Fortinet FortiAnalyzer Reviews

We primarily use the solution as an analysis tool. 

We can look at all of the logs in one place. It helps with analysis. It's useful for centralization. We're able to collect all of the logs via the analyzer.

Overall, it's a useful tool. 

The cost is very low. It's one of the reasons I am using it. 

There are a lot of monitoring features available. 

It is easy to set up. 

You have to play a lot with it in order to find what you need and how to use it. 

It is not easy to use.

We were trying to monitor more problems via FortiAnalyzer, however, it was not very good.

We haven't received much help from the team. They haven't tried to make it better or more user-friendly. 

They need to make the monitor better.

They really need to focus on security issues. Every manager is most concerned with this and that must be at the forefront of future designs. 

I've been using the solution for three or four years. 

It is very stable and reliable. There are no bugs or glitches. I'd rate the stability nine out of ten. It doesn't crash or freeze. 

The scalability is okay. I'd rate it between five and seven out of ten. 

We have 2,000 users on the solution right now. 

The technical support is good overall. 

Neutral

I did not use a similar product previously. 

The solution is very simple to set up. It is very easy to connect all other Fortinet products to this solution. 

The pricing is reasonable. I'd rate the affordability four out of ten, where ten is the most expensive.

I'd rate the solution five out of ten overall. It's an okay product that needs to be easier to use. 

FortiAnalyzer is a log analytics tool. Our company has around 600 to 700 people.

FortiAnalyzer helps us discover what's happening on the network.

They could always improve the interface and the user experience.

I have used FortiAnalyzer for four or five years.

I rate FortiAnalyzer eight out of 10 for stability.

Scalability is irrelevant to me because we have a small setup. One analyzer is enough for me.

Setting up FortiAnalyzer isn't complex and takes two or three hours. They have a prebuilt OVA we can deploy using Ansible. Next, we configure FortiGate to send the logs to the FortiAnalyzer. You can also download premade reports on the portal.

You pay an annual license based on the volume of logs per day.

I rate FortiAnalyzer seven out of 10.

Most of our clients are banking and financial institutions, so their data doesn't go to the cloud as such. Their data is on-premises only. Some of our clients can go to the cloud to save the price and do management, administration, and so on, but then most of our clients, use on-premises FortiAnalyzer.

Fortianalyzer helped us to manage fortigate devices and update them from central location.

I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the issues with the network traffic such as any security issues to be valuable. I also like the compliance reports.

It is a very stable and scalable solution.

One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs. There were false positives, so we needed to have some ratings related to false positives.

It is easy to set up is you have FortiGate firewalls. We tried setting up with other devices, and I don't think it supports other firewalls or other devices. If it did, then it would have been great because we would have been able to use FortiAnalyzer for hybrid environments with different OEM firewalls.

If we can have an intelligent analysis system which will detect false positives and detect the exact problem, it would be great.  If FortiAnalyzer can integrate with FortiSIEM and give us threat reports, that will also help because then I won't need to have another tool or another dashboard which I need to look out for.

I've been using it for four years.

It is a very stable product, and we have had no issues at all.

It is easy to scale; there are no challenges.

The technical support is good. Most of the time, when we escalate the tickets the second line of support, FortiGate support, has been very good. The first line might take up time, but the second line of support resolves the case quite quickly.

Yes we used checkpoint for our organisation , but it was a complex system to manage, we expect a firewall to be a simple device to avoid complexity.

The initial setup is quite simple with FortiGate devices. So, if you have FortiGate firewalls, it is quite easy to set up. Once Fortinet FortiAnalyzer is configured, then the only thing we need to do is to monitor it.

When you compare with other firewall vendors, FortiAnalyzer is quite competitive in pricing. They are very aggressive as well.

Yes we did evaluate paloa alto , but it went into backburner due cost factor.

If you have critical objects to protect or critical data to protect, then you should go for FortiAnalyzer.

On a scale from one to ten, I would rate Fortinet FortiAnalyzer at eight.

Most importantly, it is for the administration of Forti fabric devices and reporting of Forti fabric, and being able to generate reports. It's for logging. All 40 fabric devices are able to send logs to FortiAnalyzer. Basically, the use cases are for administration, reporting, and logging.

Logging is the best feature. 

I like how everything is integrated with the FortiGate devices, FortiAuthenticator, and other fabric devices. You're able to see all the login details for the administration of FortiGate. It offers great user connectivity using that Fortinet embodiment of the user. It gives you all those login information details.

It's easy to set up.

The solution is stable.

It can scale well. 

It's very user-friendly.

The fact that it only works with FortiGate devices is quite unfair. We would like to do the reporting, logging, and administration of all the public devices and all the IoT devices. We wish to add the switches, and routers from different vendors, so it's not a vendor-specific diagnostic solution.

I've been using the solution for four years now. 

The product is 100% stable. I haven't found any issues with FortiAnalyzer. It's reliable.

Depending on the licenses you procure, the number of devices, and the storage space that you have, to be able to attain those logs and reports, the solution can scale. 

Support is great. Usually, when you call on them, they are right on time, and they'll be able to assign an engineer for remote session support.

Positive

Setting the solution up is pretty easy. It's just a matter of integrating with the Fortinet public devices. FortiGate will start sending logs and then reports to FortiAnalyzer.

Once it is set up, the solution is easy to maintain.

I'm not sure about the exact licensing costs.

I'm working with the latest version of the solution. 

We've done on-premises and cloud deployments. 

Usually, clients who don't have SIEM or Nag solutions find FortiAnalyzer quite effective as it's going to give them identification of the user activity reports on different IO devices and the usage of devices. It gives you visibility of your entire infrastructure.

I'd recommend the solution. It's very user-friendly.

I'd rate the solution eight out of ten.

We're a managed service provider and we use Fortinet FortiAnalyzer to generate reports for our customers. We manage our customer's Fortinet environment and FortiAnalyzer allows us to send a monthly report or on-demand report to our customers.

The solution does what it is supposed to. I want it to do reports for Fortinet and it does it well.

The FortiAnalyzer is not good at managing multi-version environments. If all your FortiGate are at different versions in the field, that's difficult. The one thing we didn't like is the fact you have to have 100% of your environment at the same release, which is not pleasant, to have it fully functional. You can have a different release, but to have it fully functional 100% of your environment has to be the same release.

In a future release, if they could turn they could turn Fortinet FortiAnalyzer into a multi-vendor supporting tool it would be awesome. However, I do not think this will happen.

I used Fortinet FortiAnalyzer for approximately two years.

Fortinet FortiAnalyzer is scalable.

Fortinet FortiAnalyzer is easy to scale. We have approximately 50-100 employees using this solution.

We have other log analyzers, but we have found with Fortinet FortiAnalyzerwhen you have a Fortinet environment, it's fully integrated. This was what we were looking for, we were not looking for multi-vendor solutions, we were looking for the best log analysis tool for Fortinet.

The solution is easy to set up.

We found the price of Fortinet FortiAnalyzer to be reasonable.

I would advise those wanting to use Fortinet FortiAnalyzer to use an MSP, to use a managed service provider, they can call us.

I rate Fortinet FortiAnalyzer an eight out of ten.

The Primary case is to collect & monitor logs & events from all of our firewalls and appliances in one single interface with analysis

Our work has been more focused and efficient due to the automatic notifications and reports

You can monitor all appliances from a centralized location. 

You have a front dashboard for all our operations and all the logs. If you need to search for anything you can just dig deep into the logs.

For example, if you are searching for an email to find out why it is blocked, you will be able to see the policy that blocked it, which logs were triggered, etc... It gives you all the information you need right there, from the dashboard.

The solution offers excellent customizable reports. In our case, we needed a monthly report of all internet consumption, and we were able to easily create this.

There are pre-defined templates. The logs cover any question or need that we populate within these templates. However, you can also build your own template.

There is great analytics that can be used in different departments. For example, our marketing department can go more into media patterns and not just into browsing patterns.

Everything is easily visible and can be tracked and studied.

SOC is very helpful. It shows which IPs are targeting your environments. It shows you the threat levels of all the threats you're facing - including the locations, which policy was triggered et cetera. It will even tell you if the system blocked the threat or not.

FortiAnaylzer is compatible with all of our web browsers. 

There are customizable workflows that you can work with. You can automate certain tasks in FortiAnaylzer in the incidents and events sections. 

It is a pretty big software package. It has a lot of features which maybe aren't that useful. 

It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot.

The could be more automation and more artificial intelligence integrated into the solution.

It was a service model application originally. It needs to have some artificial intelligence in dealing with the analysis of the nodes, and not just showing the nodes. I'm one version behind the latest version, so I don't know if they added it yet, however, if they haven't it would be a good thing to put into their roadmap.

I've been using the solution for four years.

My solution is based on VM ova image which is predefined by Fortinet. I don't remember when was the last time I restarted the machine which shows no matter what is the size of logs collected the system doesn't crash.

The scalability is pretty good. It's only limited in the log size. You can buy five gigs or 10 gigs if you need to. It depends on how you're going to handle/store the logs.

That said, it is scalable since you are only billed with the size of logs you are using as per the packages and you don't need to modify the cpu/ram. I have it installed on a VM environment and it's connecting to data all over my sites that are both inside and outside Lebanon.

Technical support is perfect whether from the vendor or from the online support. I'm lucky to have a partner in Lebanon who is a preferred platinum partner with Fortinet. Whenever we open a case with them we always get a clear response. They are professional. We're quite satisfied with the level of support we are getting.

It is very straight forward, the only thing that you might do some customization in the report and the event management. Other than this everything is predefined and based on templates, so you are able to add your touch on the reports as well.

I have implemented it with a vendor who is the leader in our region working with Fortinet Solutions.

We're Fortinet end-users.

I was on older versions and now I'm with a newer version. People have faced many issues after downloading the latest update so I tend to keep one update back from the newest one to avoid issues.

I'd advise other potential users that, first of all, if they have Fortinet products in their environment, they should consider FortiAnaylzer. If they don't have it, they shouldn't consider it. They need to have Fortinet appliances.

Secondly, it is a very easy configuration, so companies will not have any problems configuring the FortiAnaylzer. It doesn't require a lot of resources.

We're going to bring a dedicated server for our FortiAnaylzer due to the fact that it is a bit of a predefined virtual machine that we can download from Fortinet's side. If you don't want to go deep in the reports and logs, it can rely on the built-in reporting tools in your appliances.

If you happen to have three Fortinet solutions in your environment then you need to have a FortiAnaylzer as it helps a lot in troubleshooting. It helps a lot with predicting everything that you might see happening on a lot on your network. You will need to have FortiAnaylzer due to the fact that the reporting is not that advanced in the appliances.

Overall, I'd rate the solution eight out of ten. If it was more automated and added in some AI elements, I would rate it higher.

We're a service provider. Our clients use the solution for log management.

We are using physical and virtual end ware. We have a physical and logical virtual environment for using this platform, which we provide to our customers.

We are utilizing the previous site end dividers and the IPS, IDS DDoS features. 

The log analysis and reporting are both quite good. 

The solution doesn't have online analysis. We can't analyze certain parts of the logs. For example, we can't analyze current logs.

It would be helpful if we could use the system we use to monitor everything to also check the live traffic or live logs.

The solution lacks business intelligence features. It's much too basic.

I've been using the solution for two or three years.

The solution is stable. We've never faced issues.

The solution does not scale easily. It's a hardware solution. We have FortiAnalyzer hardware, and since it has a hardware agent on the storage ware, it requires Forti capacity for analyzing purposes. There's only a finite amount of space in the hardware itself. It isn't infinite.

We've dealt with technical support in the past and we've been very satisfied at the level of support we've received so far.

The initial setup varies from company to company. Some are straightforward, some are complex.

Deployment is a simple task. FortiAnalyzer comes with the hardware version and a virtual agent. We just deploy and integrate it with the other Fortinet products.

There is a lot of competition for Fortinet in this area, including USM and Palo Alto.

We are Fortinet partners.

For those organizations that need to use a product for reporting or some analysis of logs, this is a good solution. 

I'd rate the solution seven out of ten. The features are basic, and there's not too much business intelligence behind them. If it offered more of that, I'd rate it higher.

We use the solution for log analysis.

The analyzer is the most valuable feature.

The deployment is complex and has room for improvement.

I have been using the solution for five years.

The solution is stable.

The initial setup is complex. The deployment took a few hours.

The implementation was completed with an integrator.

We pay for an annual license.

I give the solution a six out of ten.

I do not recommend the solution.