FortiAnalyzer

Analytics-Driven Security and Log Management

  • Automate log management & real-time threat analysis 
  • Enterprise-ready continuous compliance reporting
  • Simplify forensics and rapid response     

Overview

 

Lack of visibility continues to extend breaches and compromises to an average of more than 100 days. For each day an organization is exposed, it is another opportunity for attackers to get to sensitive customer and confidential information.

FortiAnalyzer is the analytics-driven security analysis tool built with operations perspective. With action-oriented views and deep drill-down capabilities, FortiAnalyzer not only gives organizations critical insight into threats, but also accurately scopes risk across the attack surface, pinpointing where immediate response is required and enables automated response actions.

 

Features and Benefits

visibility icon

End-to-end visibility with event correlation and threat detection

Reduce time to detection by leveraging Indicator of Compromise (IOC) service to quickly identify threat across your network
analytics icon

Enterprise-grade high availability

Automatically backs up the FortiAnalyzer database to up to five nodes in a cluster that can be geographically dispersed for disaster recovery. One of the secondary nodes can easily become a primary node.
icon benefits variety of settings

Advanced compliance reporting

Provides hundreds of pre-built reports and templates which are regulation-specific to make proving compliance easy.
Icon automation

Security automation

Reduces complexity and cost leveraging automation enabled via REST API, scripts, connectors, and automation stiches.
icon integration

Enterprise-ready integrations

Provides turn-key integration with no extra charge for trusted partner products such as Splunk, IBM QRadar, ServiceNow, Tufin, and AlgoSec. 
icon benefits infra transform1

Multi-tenancy and administrative domains (ADOMs)

Separate customer data and manage domains leveraging ADOMs to be compliant and operationally effective.

Related Videos

FortiAnalyzer

Learn how FortiAnalyzer and FortiManager helps assess the security risk of your network infrastructure. Specifically - we show features around Security Rating in FortiManager and Securing Ranking and Scoring in FortiAnalyzer

Watch Now

FortiAnalyzer Models and Specifications

Hardware Appliances
Devices/VDOMS (maximum)
150
GB/Day of Logs
100
Analytic Sustained Rate (logs/sec)
3,000
Devices/VDOMS (maximum)
180
GB/Day of Logs
150
Analytic Sustained Rate (logs/sec)
4,500
Devices/VDOMS (maximum)
200
GB/Day of Logs
200
Analytic Sustained Rate (logs/sec)
6,000
Devices/VDOMS (maximum)
800
GB/Day of Logs
300
Analytic Sustained Rate (logs/sec)
8,250
Devices/VDOMs (maximum)
2,000
GB/Day of Logs
600
Analytic Sustained Rate (logs/sec)
18,000
Devices/VDOMs (maximum)
2,000
GB/Day of Logs
1,000
Analytic Sustained Rate (logs/sec)
30,000
Devices/VDOMs (maximum)
4,000
GB/Day of Logs
5,000
Analytic Sustained Rate (logs/sec)
42,000
Devices/VDOMs
10,000
GB/Day of Logs
8,300
Analytic Sustained Rate (logs/sec)
100,000
Virtual Machines

FortiAnalyzer virtual machines are all supported on VMware vSphere, Citrix Xen Server, Xen, KVM, and Microsoft Hyper-V.

Devices/VDOMs (maximum)
10,000
GB/Day of Logs
1
Storage Capacity
500 GB
Devices/VDOMs (maximum)
10,000
GB/Day of Logs
+1
Storage Capacity
+500 GB
Devices/VDOMs (maximum)
10,000
GB/Day of Logs
+5
Storage Capacity
+3 TB
Devices/VDOMs (maximum)
10,000
GB/Day of Logs
+25
Storage Capacity
+10 TB
Devices/VDOMs (maximum)
10,000
GB/Day of Logs
+100
Storage Capacity
+24 TB
Devices/VDOMs (maximum)
10,000
GB/Day of Logs
+500
Storage Capacity
+48 TB
Devices/VDOMs (maximum)
10,000
GB/Day of Logs
+2,000
Storage Capacity
+100 TB


FortiAnalyzer virtual machines are available on Amazon Web Services and Microsoft Azure.

product demo fortianalyzer

FortiAnalyzer Demo

FortiAnalyzer offers centralized network security logging and reporting for the Fortinet Security Fabric. FortiAnalyzer accepts inbound logs from multiple downstream Fortinet devices such as FortiGate, FortiMail, and FortiWeb devices etc. Functions such as viewing/filtering individual event logs, generating security reports, alerting based on behaviors, and investigating activity via drill-downs are all key features of FortiAnalyzer. In this demo, see how it presents the visibility of your networks such as an aggregate view of applications, web usage, and potentially malicious behavior affect your network. 

Access the demo

Analytics Alliance Partners

FortiAnalyzer provide integration with many leading vendors as part of the Fortinet Security Fabric.  

Below is a list of current Product Alliance Partners:

AlgosSec
AlgosSec

The leading provider of business-driven security management solutions, AlgoSec helps over 1,500 enterprises align security with their business processes, to make their organizations more agile, secure and compliant.

ServiceNow
ServiceNow

ServiceNow makes work better. Our applications automate, predict, digitize and optimize business processes across IT, Customer Service, Security Operations, HR and more, for a better enterprise experience.

Tufin
Tufin

Tufin leads the Security Policy Orchestration market, enabling enterprises to centrally manage, visualize, and control security policies across hybrid cloud and physical network environments.

Analytics FAQs

Does FortiManager manage FortiAnalyzer? 

Yes. This is the recommended deployment, actually. When FortiManager is managing FortiAnalyzer, all FortiAnalyzer interface tiles come up alongside FortiManager tiles, enabling all workflows.    

Should I go with FortiManager or FortiCloud?    

FortiCloud is a cloud-based service that streamlines deployment, management and reporting for FortiGate and Unified Access products. It is a simple solution that provides the basics of management and configuration. FortiManager (and FortiAnalyzer) is the full-featured central management solution for Fortinet products. Advanced configurations, workflows and reporting (through FortiAnalyzer) are available here. Your organization’s needs will dictate whether a simplified cloud service or full-featured appliance (hardware or virtual) that you manage is a better fit.    

If I only have a few FortiGates, do I need central management?      

While all FortiGate configurations can be done locally, the time saved managing elements of or a complete central policy is a strong benefit in going with FortiManager. FortiAnalyzer greatly extends reporting and analysis capabilities for FortiGate both in breadth by combining data from multiple FortiGates into a single perspective, as well as in depth with much longer reporting horizons and advanced features found in Event Manager and the FortiGuard IOC service.