The digital attack surface is expanding at a rapid rate, making it increasingly difficult to protect against advanced threats. According to a recent Ponemon study, nearly 80% of organizations are introducing digital innovation faster than their ability to secure it against cyberattacks. In addition, the challenges of complex and fragmented infrastructures continue to enable a rise in cyber events and data breaches. Assorted point security products in use at some enterprises typically operate in silos, obscuring network and security operations teams from having clear and consistent insight into what is happening across the organization.
An integrated security architecture with analytics and automation capabilities can address and dramatically improve visibility and automation. As part of the Fortinet Security Fabric, FortiAnalyzer provides security fabric analytics and automation to provide better detection and response against cyber risks.
|
Ponemon recently came out with a study where they interviewed more than 2200 IT and Security professionals that had experienced a data breach – What they concluded as part of that research was that 48% are because of Malicious or Criminal attack. In this video, learn how FortiAnalyzer can help address this root cause and protect against these threats.
立即观看
End-to-end visibility with event correlation and threat detection
Enterprise-grade high availability
Advanced compliance reporting
Security automation
Enterprise-ready integrations
Multi-tenancy and administrative domains (ADOMs)
GB/Day of Logs |
100 |
Analytic Sustained Rate (logs/sec) |
3,000 |
Storage Capacity |
4TB |
GB/Day of Logs |
150 |
Analytic Sustained Rate (logs/sec) |
4,500 |
Storage Capacity |
8TB |
GB/Day of Logs |
200 |
Analytic Sustained Rate (logs/sec) |
6,000 |
Storage Capacity |
12TB |
GB/Day of Logs |
300 |
Analytic Sustained Rate (logs/sec) |
8,250 |
Storage Capacity |
16TB |
GB/Day of Logs |
600 |
Analytic Sustained Rate (logs/sec) |
18,000 |
Storage Capacity |
32TB |
GB/Day of Logs |
1,000 |
Analytic Sustained Rate (logs/sec) |
30,000 |
Storage Capacity |
36TB |
GB/Day of Logs |
5,000 |
Analytic Sustained Rate (logs/sec) |
42,000 |
Storage Capacity |
48TB |
GB/Day of Logs |
5,000 |
Analytic Sustained Rate (logs/sec) |
60,000 |
Storage Capacity |
96TB |
GB/Day of Logs |
8,300 |
Analytic Sustained Rate (logs/sec) |
100,000 |
Storage Capacity |
240TB |
FortiAnalyzer virtual machines are all supported on AWS, Google Cloud, Oracle Cloud, Ali Cloud, Nutanix AHV, VMware vSphere, Citrix Xen Server, Xen, KVM, and Microsoft Hyper-V.
GB/Day of Logs |
1 |
Storage Capacity |
500 GB |
GB/Day of Logs |
+1 |
Storage Capacity |
+500 GB |
GB/Day of Logs |
+5 |
Storage Capacity |
+3 TB |
GB/Day of Logs |
+25 |
Storage Capacity |
+10 TB |
GB/Day of Logs |
+100 |
Storage Capacity |
+24 TB |
GB/Day of Logs |
+500 |
Storage Capacity |
+48 TB |
GB/Day of Logs |
+2,000 |
Storage Capacity |
+100 TB |
| FC1-10-AZVMS-431-01-DD | Central Logging & Analytics subscription for 5 GB/Day logs. Include 24x7 FortiCare support, IOC, SOAR/SIEM services.
|
| FC2-10-AZVMS-431-01-DD | Central Logging & Analytics subscription for 50 GB/Day logs. Include 24x7 FortiCare support, IOC, SOAR/SIEM services.
|
| FC3-10-AZVMS-431-01-DD | Central Logging & Analytics subscription for 500 GB/Day logs. Include 24x7 FortiCare support, IOC, SOAR/SIEM services.
|
Cloud-based central logging and reporting service for all FortiGate devices. FortiCloud Premium customers can easily enable the FortiAnalyzer Cloud service and get real-time network insights leveraging the FortiGate deployment.
FortiAnalyzer virtual machines are available on Amazon Web Services and Microsoft Azure.
Advanced training for security professionals, technical training for IT professionals, and awareness training for teleworkers.
学到更多FortiAnalyzer offers centralized network security logging and reporting for the Fortinet Security Fabric. FortiAnalyzer accepts inbound logs from multiple downstream Fortinet devices such as FortiGate, FortiMail, and FortiWeb devices etc. Functions such as viewing/filtering individual event logs, generating security reports, alerting based on behaviors, and investigating activity via drill-downs are all key features of FortiAnalyzer. In this demo, see how it presents the visibility of your networks such as an aggregate view of applications, web usage, and potentially malicious behavior affect your network.
FortiAnalyzer provide integration with many leading vendors as part of the Fortinet Security Fabric.
Below is a list of current Product Alliance Partners:
AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance
CyberArk is the global leader in privileged account security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets.
D3 Security's award-winning SOAR platform seamlessly combines security orchestration, automation and response with enterprise-grade investigation/case management, trend reporting and analytics. With D3's adaptable playbooks and scalable architecture, security teams can automate SOC use-cases to reduce MTTR by over 95%, and manage the full lifecycle of any incident or investigation.
DFLabs IncMan SOAR leverages existing security products to dramatically reduce the response and remediation gap caused by limited resources and the increasing volume of incidents. Together with Fortinet, IncMan allows joint customers to respond to security incidents in a faster, more informed and efficient manner.
ForeScout Technologies is transforming security through visibility. ForeScout offers a highly scalable, heterogeneous platform that provides Global 2000 enterprises and government agencies with agentless visibility and control of traditional and non-traditional devices, including IoT devices, the instant they connect to the network.
Google Cloud Platform is a secure, dedicated public cloud computing service operated by Google which provides a range of infrastructure and application services that enable deployments in the cloud. Fortinet provides critical firewalling, advanced security and scalable BYOL protection for elastic compute, container, and machine-learning workloads in Google’s innovative public cloud.
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.
Microsoft is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more.
Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix enterprise cloud platform leverages web-scale engineering and consumer-grade design to natively converge compute, virtualization and storage into a resilient, software-defined solution that delivers any application at any scale.
Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services.
The Refactr DevSecOps automation platform is an all-in-one solution for designing and executing secure automation pipelines that include infrastructure delivery, application configuration, and security actions. Customers can quickly deploy Fortinet’s solutions through pre-built pipelines and leverage existing Fortinet automation content built with open DevOps and security automation tools.
Restorepoint’s solutions help organisations and service providers reduce cost, manage unforeseen risks, and to accelerate change management across their multi-vendor network infrastructures. Using our cost-effective products, customers can quickly automate Network Outage Protection, Compliance Auditing, and Privileged Access Management and to simplify Bulk Change Management.
ServiceNow makes work better. Our applications automate, predict, digitize and optimize business processes across IT, Customer Service, Security Operations, HR and more, for a better enterprise experience.
Spirent’s CyberFlood Data Breach Assessment emulates attack, malware, and DLP scenarios to continually validate security policies and effectiveness in production networks. Together with Fortinet, Spirent provides users visibility into actual breach events and provides specific remediation recommendations to harden security policies in production networks.
Syncurity’s award-winning and patent-pending IR-Flow® SOAR platform reduces cyber risk by accelerating security operations processes, people and technology. Together with Fortinet, Syncurity reduces the time to detect, contain and remediate cyber risks leveraging standards-based APIs for alert enrichment, detailed investigation and automated incident response.
Does FortiManager manage FortiAnalyzer?
Yes. This is the recommended deployment, actually. When FortiManager is managing FortiAnalyzer, all FortiAnalyzer interface tiles come up alongside FortiManager tiles, enabling all workflows.
Should I go with FortiManager or FortiCloud?
FortiCloud is a cloud-based service that streamlines deployment, management and reporting for FortiGate and Unified Access products. It is a simple solution that provides the basics of management and configuration. FortiManager (and FortiAnalyzer) is the full-featured central management solution for Fortinet products. Advanced configurations, workflows and reporting (through FortiAnalyzer) are available here. Your organization’s needs will dictate whether a simplified cloud service or full-featured appliance (hardware or virtual) that you manage is a better fit.
If I only have a few FortiGates, do I need central management?
While all FortiGate configurations can be done locally, the time saved managing elements of or a complete central policy is a strong benefit in going with FortiManager. FortiAnalyzer greatly extends reporting and analysis capabilities for FortiGate both in breadth by combining data from multiple FortiGates into a single perspective, as well as in depth with much longer reporting horizons and advanced features found in Event Manager and the FortiGuard IOC service.
