Please share with the community what you think needs improvement with Fortinet FortiAnalyzer.
What are its weaknesses? What would you like to see changed in a future version?
The solution doesn't have online analysis. We can't analyze certain parts of the logs. For example, we can't analyze current logs. It would be helpful if we could use the system we use to monitor everything to also check the live traffic or live logs. The solution lacks business intelligence features. It's much too basic.
I would like to be able to do more customization. For example, I would like to be able to develop my own set of reports that I can upload to the analyzer, and then it can report in a fashionable way as to what I really expect, rather than the ones that are preconfigured. Then we can play around with them in terms of where you can position your top bandwidth users, and such. The reports are good, but they are over-summarized.
Reporting wasn't very good in the previous version, but I believe it has greatly improved. The newer version has more features and the quality of reporting is better too. I would also like to see an improvement in the rebooting.
With FortiAnalyzer, most of the time, although the interface is simplified, when you are new to it you have issues of navigating through it. And when it comes to pushing logs to a SIEM, most of the time we have some issues when it comes to filtering. Also, reports need to be simplified because its reporting currently includes more detailed and technical things. If we could get a simplified or executive summary, that would be good.
The solution is quite expensive. The solution could use more graphics and be more specific in the dashboard. This way, I'm able to understand everything and effectively understand what's going on, including what's incoming and outgoing. Right now, I have to look up everything. I need a dashboard so that I can see specific items right there in one place.
I'm looking for something more efficient to analyze different foreign things. That's why FortiSIEM could compete with FortiAnalyzer.
I would like to see an improvement in the technical support. Stronger authentication will also be a plus. In the next version, I would like to have authentication for 40 tokens.
Every time there is a firmware upgrade the interface changes, and you'll have to maneuver that interface to see how to use it. When somebody is new to the system they find it difficult to perform certain operations, like backups, and to see where the reports are. A more user-friendly interface would be an improvement. I would like to see support for analyzing the wireless site, without going through the controller. For example, I would like to see a report on the full data including the APs that were up or down, and whether something has been upgraded.
It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs.