Fortinet FortiSIEM Primary Use Case
I am part of the team that implements the solution, and we hand it over to the operations team. We use FortiSIEM to ingest logs. The customer provides us with the IPs for the log sources, and we add them to the FortiSIEM dashboard. We can check the logs for signs of malicious access from outside devices and set rules based on the customer's preferences.
View full review »We primarily use the solution for security.
View full review »We use the solution to collect logs from critical servers on the customer's infrastructure, like Active Directory, and a few security devices, like firewall, proxy, and antivirus setup. Our team monitors the log. If we get an alert, we take the necessary action in the development environment.
View full review »Buyer's Guide
Fortinet FortiSIEM
March 2024
Learn what your peers think about Fortinet FortiSIEM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
FortiSIEM analyzes the logs from all the servers and firewalls.
View full review »VA
reviewer2305767
CISO at a financial services firm with 501-1,000 employees
We use the solution for monitoring, intrusion detection, and user behavior analytics. We run the dashboards to detect anomalies. We have our own incident tracking solution. We use it to track the time to detect versus the time to resolve and close the ticket.
View full review »We are using the solution for our customers.
View full review »CO
Cletus Okolie
Senior Network Associate at AMCON, Inc.
We're using it to manage devices on the network. We get real-time incident reports on changes done on the servers and changes on routers and switches. They also use it to provide reports to management on activities, incidents, and events.
View full review »We use the Fortinet FortiSIEM tool for log monitoring and alert generation. We use Fortinet FortiSIEM to collect logs from the critical servers of the customer's infrastructure, like active directory servers and file servers. We also collect logs from a few security devices like the firewall, the proxy, and the antivirus setup. Based on that, our team checks the logs, and we get an alert to take action on the development.
View full review »RE
reviewer1755144
Director, Infrastructure and Operations at a comms service provider with 11-50 employees
We have eight use cases installed, and we are collecting log sources from most of the relevant endpoints. We did all that configuration ourselves. So, the product didn't really have a lot to do with it.
It is deployed on a private cloud. We manage the cloud infrastructure ourselves, and its primary purpose is to monitor and protect our network devices and our own business systems, not necessarily our customer-facing services.
We are most probably on version 3. We are not on the current release.
View full review »I primarily use FortiSIEM for Rwandan clients in banking and finance. Most of my clients require strictly on-prem solutions because of national data regulations. They are also skeptical of putting their data on the cloud, and the law requires all data to reside at a domestic data center.
We use the solution to monitor events and logs. It gives us a very powerful view of what is going on. We can configure it to send notifications of any malicious detection because it is based on an ML (machine learning) algorithm. Aside from using the solution to monitor the logs from different sources, we can also get detections because it has strong machine learning capability.
View full review »AB
Andre Boettcher
Solution Consultant at 1&1 Versatel Deutschland GmbH
FortiSIEM combines information from operations and integrates it into management.
View full review »SI
Sami Isoaho
Principal Cloud Architect at Viria Security Oy
We use Fortinet FortiSIEM for storage of security information and analysis, as well as for alerts from the 50-60 services that we have. All of our webs are linked to FortiSIEM. It's a form of SOC tool and data is used for identifying trends and what's happening around the networks. We're customers and end-to-end users when it comes to FortiSIEM, but for other Fortinet products we're either partners or a value-added reseller. I'm the principal cloud architect in our company.
We are using Fortinet FortiSIEM for multi-tenant SOC service.
Fortinet FortiSIEM is deployed in our data center, and we have one collector. Each client has a collector within their environment. We set up a collector within each client's environment, and then have a VPN connection from the client's environment to our environment.
View full review »We have an MSSP license and provide services to customers from various verticals like manufacturing, pharmaceutical, and MRD (Manufacturing, Retail & Distribution). We provide the services of Fortinet FortiSIEM to customers who cannot avail of costly on-premise services.
View full review »Fortinet FortiSIEM is used to retrieve logs from different sources, such as network switches, firewalls, and servers, that are running difficult operating systems. The solution adds intelligence to the process that can provide meaningful information for the data analyst to use.
The solution can be deployed on the cloud or on-premise.
View full review »DM
COCO BABY
Soc analyst at Konvergenz
I use the solution in my company since it provides ease of monitoring. My company uses the product to get reports for our customers and monitoring purposes, as per the customer's preferences.
View full review »If a customer is looking to establish a centralized monitoring and security solution, Fortinet FortiSIEM can be tailored to meet their specific needs effectively. This solution offers extensive customization options, making it possible to adapt it precisely to their requirements.
View full review »AK
reviewer1051230
Asst Programmer Data Center at a consultancy with 10,001+ employees
Our use case is for collecting logs and monitoring internet traffic through firewalls. We have Fortinet firewalls and Fortinet WAF. I'm a system programmer and we are customers of Fortinet.
View full review »HO
reviewer1061847
Research Associate at a comms service provider with 1,001-5,000 employees
My company is a partner of Fortinet FortiSIEM. We are a service provider and I take the solution from Fortinet and deploy it for my customers. We use the solution for security detection and response. This is a customer based solution, our customer's security admins and security operations use the solution, compromised of a team between three to five people.
View full review »AK
reviewer1051230
Asst Programmer Data Center at a consultancy with 10,001+ employees
We are creating our new dashboards and correlations as per our requirements with Fortinet FortiSIEM.
View full review »SM
SahrahMohammed
Network Security Engineer at Go Faster
We use FortiSIEM to protect our customers.
Our current client has 20 branches and we can connect from any branch to their headquarters. We have high availability between headquarters and branches via the VPN connection. We can protect our SD-WAN, as well.
View full review »RN
RakeshNaganna
Cyber Security Analyst at a retailer with 1,001-5,000 employees
We use it as our main SIEM tool for creating rules, creating alerts, monitoring, and accessing CMDB. We also use it to monitor a few more things related to writing security.
View full review »MC
Marcelo Canedo
Presales IT at a tech services company with 201-500 employees
I work in our presales department. We have three of our clients using Fortinet FortiSIEM.
The solution is useful to integrate logs from different sources so that there is a common place to see and create dashboards and the AI associated with event checking.
We have a common service desk for our customers that has three employees monitoring everything. It requires less than one person to watch the dashboards, send the alerts and call the back office during an event. The solution requires maintenance every three months to install the last stable version of the firmware.
View full review »SY
reviewer1905006
Senior Product Manager at a financial services firm with 201-500 employees
I am using Fortinet FortiSIEM to correlate events in our enterprise.
View full review »We are a partner, and we use this solution to ingest our customers' syslogs data for their firewalls.
View full review »DD
Drissa DOUMBIA
Network Security Engineer at Technicom Mali
It is used as an alerting platform and has an availability manager.
SC
reviewer1146195
Head - IT & SWIFT at a financial services firm with 1-10 employees
I use FortiSIEM for email events and security alarms.
View full review »MB
MarioBrito
chief of cybersecurity at ECSSA El Salvador
We are an enterprise that resells services. We are like a small MSSP for Salvador and Central America region. We provide services to other enterprises.
Our clients have multiple use cases. Its most common use case to detect logging events from different IP addresses or locations. It is used to detect simultaneous logins by the same user from different IP addresses or locations, such as from different countries. It is also used to detect any attempts to log in to a server with root privilege and trying remote access with root privileges.
View full review »TA
TalhaAktas
Security Manager at BKL
We primarily use the solution for integration with FortiGate Firewall. We use it for multiple authentification, malware detection, and protection from DDoS attacks.
View full review »We use Fortinet FortiSIEM for security, a gateway, and for authentication.
View full review »AK
reviewer1051230
Asst Programmer Data Center at a consultancy with 10,001+ employees
We primarily use it for all of our cloud space and for firewalls,and AWS security services etc., for example, for the email, Cloud watch and AWS security HUB
IS
Ishwor Shrestha
Security Analyst at netfiniti
I primarily use the solution as part of the firewall. I work mostly with banks and have extensive experience with configuring the VPN in relation to Fortinet.
SC
reviewer1497699
Partner at a security firm with 11-50 employees
We primarily use the solution for network and security monitoring.
View full review »AH
Solutionbff1
Solutions Consultant at a comms service provider with 51-200 employees
We primarily use the solution for collecting logs and duo correlation on our customer's premises.
View full review »AK
ICTenterprserv67
Manager, ICT Enterprise Services at a government with 201-500 employees
We use the on-prem deployment model of this solution. Our primary use case of this solution is for all of our infrastructure monitoring, applications, performance monitoring, and for security, incident, and event analysis.
View full review »SJ
reviewer993816
Senior Security Engineer at a tech services company with 1,001-5,000 employees
We have nearly 30 analysts currently using FortiSIEM.
View full review »PD
ParveshDhurmea
Assistant Engineer at Harel Mallac Technologies Ltd
Fortinet FortiSIEM can be used to detect unusual user and entity behavior on networks.
We currently are in the process of testing the solution.
View full review »MK
reviewer1720563
Technical manager at a tech services company with 11-50 employees
This solution is used to detect irregular user and entity behavior using machine learning.
View full review »JG
JoshuaGardner
IT Executive: Operations & Security at Icon Information Systems (Pty) Ltd
We run a Manage Security Services company and we use it in-house and for some of our clients. The service is a multitenant platform where our clients can log on to view and access various security-related activities and features. In more ways, it becomes like a cloud solution to them. We make use of a secure connection from the clients’ networks using collectors located on their premises back to our centralized SIEM platform.
View full review »IO
reviewer2335281
Cyber Security Analyst at a tech services company with 11-50 employees
We use the product for threat detection.
View full review »HH
reviewer1251210
Cybersecurity Engineer at a tech services company with 11-50 employees
We use this solution to collect logs.
View full review »RP
reviewer1645248
Security Engineer L1 at a media company with 11-50 employees
We are trying to onboard some devices, which we will analyze using Fortinet FortiSIEM.
Once it responds smoothly, we will onboard some clients with requests.
View full review »We're using FortiSIEM as the main metadata server for all the security and infrastructure devices. We integrate a lot of nodes, switches, firewalls, and sandboxes with it to gain and covers performance, availability, change, and security monitoring aspects of network devices, servers, and applications.
WM
Wander Menezes
Technical Lead at Arcon Labs at a tech services company with 51-200 employees
My primary use case is that it is an analyst tool for hunting on your site network.
View full review »SP
Secteamlead67
Security Team Leader at a tech services company with 11-50 employees
We are a system integrator and we resell this solution.
View full review »GV
reviewer773925
ICT Architect at a insurance company with 51-200 employees
We use the on-prem model of this solution. Our primary use case is for malware and behavior monitoring. We also use it to monitor system performance and user behavior.
View full review »Buyer's Guide
Fortinet FortiSIEM
March 2024
Learn what your peers think about Fortinet FortiSIEM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.