We just raised a $30M Series A: Read our story
2018-06-19T00:35:00Z

What needs improvement with Fortinet FortiAnalyzer?

35

Please share with the community what you think needs improvement with Fortinet FortiAnalyzer.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
Guest
2121 Answers

author avatar
Top 5Real User

One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs. There were false positives, so we needed to have some ratings related to false positives. It is easy to set up is you have FortiGate firewalls. We tried setting up with other devices, and I don't think it supports other firewalls or other devices. If it did, then it would have been great because we would have been able to use FortiAnalyzer for hybrid environments with different OEM firewalls. If we can have an intelligent analysis system which will detect false positives and detect the exact problem, it would be great. If FortiAnalyzer can integrate with FortiSIEM and give us threat reports, that will also help because then I won't need to have another tool or another dashboard which I need to look out for.

2021-05-25T13:36:38Z
author avatar
Top 5Real User

From my point of view, at this time, the solution isn't lacking any features or functionalities. It's very complete for our purposes.

2021-03-10T20:51:26Z
author avatar
Top 5Real User

In terms of what could be improved, sometimes it's lagging and also has some graphical issues with the GUI. The correlation mechanism and the analytics are not as good as the competitors like Check Point or Panorama. But for IoT and SoT, it has graphical dashboards and analytical diagram tables that can correlate various logs from other products like FortiMail and FortiWeb, so it is a good mechanism for Fortinet products. If you have various Fortinet products for your firm, you can use FortiAnalyzer like a synchro mechanism. But it needs development for software issues like the GUI bug, some logs not showing, not collecting some logs... They need to fix them.

2021-02-11T07:18:00Z
author avatar
Top 10Reseller

FortiAnalyzer only works with other Fortinet products. If you need to analyze the data from other devices, other vendors, this solution is not the best one to use. The interoperability with other vendors is lacking. It's very limited. You can scan the logs from other vendors within FortiAnalyzer, however, it only collects these logs. You can't analyze anything coming from other devices or vendors. This works very well with Fortinet products. When you need to interoperate with other vendors, it's difficult, because you don't have that support. In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short.

2021-01-17T09:11:26Z
author avatar
Top 10Reseller

It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software. It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow.

2020-12-08T05:37:34Z
author avatar
Top 5Real User

We should be able to do the patch upgrades in a centralized manner. This functionality is currently not there. It would be good to be able to do the firmware updates from one place and at the same time. Currently, if we want to update all appliances, we require FortiManager, which is another solution from Fortinet. Its documentation can be improved. It will be helpful for implementing the product and gaining knowledge for management purposes.

2020-10-19T09:33:29Z
author avatar
Top 5LeaderboardReal User

It is a pretty big software package. It has a lot of features which maybe aren't that useful. It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot. The could be more automation and more artificial intelligence integrated into the solution. It was a service model application originally. It needs to have some artificial intelligence in dealing with the analysis of the nodes, and not just showing the nodes. I'm one version behind the latest version, so I don't know if they added it yet, however, if they haven't it would be a good thing to put into their roadmap.

2020-10-11T08:58:12Z
author avatar
Top 10Real User

Currently, no solution can offer you 100% protection from viruses such as WannaCry ransomware. Fortinet should strive to improve their prevention systems.

2020-09-27T04:10:00Z
author avatar
Top 5LeaderboardReal User

There aren't any features missing. It's very complete. Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues. The solution has some limitations. We use MNC, and it has a US patent. Here we can do this thing but we maybe can't do that thing. They provide some documents to customers, but the customers want remote support to take on and/or finish the work. That's why I have the deployment team in place. It's a team within our team.

2020-09-21T06:33:00Z
author avatar
Top 5Reseller

Fortinet FortiAnalyzer is not in the cloud environment like some of the other products. There could be a possibility of extending its functionality to the cloud environment. If possible, they could have a deal with or integrate with other firewall manufacturers, like Palo Alto and Cisco, and mix the information. It is a difficult functionality. I don't know if any product in the market provides such functionality.

2020-09-13T07:02:17Z
author avatar
Top 5Real User

They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products. It would also be good to include customizable reports and customizable views of the reports.

2020-08-27T10:31:47Z
author avatar
Top 5Real User

One of the main disadvantages is not having a direct link to the security policy when you see something in the log. You should be able to right-click and go directly to the security policy. When you compare with Checkpoint, they are very good with reporting and logging, and when you right-click on the log you can go to the policy and edit it. In the next release, I would like to have a feature added where you can right-click and it takes you directly to the policy to edit it.

2020-08-23T08:17:18Z
author avatar
Top 10Real User

The solution doesn't have online analysis. We can't analyze certain parts of the logs. For example, we can't analyze current logs. It would be helpful if we could use the system we use to monitor everything to also check the live traffic or live logs. The solution lacks business intelligence features. It's much too basic.

2020-03-16T06:56:09Z
author avatar
Top 5Real User

I would like to be able to do more customization. For example, I would like to be able to develop my own set of reports that I can upload to the analyzer, and then it can report in a fashionable way as to what I really expect, rather than the ones that are preconfigured. Then we can play around with them in terms of where you can position your top bandwidth users, and such. The reports are good, but they are over-summarized.

2019-09-05T05:37:00Z
author avatar
Reseller

Reporting wasn't very good in the previous version, but I believe it has greatly improved. The newer version has more features and the quality of reporting is better too. I would also like to see an improvement in the rebooting.

2019-08-29T09:32:00Z
author avatar
Real User

With FortiAnalyzer, most of the time, although the interface is simplified, when you are new to it you have issues of navigating through it. And when it comes to pushing logs to a SIEM, most of the time we have some issues when it comes to filtering. Also, reports need to be simplified because its reporting currently includes more detailed and technical things. If we could get a simplified or executive summary, that would be good.

2019-08-29T08:53:00Z
author avatar
Real User

The solution is quite expensive. The solution could use more graphics and be more specific in the dashboard. This way, I'm able to understand everything and effectively understand what's going on, including what's incoming and outgoing. Right now, I have to look up everything. I need a dashboard so that I can see specific items right there in one place.

2019-08-28T09:52:00Z
author avatar
Real User

Every time there is a firmware upgrade the interface changes, and you'll have to maneuver that interface to see how to use it. When somebody is new to the system they find it difficult to perform certain operations, like backups, and to see where the reports are. A more user-friendly interface would be an improvement. I would like to see support for analyzing the wireless site, without going through the controller. For example, I would like to see a report on the full data including the APs that were up or down, and whether something has been upgraded.

2019-08-26T06:42:00Z
author avatar
Real User

I would like to see an improvement in the technical support. Stronger authentication will also be a plus. In the next version, I would like to have authentication for 40 tokens.

2019-08-26T06:42:00Z
author avatar
Real User

I'm looking for something more efficient to analyze different foreign things. That's why FortiSIEM could compete with FortiAnalyzer.

2019-08-26T06:42:00Z
author avatar
User

It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs.

2018-06-19T00:35:00Z
Learn what your peers think about Fortinet FortiAnalyzer. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
540,984 professionals have used our research since 2012.