How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
We are trying to onboard some devices, which we will analyze using Fortinet FortiSIEM. Once it responds smoothly, we will onboard some clients with requests.
We use Fortinet FortiSIEM for storage of security information and analysis, as well as for alerts from the 50-60 services that we have. All of our webs are linked to FortiSIEM. It's a form of SOC tool and data is used for identifying trends and what's happening around the networks. We're customers and end-to-end users when it comes to FortiSIEM, but for other Fortinet products we're either partners or a value-added reseller. I'm the principal cloud architect in our company.
We primarily use the solution for network and security monitoring.
We are an enterprise that resells services. We are like a small MSSP for Salvador and Central America region. We provide services to other enterprises. Our clients have multiple use cases. Its most common use case to detect logging events from different IP addresses or locations. It is used to detect simultaneous logins by the same user from different IP addresses or locations, such as from different countries. It is also used to detect any attempts to log in to a server with root privilege and trying remote access with root privileges.
I primarily use the solution as part of the firewall. I work mostly with banks and have extensive experience with configuring the VPN in relation to Fortinet.
We primarily use it for all of our cloud space and for firewalls,and AWS security services etc., for example, for the email, Cloud watch and AWS security HUB
We use FortiSIEM to protect our customers. Our current client has 20 branches and we can connect from any branch to their headquarters. We have high availability between headquarters and branches via the VPN connection. We can protect our SD-WAN, as well.
We run a Manage Security Services company and we use it in-house and for some of our clients. The service is a multitenant platform where our clients can log on to view and access various security-related activities and features. In more ways, it becomes like a cloud solution to them. We make use of a secure connection from the clients’ networks using collectors located on their premises back to our centralized SIEM platform.
We primarily use the solution for integration with FortiGate Firewall. We use it for multiple authentification, malware detection, and protection from DDoS attacks.
We primarily use the solution for collecting logs and duo correlation on our customer's premises.
We use the on-prem deployment model of this solution. Our primary use case of this solution is for all of our infrastructure monitoring, applications, performance monitoring, and for security, incident, and event analysis.
We use the on-prem model of this solution. Our primary use case is for malware and behavior monitoring. We also use it to monitor system performance and user behavior.
We're using FortiSIEM as the main metadata server for all the security and infrastructure devices. We integrate a lot of nodes, switches, firewalls, and sandboxes with it to gain and covers performance, availability, change, and security monitoring aspects of network devices, servers, and applications.
We are a partner, and we use this solution to ingest our customers' syslogs data for their firewalls.
What do you like most about Fortinet FortiSIEM?
Thanks for sharing your thoughts with the community!