Fortinet FortiAnalyzer Reviews

We are using Fortinet FortiAnalyzer for analyzing network traffic and it provides us with log analytics.

Overall we are satisfied with all the features the solution provides.

There are a lot of solutions on the market and Fortinet FortiAnalyzer is limited. It cannot be used across multiple vendors. They can improve by advancing their technology.

The solution could improve by having better integration and support with Apple, Linux, and Microsoft solutions.

I have been using Fortinet FortiAnalyzer for approximately five years.

We have been making changes to the cloud signatures and categories because the market is changing and Fortinet FortiAnalyzer has been stable and reliable.

The solution is scalable but there are additional costs if you want to increase the scalability.

We have been satisfied with the support.

The installation was not difficult.

We did the implementation ourselves.

In the local market sometimes people are being charged more than other solutions. Although the market is competitive, legitimate suppliers do not receive a large enough discount to pass onto the customers. 

Fortinet FortiAnalyzer is not suitable for everyone, it is best suited for mid-sized businesses but if the price could be reduced there would be more customers in all-sized businesses.

I rate Fortinet FortiAnalyzer a seven out of ten.

We use the analyzer for reporting, to know what exactly is happening on the network. We use it to see which accesses are granted, which accesses are denied, which sites are visited, which botnets are coming in, which viruses, etc.

The solution is on-premise. Most of the time we set it up on the client's premises, depending on their needs. The cloud is there for testing.

It has a simplified and user-friendly interface.

With FortiAnalyzer, most of the time, although the interface is simplified, when you are new to it you have issues of navigating through it.

And when it comes to pushing logs to a SIEM, most of the time we have some issues when it comes to filtering.

Also, reports need to be simplified because its reporting currently includes more detailed and technical things. If we could get a simplified or executive summary, that would be good.

It's very stable, unlike the previous version which, when the logs were huge, would crash and we would have to reset it and start all over again.

The scalability is also fine if you do your prerequisites right. If so, you won't have any issues. But if you don't do your scoping right, and more logs come into the system - more than it can handle - you will face issues. You need to do your scoping right to get it to be stable and scalable.

Technical support is kind of slow. When you have 24/7 support, the response is quick. But when you send something in, it takes a long time to get a response. Fortinet support is a little bit slow when using their portal for support.

In our case, because we are partners, we have a couple of tech guys we can call to get support done. When an end-user requests support through the portal, and even when we do, it takes hours to get a response.

We work with multiple solutions and Fortinet has been the number-one.

For me, the initial setup was straightforward. The deployment takes approximately ten minutes. In some cases we could be waiting for results, waiting for logs to get up to do some analysis.

The price is quite expensive. Fortinet products are very expensive. That is something which they should also look at, because if you compare Fortinet product to, say, Sophos for example, Fortinet is really high and that's the only thing which is a drawback for most users. Although their plan is a value-for-money appliance, the price is expensive.

Anyone who asks me about a Fortinet product, I'll give that person a thumbs-up. So far, Fortinet has been the best for me. It's a value-for-money appliance, it has an easy to use interface, and it gives you exactly what you want. The only drawback would be the price. 

We primarily use the solution to protect the network and to control how the users access and use the internet.

The IBS (Intent Based Segmentation) and application web filtering are the most valuable aspects of the solution.

The solution is quite expensive.

The solution could use more graphics and be more specific in the dashboard. This way, I'm able to understand everything and effectively understand what's going on, including what's incoming and outgoing. Right now, I have to look up everything. I need a dashboard so that I can see specific items right there in one place.

We have 600 users and do plan to increase usage in the future.

Technical support is good. We've talked with them a few times. We have third-party support here in Oman.

I didn't previously use another solution.

A third party vendor assisted us with the implementation.

We have around 12 devices and yearly we spend approximately $14,000.

We are using the private cloud deployment model.

I would rate the solution nine out of ten. I don't have much to compare it to, but it's been fairly good.

The primary use cases are log management and the reporting fraud forum. It provides a vision of the network.

From my perspective, we need to see the traffic in a good way so we can know what has happened in our network. The analyzing tools and the monitoring tools and the logs are the important part in the network.

The traffic monitoring could be better, and stability could be improved.

I have been using this solution for about two years.

The solution should be more stable.

For the cloud version, you can expand it as you need it.

I haven't contacted technical support.

The solution is easy to install.

FortiAnalyzer was in the product itself, but two years ago they split it from Fortinet. We paid the license two years ago.

I would rate this solution 9 out of 10. 

I can recommend this solution for other users. 

We mostly use the FortiAnalyzer VM. We sell the license for this solution and also the professional service to have it. 

There are different types of business needs of our clients because they're in different business areas. We have firewalls on them. Some of them are on the perimeter network, and some of them are being used as the core network solution. We collect all the logs from their FortiGates. 

In some cases, we also use FortiWeb, which is a web application firewall. We also use FortiMail, which is an email protection solution or email security solution. We gather all the logs on FortiAnalyzer, and we try to do some flat counting and identify behavior or do behavior analysis from those logs and see what is interesting. Our team analyzes those events so that we can prevent any disruption of service because of the security, vulnerability, or issue.

Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.

It will be better if behavior or indicators of compromise were on the same licensing schema. Currently, it is an advanced feature that you have to purchase as an add-on. This is the reason we're trying to do the ELK so that we can integrate them and create those rules by using open-source software.

It will also be better if it has some more integration with IT service management tools so that we can do endpoint protection and response based on those indicators of compromise or those behavior analysis rules that create events that can automatically flow. We can inject that data into a service incident ticket on our IT service management tool, and that way we can assign the ticket to the proper teams and respond right away. Currently, we only have integration with ServiceNow. 

I have been using this solution for five years. 

We have the box or the VM running for more than a couple of years now. We do upgrade so that we can add new features that Fortinet is releasing, but it is pretty stable. It never crashes.

It is a little complex in terms of scalability and mostly because we're using a kind of high-end systems. For scaling, you have to order a different licensing and move more power and computing into a new architecture. It doesn't have that much scalability.

Our clients are SMB or small and medium businesses, but we also have plenty of customers on the campus wide area network.

I would rate them a five out of ten. They will have to move their base locations to a different city. I'm not a native speaker of English, and sometimes, when we're trying, there is a language barrier. They're located in India or some Middle East city. They can do really better. Sometimes their response is not as adequate as other vendors.

It was very straightforward. The deployment could take a couple of days to fine-tune all the rules for log management.

There are plenty of solutions. Fortinet FortiAnalyzer is very helpful if you are really into FortiGate devices. We handle other firewalls, but 80% to 85% of them are Fortinet, so it is a very good solution because it has native integration with everything, but I wouldn't recommend it if you have less than 50% of Fortinet firewalls. If you have agnostic technology, you can integrate all of them into the same solution. FortiAnalyzer is only for FortiGates right now.

I would rate Fortinet FortiAnalyzer a nine out of ten. It just needs more integration with IT service management tools for endpoint detection and response, which is the main objective.

Our primary use case of this solution is for bandwidth. We are very satisfied with this program.

The feature I find most useful is the handy dashboard.

I would like to see an improvement in the technical support. Stronger authentication will also be a plus.

In the next version, I would like to have authentication for 40 tokens.

We have between 20 and 25 users and we plan to increase this number, so I believe the program is scalable.

We are very satisfied with the customer service.

The initial setup was straightforward and deployment took us about eight months. The reason for this is that we installed other programs during this time too, like Fireworks Data Center, Switch Data Center, Cisco Nexus Data Center, and Forcepoint. We use Stitch as our local manager. 

All Fortinet programs come at a good price.

I will definitely recommend this solution to others. My rating is a ten out of ten.

The solution is used for grabbing logs. It is designed for log aggregation of all Fortigate firewalls and to give visibility of traffic and usage. 

The log events are quite useful for us. The events aggregation from various Fortigate products makes it very helpful.

Technical support is helpful.

The stability is excellent.

This is a highly scalable product.

The setup is straightforward. 

We'd like to see more embedded features.

We'd like to see more SIEM capabilities. I'd love to see this merged with FortiSIEM for example. 

I've been using the solution for around 20 years. 

The stability is great. I'd rate it ten out of ten for reliability. We rarely have any issues. 

You pay compared to the volume of logs you collect. It is very scalable. It's highly expandable. On a scale from one to ten, I'd rate the scalability ten out of ten. 

We have less than five network engineers using the product. 

I've dealt with support in the past and found them helpful and responsive. 

Positive

We use a variety of Fortigate products.

We did not use a different vendor previously. There is no other real option. We did try to use the free version of Splunk. We moved to Fortianalyzer as it works better in Fortinet products. Splunk is harder to fit into other Fortinet products. 

The installation process only takes a couple of hours. It is easy to install. 

The maintenance is very minimal. One person can handle maintenance tasks. 

We do use specialized consultants occasionally. However, I have been able to do it by myself as well in the past.

I cannot speak of the exact price. Someone else manages the contract. However, you do get good value for your money. It's not overly expensive. 

As it is on-premises, you do need some on-prem resources. You need a traditional hypervisor and need the ability to host the solution on your premises. 

We're customers and end-users. 

We are using the latest version of the solution typically. 

I'd recommend the solution to other users. 

I would rate the solution ten out of ten.

Fortinet FortiAnalyzer is a complete package for managing our equipment.

I have been using Fortinet FortiAnalyzer for approximately six years.

The support could be better for Fortinet FortiAnalyzer here in Mexico.

I would rate Fortinet FortiAnalyzer a nine out of ten.