We just raised a $30M Series A: Read our story

Fortinet FortiAnalyzer OverviewUNIXBusinessApplication

Fortinet FortiAnalyzer is the #7 ranked solution in our list of Log Management Software. It is most often compared to Splunk: Fortinet FortiAnalyzer vs Splunk

What is Fortinet FortiAnalyzer?
FortiAnalyzer Network Security Logging, Analysis, and Reporting Appliances securely aggregate log data from Fortinet Security Appliances. A comprehensive suite of easily customable reports allows you to quickly analyze and visualize network threats, inefficiencies and usage. FortiAnalyzer is one of several versatile Fortinet Management Products that provide a diversity of deployment types, growth flexibility, advanced customization through APIs and simple licensing.
Fortinet FortiAnalyzer Buyer's Guide

Download the Fortinet FortiAnalyzer Buyer's Guide including reviews and more. Updated: October 2021

Fortinet FortiAnalyzer Customers
General Directorate of Information Technology
Fortinet FortiAnalyzer Video

Pricing Advice

What users are saying about Fortinet FortiAnalyzer pricing:
  • "When you compare with other firewall vendors, FortiAnalyzer is quite competitive in pricing."

Fortinet FortiAnalyzer Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Imad Awwad
Group IT Manager at a manufacturing company with 1,001-5,000 employees
Real User
Top 5Leaderboard
Great dashboard with customizable reporting and excellent logs

Pros and Cons

  • "There are customizable workflows that you can work with. You can automate certain tasks in FortiAnaylzer in the incidents and events sections."
  • "It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot."

What is our primary use case?

The Primary case is to collect & monitor logs & events from all of our firewalls and appliances in one single interface with analysis

How has it helped my organization?

Our work has been more focused and efficient due to the automatic notifications and reports

What is most valuable?

You can monitor all appliances from a centralized location. 

You have a front dashboard for all our operations and all the logs. If you need to search for anything you can just dig deep into the logs.

For example, if you are searching for an email to find out why it is blocked, you will be able to see the policy that blocked it, which logs were triggered, etc... It gives you all the information you need right there, from the dashboard.

The solution offers excellent customizable reports. In our case, we needed a monthly report of all internet consumption, and we were able to easily create this.

There are pre-defined templates. The logs cover any question or need that we populate within these templates. However, you can also build your own template.

There is great analytics that can be used in different departments. For example, our marketing department can go more into media patterns and not just into browsing patterns.

Everything is easily visible and can be tracked and studied.

SOC is very helpful. It shows which IPs are targeting your environments. It shows you the threat levels of all the threats you're facing - including the locations, which policy was triggered et cetera. It will even tell you if the system blocked the threat or not.

FortiAnaylzer is compatible with all of our web browsers. 

There are customizable workflows that you can work with. You can automate certain tasks in FortiAnaylzer in the incidents and events sections. 

What needs improvement?

It is a pretty big software package. It has a lot of features which maybe aren't that useful. 

It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot.

The could be more automation and more artificial intelligence integrated into the solution.

It was a service model application originally. It needs to have some artificial intelligence in dealing with the analysis of the nodes, and not just showing the nodes. I'm one version behind the latest version, so I don't know if they added it yet, however, if they haven't it would be a good thing to put into their roadmap.

For how long have I used the solution?

I've been using the solution for four years.

What do I think about the stability of the solution?

My solution is based on VM ova image which is predefined by Fortinet. I don't remember when was the last time I restarted the machine which shows no matter what is the size of logs collected the system doesn't crash.

What do I think about the scalability of the solution?

The scalability is pretty good. It's only limited in the log size. You can buy five gigs or 10 gigs if you need to. It depends on how you're going to handle/store the logs.

That said, it is scalable since you are only billed with the size of logs you are using as per the packages and you don't need to modify the cpu/ram. I have it installed on a VM environment and it's connecting to data all over my sites that are both inside and outside Lebanon.

How are customer service and technical support?

Technical support is perfect whether from the vendor or from the online support. I'm lucky to have a partner in Lebanon who is a preferred platinum partner with Fortinet. Whenever we open a case with them we always get a clear response. They are professional. We're quite satisfied with the level of support we are getting.

How was the initial setup?

It is very straight forward, the only thing that you might do some customization in the report and the event management. Other than this everything is predefined and based on templates, so you are able to add your touch on the reports as well.

What about the implementation team?

I have implemented it with a vendor who is the leader in our region working with Fortinet Solutions.

What other advice do I have?

We're Fortinet end-users.

I was on older versions and now I'm with a newer version. People have faced many issues after downloading the latest update so I tend to keep one update back from the newest one to avoid issues.

I'd advise other potential users that, first of all, if they have Fortinet products in their environment, they should consider FortiAnaylzer. If they don't have it, they shouldn't consider it. They need to have Fortinet appliances.

Secondly, it is a very easy configuration, so companies will not have any problems configuring the FortiAnaylzer. It doesn't require a lot of resources.

We're going to bring a dedicated server for our FortiAnaylzer due to the fact that it is a bit of a predefined virtual machine that we can download from Fortinet's side. If you don't want to go deep in the reports and logs, it can rely on the built-in reporting tools in your appliances.

If you happen to have three Fortinet solutions in your environment then you need to have a FortiAnaylzer as it helps a lot in troubleshooting. It helps a lot with predicting everything that you might see happening on a lot on your network. You will need to have FortiAnaylzer due to the fact that the reporting is not that advanced in the appliances.

Overall, I'd rate the solution eight out of ten. If it was more automated and added in some AI elements, I would rate it higher.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Luis Gerardo Gonzalez
Systems Architect at ZENTIUS
Reseller
Top 10
Great UI, good performance, and never crashes

Pros and Cons

  • "Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine."
  • "It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software. It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow."

What is our primary use case?

We mostly use the FortiAnalyzer VM. We sell the license for this solution and also the professional service to have it. 

There are different types of business needs of our clients because they're in different business areas. We have firewalls on them. Some of them are on the perimeter network, and some of them are being used as the core network solution. We collect all the logs from their FortiGates. 

In some cases, we also use FortiWeb, which is a web application firewall. We also use FortiMail, which is an email protection solution or email security solution. We gather all the logs on FortiAnalyzer, and we try to do some flat counting and identify behavior or do behavior analysis from those logs and see what is interesting. Our team analyzes those events so that we can prevent any disruption of service because of the security, vulnerability, or issue.

What is most valuable?

Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.

What needs improvement?

It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software.

It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow

For how long have I used the solution?

I have been using this solution for five years. 

What do I think about the stability of the solution?

We have the box or the VM running for more than a couple of years now. We do upgrade so that we can add new features that Fortinet is releasing, but it is pretty stable. It never crashes.

What do I think about the scalability of the solution?

It is a little complex in terms of scalability and mostly because we're using a kind of high-end systems. For scaling, you have to order a different licensing and move more power and computing into a new architecture. It doesn't have that much scalability.

Our clients are SMB or small and medium businesses, but we also have plenty of customers on the campus wide area network.

How are customer service and technical support?

I would rate them a five out of ten. They will have to move their base locations to a different city. I'm not a native speaker of English, and sometimes, when we're trying, there is a language barrier. They're located in India or some Middle East city. They can do really better. Sometimes their response is not as adequate as other vendors.

How was the initial setup?

It was very straightforward. The deployment could take a couple of days to fine-tune all the rules for log management.

What other advice do I have?

There are plenty of solutions. Fortinet FortiAnalyzer is very helpful if you are really into FortiGate devices. We handle other firewalls, but 80% to 85% of them are Fortinet, so it is a very good solution because it has native integration with everything, but I wouldn't recommend it if you have less than 50% of Fortinet firewalls. If you have agnostic technology, you can integrate all of them into the same solution. FortiAnalyzer is only for FortiGates right now.

I would rate Fortinet FortiAnalyzer a nine out of ten. It just needs more integration with IT service management tools for endpoint detection and response, which is the main objective.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,608 professionals have used our research since 2012.
Rupsan Shrestha
Technical Presales Engineer at Dristi Tech Pvt.ltd
Real User
Top 5
Provides very good metrics, visibility of the network and does what a network analyzer should do

Pros and Cons

  • "The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."
  • "They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products. It would also be good to include customizable reports and customizable views of the reports."

What is our primary use case?

Generally, Fortinet FortiAnalyzer gives you visibility around the network. You can track and monitor devices and pick the surrounding network. You can see which packets are being sent to the network, who the users are, and what are they using. You can also view the policies and firewall rules that are being used, the IDs that are being connected to, and the IP address a particular user is using.

Basically, it's a SOC. It's a security operations device. We use it for continuous monitoring, and it takes a team to do so. In my organization, three to four people are using it on a daily basis.

What is most valuable?

The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. 

It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well.

What needs improvement?

They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products.

It would also be good to include customizable reports and customizable views of the reports. 

For how long have I used the solution?

I have been using Fortinet FortiAnalyzer for about five to eight months. We are using the latest version. We have deployed it on-premises as a VM.

What do I think about the stability of the solution?

It's pretty stable.

What do I think about the scalability of the solution?

I'd say that it's very scalable. Scalability depends on which version of the appliance you're using. 

If you're using a hardware-based appliance, it's obviously tough to scale as that would require purchasing new devices. If you go to cloud services or virtual services, it's pretty easy to scale. You need to purchase new VMs and add the IOCs that you need, which is easy. 

How are customer service and technical support?

I have contacted technical support, but not particularly regarding Fortinet FortiAnalyzer. I have only contacted them for firewalls and routing issues. I have not yet contacted them for things related to Fortinet FortiAnalyzer.

How was the initial setup?

It's very easy and straightforward. You just need the point the FortiGate devices to your Fortinet FortiAnalyzer, and it just automatically configures the security fabric. The time depends on how many devices you're actually using. Configuring one device into your Fortinet FortiAnalyzer takes about five minutes or so.

What about the implementation team?

The deployment was pretty straightforward. I didn't need any help in setting it up. I did it myself very easily. It comes with useful guidelines for setting it up. They also provide documentation and information through their website.

One person can easily do the deployment, but the main goal of the solution is to continue to monitor the regular network traffic for which a team is required. Our software team is responsible for handling such things.

Which other solutions did I evaluate?

This product is only dedicated to packet analyzing, automation, and things like that. I have not used analyzers of other vendors. However, other solutions do provide similar functionalities. 

What other advice do I have?

It is kind of a very good network packet analyzer solution. It does what a network analyzer should do, and it does it very well. 

In terms of firewalls and using network analyzers, Fortinet has always been the leader among the leaders. Fortinet provides very good features and products. Specifically, if you want to use Fortinet FortiAnalyzer, you need to have a FortiGate environment. You need at least one FortiGate or other similar product in your network. So, if you are already using or are into Fortinet products, then FortiAnalyzer is a very good product to add on top of other products. Having only FortiAnalyzer in your network is kind of useless.

I would rate Fortinet FortiAnalyzer a nine out of ten. It's a very good product.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Dilip Saraf
Regional Head at MASS INFONET (P) LTD.
Real User
Top 5Leaderboard
Review about Fortinet FortiAnalyzer

Pros and Cons

  • "The solution allows for a lot of customization."
  • "Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues."

What is our primary use case?

We primarily distribute this product to our clients.

What is most valuable?

When you need the reporting on the ISP, you will hand it to FortiAnalyzer. It works amazingly well. 

With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer.

The solution is very complete.

The product is very simple to use. 

It's regularly updated with many versions constantly adding more content and information.

The solution has sandboxing, IPS, and DPS as well.

The solution allows for a lot of customization.

Whether it's FortiAnalyzer, FortiManager, FortiGate, FortiIP, and FortiSwitch you can manage everything through a single console. That is the beauty of Fortinet. It's the security fabrics on offer. When you use the security fabrics, harnessing that control on a single dashboard makes everything so easy and manageable. 

What needs improvement?

There aren't any features missing. It's very complete.

Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues.

The solution has some limitations. We use MNC, and it has a US patent. Here we can do this thing but we maybe can't do that thing. They provide some documents to customers, but the customers want remote support to take on and/or finish the work. That's why I have the deployment team in place. It's a team within our team.

For how long have I used the solution?

We don't really use the solution. We sell the solution to our clients.

What do I think about the stability of the solution?

We've never had issues with stability. It's excellent. There are no bugs or glitches. It doesn't crash or freeze. It's very reliable.

What do I think about the scalability of the solution?

The scalability is good. If a company needs to scale the solution, they are able to do so very easily.

How are customer service and technical support?

We have our own technical support offering and have 22 people handling everything from tickets to critical issues. It's L3 support, not L2 or L1.

Fortinet's support, on the other hand, has a slow response time. That's why we handle issues. If you put in a ticket with Fortinet, you may not get a response for 15 or 20 days. Our response time is much quicker.

Which solution did I use previously and why did I switch?

We deal specifically in Fortinet products. We don't sell other solutions to our clients.

How was the initial setup?

The initial setup is not complex at all. It's very straightforward.

Deployment is very easy. If you're using multiple gateways you can just connect through a single gateway. 

What other advice do I have?

We are an official partner and distributor of Fortinet in Maharashtra and Goa. We have only Fortinet products, and we are the sales stockist and we also offer our services. We have a limited portfolio and handle products such as FortiGate, FortiManager, FortiSwitch, and FortiED as well as FortiAnalyzer.

You can see in the Gartner report, Fortinet remains in the top tier of products, alongside Palo Alto and Check Point. Even Sophos and Sonic Wall aren't as highly ranked as Fortinet.

There isn't much competition locally on the market here. Palo Alto is technically a competitor, however, it lacks a few things that Fortinet already has.

I would definitely recommend the product. In fact, I would recommend the whole Fortinet portfolio to each and every client. Of course, which product would depend on the client requirements. All are excellent.

I'd rate the solution ten out of ten. Technical support is lacking, however, we have an internal team that can fulfill those needs.

Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
VD
Implementation Manager at a tech services company with 51-200 employees
Reseller
Top 10
Easy to implement and robust with good technical support

Pros and Cons

  • "The solution is very easy to deploy."
  • "In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short."

What is our primary use case?

We're resellers of Fortinet. The solution is a product for doing diagnostics on their security environment. Our primary clients are banks or medical organizations.

What is most valuable?

The solution is very easy to deploy. 

We are very familiar with the product. It makes it easy to use and implement. 

The interface is easy to configure and fast to deploy. For that reason we use FortiAnalyzer.

What needs improvement?

FortiAnalyzer only works with other Fortinet products. If you need to analyze the data from other devices, other vendors, this solution is not the best one to use.

The interoperability with other vendors is lacking. It's very limited. You can scan the logs from other vendors within FortiAnalyzer, however, it only collects these logs. You can't analyze anything coming from other devices or vendors. This works very well with Fortinet products. When you need to interoperate with other vendors, it's difficult, because you don't have that support.

In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short.

For how long have I used the solution?

We've been using the solution for more than ten years at this point. It's been a decade or so.

What do I think about the stability of the solution?

The stability of the solution is excellent. It's very robust. We don't have issues with bugs or glitches. It doesn't crash or freeze. It's extremely reliable.

What do I think about the scalability of the solution?

The scalability is okay, however, it depends. If you do your homework and make the right sizing, you don't need the scalability. However, if you need scalability, it depends on the kind of client. You may need to change the box or move the FortiAnalyzer to another analyzer - something bigger - or maybe move the analyzer hardware to a better machine, depending on the customer.

Normally, we deal with small to medium-sized organizations.

How are customer service and technical support?

The technical support is very good. We have support right here in our country, and they give us very good support. We don't have a problem in this case. We've very satisfied with the level of service we get.

How was the initial setup?

The initial setup is not complex at all. It's very, very straightforward.

The deployment is quick and it's easy to configure. How long it takes depends on the size of the company that we are working for. Normally, we're able to do it within the same day, and we deploy the device or the virtual machine within that time frame. Depending on the requirements of the company, we may also optimize the reporting.

What about the implementation team?

We handle the deployment ourselves. We've been doing it for so long at this point, we've very comfortable with it.

What other advice do I have?

We use different deployment versions of Fortinet solutions. We use, for example, 200E and 200D and 100 too. These are the most popular. Right now, use the virtual environment.

This is a product that is very good for when you're using a Fortinet ecosystem. If you have a mix of vendors, it's not recommended.

Overall, I would rate the solution at a nine out of ten. We've been quite happy with their offering.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
EV
Conseiller en architecture technologique at a government with 1-10 employees
Real User
Top 5
Stable with good technical support and a good user experience

Pros and Cons

  • "The user interface is good and it is quite easy to use."
  • "From my point of view, at this time, the solution isn't lacking any features or functionalities."

What is our primary use case?

We primarily use the solution in order to analyze data.

If you have two devices that need to communicate with each other, so you can see where any issue is as you can see every single communication. It shows the flux of communication.

What is most valuable?

The most valuable aspect of the solution is its ability to pinpoint where the issue is. If two devices need to communicate together, you can see which interfaces they are using. 

The stability has been very good so far. We haven't had any issues with it.

Technical support is always quite responsive and very helpful.

Overall, the product is quite good. It integrates well and has good reporting and logging.

The user interface is good and it is quite easy to use.

What needs improvement?

From my point of view, at this time, the solution isn't lacking any features or functionalities. It's very complete for our purposes.

For how long have I used the solution?

I've been working with the solution for less than a year. It's still quite new to me.

What do I think about the stability of the solution?

The product has been quite stable. There are no bugs or glitches. It doesn't crash or freeze. Its been reliable in terms of performance overall.

What do I think about the scalability of the solution?

I can't speak to the scalability. It's not an aspect of the solution I've tried to deal with. I'm unsure if it expands easily or if it would be difficult to do so.

How are customer service and technical support?

I personally have opened two tickets with technical support in the past and everything has gone very well. They were knowledgeable and responsive and they helped me solve the issues. I have no complaints about their level of service. I've been very satisfied with them.

How was the initial setup?

By the time I joined my current organization, the solution was already installed and configured. Unfortunately, I was not a part of the process and therefore can speak to how easy or difficult it was.

What's my experience with pricing, setup cost, and licensing?

I don't handle the licensing or the costs. I can't speak to how much it is for our company or if it is expensive or affordable. I'm not privy to that kind of information.

That said, it's my understanding, as a comparison, that Fortinet products are cheaper than their Cisco counterparts.

What other advice do I have?

We just installed our latest version a few weeks ago. It's the brand-new version of the product.

For those considering the solution, I've been told that it's cheaper to buy Fortinet or FortiGate instead of buying Cisco ASA. If cost is a concern, it might be a good idea to look at Fortinet.

We are just customers and end-users of Fortinet. We don't have a business relationship with them.

Overall, I would rate the solution at an eight out of ten. It's largely been very good.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
OS
Security Engineer at a tech services company with 1-10 employees
Real User
Top 5
Easily allows for multiple cluster groups but the GUI needs improvement

Pros and Cons

  • "The scalability is good. It is also good in the cluster nodes. You can make multiple FortiAnalyzer clusters groups, and you can distribute the logs between these FortiAnalyzer nodes. In other words, you can expand the scale."
  • "In terms of what could be improved, sometimes it's lagging and it also has some graphical issues with the GUI."

What is most valuable?

Fortinet FortiAnalyzer is simple and reliable. It does what the product says it would do. We have a lot of replacements in Turkey, Palo Alto, Check Point, and Forcepoint. We are replacing these various vendors with Fortinet products. But there are some software issues, like bugs or bug fixes. Otherwise, we are very happy with Fortinet products.

What needs improvement?

In terms of what could be improved, sometimes it's lagging and also has some graphical issues with the GUI. The correlation mechanism and the analytics are not as good as the competitors like Check Point or Panorama. But for IoT and SoT, it has graphical dashboards and analytical diagram tables that can correlate various logs from other products like FortiMail and FortiWeb, so it is a good mechanism for Fortinet products. If you have various Fortinet products for your firm, you can use FortiAnalyzer like a synchro mechanism.

But it needs development for software issues like the GUI bug, some logs not showing, not collecting some logs... They need to fix them.

For how long have I used the solution?

I have been using Fortinet FortiAnalyzer for almost five years and maybe six years experience with Fortinet products.

What do I think about the scalability of the solution?

The scalability is good. It is also good in the cluster nodes. You can make multiple FortiAnalyzer clusters groups, and you can distribute the logs between these FortiAnalyzer nodes. In other words, you can expand the scale.

How are customer service and technical support?

We have SLA agreements with the customers, so we are giving the technical support.

How was the initial setup?

The initial setup is very simple.

If it is an individual environment, it may take one hour to complete the entire initial setup.

If the hardware requires physical adjustments for the cabinet location or the protected area, then it may take 2 hours.

What other advice do I have?

I would absolutely recommend FortiAnalyzer. Fortinet products have internal logging mechanisms if they have internal disks or stores. But if you have multiple location SD-WAN branches for multiple areas you are controlling with FortiGate, the hardware doesn't give any disk or storage, only limited storage. So if you want to go further on the logging, you have limited options, maybe one week or two weeks. So if you're using a FortiAnalyzer in the SD-WAN branches, you have a centralized logging mechanism, so you can collect all the logs in a  central location and you can make the correlations or analytics with all the devices. Otherwise, you can go device, device to see what is happening on each site.

On a scale of one to ten, I would give Fortinet FortiAnalyzer a seven.

To improve this rating, as I mentioned, I need to see the older bugs, the graphical user experience, made better, like Check Point. Check Point is more visual than FortiAnalyzer. If the customer has experience with the Check Point logging mechanism, they will seek additional features in the FortiAnalyzer, but it has to be more visual. 

So as I said, the graphical issues must improve.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Yati Gharat
Chief Technology Officer at Litmus
Real User
Top 5
Can be used by institutions whose data needs to be on-premises and not in the cloud

Pros and Cons

  • "I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the issues with the network traffic such as any security issues to be valuable. I also like the compliance reports."
  • "One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs. There were false positives, so we needed to have some ratings related to false positives."

What is our primary use case?

Most of our clients are banking and financial institutions, so their data doesn't go to the cloud as such. Their data is on-premises only. Some of our clients can go to the cloud to save the price and do management, administration, and so on, but then most of our clients, use on-premises FortiAnalyzer.

What is most valuable?

I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the issues with the network traffic such as any security issues to be valuable. I also like the compliance reports.

It is a very stable and scalable solution.

What needs improvement?

One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs. There were false positives, so we needed to have some ratings related to false positives.

It is easy to set up is you have FortiGate firewalls. We tried setting up with other devices, and I don't think it supports other firewalls or other devices. If it did, then it would have been great because we would have been able to use FortiAnalyzer for hybrid environments with different OEM firewalls.

If we can have an intelligent analysis system which will detect false positives and detect the exact problem, it would be great.  If FortiAnalyzer can integrate with FortiSIEM and give us threat reports, that will also help because then I won't need to have another tool or another dashboard which I need to look out for.

For how long have I used the solution?

I've been using it for four years.

What do I think about the stability of the solution?

It is a very stable product, and we have had no issues at all.

What do I think about the scalability of the solution?

It is easy to scale; there are no challenges.

How are customer service and technical support?

The technical support is good. Most of the time, when we escalate the tickets the second line of support, FortiGate support, has been very good. The first line might take up time, but the second line of support resolves the case quite quickly.

How was the initial setup?

The initial setup is quite simple with FortiGate devices. So, if you have FortiGate firewalls, it is quite easy to set up. Once Fortinet FortiAnalyzer is configured, then the only thing we need to do is to monitor it.

What's my experience with pricing, setup cost, and licensing?

When you compare with other firewall vendors, FortiAnalyzer is quite competitive in pricing. They are very aggressive as well.

What other advice do I have?

If you have critical objects to protect or critical data to protect, then you should go for FortiAnalyzer.

On a scale from one to ten, I would rate Fortinet FortiAnalyzer at eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Product Categories
Log Management
Buyer's Guide
Download our free Fortinet FortiAnalyzer Report and get advice and tips from experienced pros sharing their opinions.