our knowledge.

I do not know the price of Fortinet FortiAnalyzer. I did not pay for it, but I know the price of other Fortinet products. They are not cheap. I am from Poland. We have Zloty, not Euro, so for us, everything is expensive. 

I had also tried to buy it in the past, but it was too expensive.

If you have FortiGate and FortiClient EMS, FortiAnalyzer is a natural choice. You can have notifications and alerts. Some things are automatically done by FortiAnalyzer. From a security perspective, it is a very good product.

Overall, we are satisfied with it. I would rate Fortinet FortiAnalyzer an eight out of ten.