Security Fabric Analytics & Automation

Download FortiAnalyzer Solution Brief
web product icon fortianalyzer

FortiAnalyzer Overview

The digital attack surface is expanding at a rapid rate, making it increasingly difficult to protect against advanced threats. According to a recent Ponemon study, nearly 80% of organizations are introducing digital innovation faster than their ability to secure it against cyberattacks. In addition, the challenges of complex and fragmented infrastructures continue to enable a rise in cyber events and data breaches. Assorted point security products in use at some enterprises typically operate in silos, obscuring network and security operations teams from having clear and consistent insight into what is happening across the organization.

An integrated security architecture with analytics and automation capabilities can address and dramatically improve visibility and automation. As part of the Fortinet Security Fabric, FortiAnalyzer provides security fabric analytics and automation to provide better detection and response against cyber risks.


FortiAnalyzer Videos

Analytics-Powered Security & Log Management

Ponemon recently came out with a study where they interviewed more than 2200 IT and Security professionals that had experienced a data breach – What they concluded as part of that research was that 48% are because of Malicious or Criminal attack. In this video, learn how FortiAnalyzer can help address this root cause and protect against these threats.

Watch Now
Enterprise Grade Integrations with FortiManager and FortiAnalyzer
FortiAnalyzer: Key Use Cases & Capabilities
FortiAnalyzer Video


Features and Benefits

visibility icon

End-to-end visibility with event correlation and threat detection

Reduce time to detection by leveraging Indicator of Compromise (IOC) service to quickly identify threat across your network
analytics icon

Enterprise-grade high availability

Automatically backs up the FortiAnalyzer database to up to four nodes in a cluster that can be geographically dispersed for disaster recovery. One of the secondary nodes can easily become a primary node.
icon benefits variety of settings

Advanced compliance reporting

Provides hundreds of pre-built reports and templates which are regulation-specific to make proving compliance easy.
Icon automation

Security automation

Reduces complexity and cost leveraging automation enabled via REST API, scripts, connectors, and automation stiches.
icon integration

Enterprise-ready integrations

Provides turn-key integration with no extra charge for trusted partner products such as Splunk, IBM QRadar, ServiceNow, Tufin, and AlgoSec. 
icon benefits infra transform1

Multi-tenancy and administrative domains (ADOMs)

Separate customer data and manage domains leveraging ADOMs to be compliant and operationally effective.

FortiAnalyzer Models and Specifications

Analytics Sustained Rate (logs/sec)
Starts at 300,000
Up to 10 million logs/sec
Form Factor
4 RU
Built-in HA
GB/Day of Logs
Analytic Sustained Rate (logs/sec)
Storage Capacity
GB/Day of Logs
Analytic Sustained Rate (logs/sec)
Storage Capacity
GB/Day of Logs
Analytic Sustained Rate (logs/sec)
Storage Capacity
GB/Day of Logs
Analytic Sustained Rate (logs/sec)
Storage Capacity
GB/Day of Logs
Analytic Sustained Rate (logs/sec)
Storage Capacity
GB/Day of Logs
Analytic Sustained Rate (logs/sec)
Storage Capacity
GB/Day of Logs
Analytic Sustained Rate (logs/sec)
Storage Capacity
GB/Day of Logs
Analytic Sustained Rate (logs/sec)
Storage Capacity
GB/Day of Logs
Analytic Sustained Rate (logs/sec)
Storage Capacity

FortiAnalyzer virtual machines are all supported on AWS, Google Cloud, Oracle Cloud, Ali Cloud, Nutanix AHV, VMware vSphere, Citrix Xen Server, Xen, KVM, and Microsoft Hyper-V.

GB/Day of Logs
Storage Capacity
500 GB
GB/Day of Logs
Storage Capacity
+500 GB
GB/Day of Logs
Storage Capacity
+3 TB
GB/Day of Logs
Storage Capacity
+10 TB
GB/Day of Logs
Storage Capacity
+24 TB
GB/Day of Logs
Storage Capacity
+48 TB
GB/Day of Logs
Storage Capacity
+100 TB
FortiAnalyzer-VM Subscription License with Support
Central Logging & Analytics subscription for 5 GB/Day logs. Include 24x7 FortiCare support, IOC, SOAR/SIEM services.
Central Logging & Analytics subscription for 50 GB/Day logs. Include 24x7 FortiCare support, IOC, SOAR/SIEM services.
Central Logging & Analytics subscription for 500 GB/Day logs. Include 24x7 FortiCare support, IOC, SOAR/SIEM services.

FortiAnalyzer Cloud

Cloud-based central logging and reporting service for all FortiGate devices. FortiCloud Premium customers can easily enable the FortiAnalyzer Cloud service and get real-time network insights leveraging the FortiGate deployment.

FortiAnalyzer virtual machines are available on Amazon Web Services and Microsoft Azure.

Building a Cybersecurity Workforce

Advanced training for security professionals, technical training for IT professionals, and awareness training for teleworkers.

Learn More


Product Demo

FortiAnalyzer offers centralized network security logging and reporting for the Fortinet Security Fabric. FortiAnalyzer accepts inbound logs from multiple downstream Fortinet devices such as FortiGate, FortiMail, and FortiWeb devices etc. Functions such as viewing/filtering individual event logs, generating security reports, alerting based on behaviors, and investigating activity via drill-downs are all key features of FortiAnalyzer. In this demo, see how it presents the visibility of your networks such as an aggregate view of applications, web usage, and potentially malicious behavior affect your network. 

Analytics Alliance Partners

FortiAnalyzer provide integration with many leading vendors as part of the Fortinet Security Fabric.  

Below is a list of current Product Alliance Partners:

Analytics FAQs

Does FortiManager manage FortiAnalyzer? 

Yes. This is the recommended deployment, actually. When FortiManager is managing FortiAnalyzer, all FortiAnalyzer interface tiles come up alongside FortiManager tiles, enabling all workflows.    

Should I go with FortiManager or FortiCloud?    

FortiCloud is a cloud-based service that streamlines deployment, management and reporting for FortiGate and Unified Access products. It is a simple solution that provides the basics of management and configuration. FortiManager (and FortiAnalyzer) is the full-featured central management solution for Fortinet products. Advanced configurations, workflows and reporting (through FortiAnalyzer) are available here. Your organization’s needs will dictate whether a simplified cloud service or full-featured appliance (hardware or virtual) that you manage is a better fit.    

If I only have a few FortiGates, do I need central management?      

While all FortiGate configurations can be done locally, the time saved managing elements of or a complete central policy is a strong benefit in going with FortiManager. FortiAnalyzer greatly extends reporting and analysis capabilities for FortiGate both in breadth by combining data from multiple FortiGates into a single perspective, as well as in depth with much longer reporting horizons and advanced features found in Event Manager and the FortiGuard IOC service.