Fortinet FortiAnalyzer Reviews

The key functions for us are the next-gen firewall and network analytics. To ensure the best protection, we need to constantly analyze the situation in the network, as well as internal and external threats, as well as actual AV protection. The Fortinet products and FortiGuard services give us all of this.

Our company uses a virtual infrastructure. Implementing this product supplements the protection of our infrastructure.

The current version of the product is easy to use. Based on my experience, I can't recommend any areas of improvement. It's important, however, to know what you want prior to implementation. Otherwise, it may not meet your future needs based on the initial configurations.

We've used it for about four months.

During installation, we had no problems with deployment.

We have had no problems with stability.

We have had no problems with scalability.

The level of local customer service was very good. Per our request, tested the product. We got all answers to our questions from technical support. I rate both of them highly.

We used Wallix AdminBastion together with it.

The initial setup was straightforward.

A successful implementation for this product depends on how clearly the customer understands what they have and what they need in the future. In most cases, the customer turns out to be unsatisfied when it's unclear that they knew what they wanted prior to implementation. My main recommendation is to implement it together with the vendor, writing down the tasks, solutions, and the expected result before you begin.

I think Fortinet has a balanced offering of prices and licenses.

Fortinet's strategy is based on the dividing the product line depending on functionality. This allows customers to choose only the necessary feature set for them.

The Fortinet product line is wide – you can choose from SOHO to Enterprise, and from hardware to virtual solution. The presence of a free client (Win/Android/OS X) provides protection for client workstations. Each customer will be able to find the most suitable solution for them.

The balanced policy product line and licensing allows customers to choose only the necessary feature set for them. Also you can easily migrate from other vendors using single tools for conversion. Another tool helps you plan the placement of Wi-Fi points in the building. Also, it's very important that equipment has international and national certification such as PCI, DSS, etc. Presentation of products for SDN (Software-defined Networks including SDDC - Software-defined Data Center) confirms the company's leading position in the market.

It receives logs from the FortiGate 5000 Series (about 12 FortiGate blades), and it was configured for keep logs for about 1,050 days. The logs are divided by archive (raw logs) and analytics (logs indexed in a database). 

The use case is primarily for getting graphical data to make quick decisions.

FAZ has improved the organization because it stores events in the past so we can correlate incidents using another monitor tools; the problem is that it can´t recognize logs from FortiController blades, not even specifying it as a syslog device so this is a big lack. Devices from another brand are compatible only as syslog devices if they support.

It supports SQL for logging and reporting. Log data is inserted into the SQL database for log view and report generation. 

Another feature is the custom reports, where you can obtain a chart builder from a log view: traffic, event, or security log.

It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs.

No issues at all. It is a reliable product.  

The problems come when you are using different OS versions between FortiGate and FortiAnalyzer.

No scalability issues. You should know how many logs per second or minute are generated in your network to avoid issues with scalability.

The technical support with Fortinet has risen considerably. Now, they respond in three to four hours instead of two days.

We did not use a previous solution.

The FAZ includes a wizard, which is very simple to follow during the initial setup.

We implemented it in-house. We have had some experience implementing FAZ.

I do not have this value yet.

The cost and pricing should be in accordance with the calculation of log storage capacity for a time period required for historical analysis.

We did not look at any other options, because Fortinet was elected for use by the end user.

My only experience is with a very important customer, the most recognized in Latin America.

We use it for reports and analysis.

The report templates are valuable. It works very well, and integrations also work well.

Feature-wise, it is working very well for us. We don't need any additional features. However, its pricing can be improved. For small business customers, price is an important factor.

I have been using this solution for two years.

It is stable.

It is easy to scale.

It is expensive for small business customers. It is only available for customers with a high number of firewalls to manage or to report. If a customer has only five boxes of FortiGate, the price of FortiAnalyzer can be more than the five boxes. So, we can't easily put this solution for small business customers.

I would rate this solution a nine out of ten.

Generally, Fortinet FortiAnalyzer gives you visibility around the network. You can track and monitor devices and pick the surrounding network. You can see which packets are being sent to the network, who the users are, and what are they using. You can also view the policies and firewall rules that are being used, the IDs that are being connected to, and the IP address a particular user is using.

Basically, it's a SOC. It's a security operations device. We use it for continuous monitoring, and it takes a team to do so. In my organization, three to four people are using it on a daily basis.

The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. 

It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well.

They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products.

It would also be good to include customizable reports and customizable views of the reports. 

I have been using Fortinet FortiAnalyzer for about five to eight months. We are using the latest version. We have deployed it on-premises as a VM.

It's pretty stable.

I'd say that it's very scalable. Scalability depends on which version of the appliance you're using. 

If you're using a hardware-based appliance, it's obviously tough to scale as that would require purchasing new devices. If you go to cloud services or virtual services, it's pretty easy to scale. You need to purchase new VMs and add the IOCs that you need, which is easy. 

I have contacted technical support, but not particularly regarding Fortinet FortiAnalyzer. I have only contacted them for firewalls and routing issues. I have not yet contacted them for things related to Fortinet FortiAnalyzer.

It's very easy and straightforward. You just need the point the FortiGate devices to your Fortinet FortiAnalyzer, and it just automatically configures the security fabric. The time depends on how many devices you're actually using. Configuring one device into your Fortinet FortiAnalyzer takes about five minutes or so.

The deployment was pretty straightforward. I didn't need any help in setting it up. I did it myself very easily. It comes with useful guidelines for setting it up. They also provide documentation and information through their website.

One person can easily do the deployment, but the main goal of the solution is to continue to monitor the regular network traffic for which a team is required. Our software team is responsible for handling such things.

This product is only dedicated to packet analyzing, automation, and things like that. I have not used analyzers of other vendors. However, other solutions do provide similar functionalities. 

It is kind of a very good network packet analyzer solution. It does what a network analyzer should do, and it does it very well. 

In terms of firewalls and using network analyzers, Fortinet has always been the leader among the leaders. Fortinet provides very good features and products. Specifically, if you want to use Fortinet FortiAnalyzer, you need to have a FortiGate environment. You need at least one FortiGate or other similar product in your network. So, if you are already using or are into Fortinet products, then FortiAnalyzer is a very good product to add on top of other products. Having only FortiAnalyzer in your network is kind of useless.

I would rate Fortinet FortiAnalyzer a nine out of ten. It's a very good product.

This product is only used for logs and reporting.

It gives us reporting features, which are helpful in the case of troubleshooting and audit purposes.

It has detailed reporting, e.g., user-wise reporting, threat analysis, etc. It also gives you live logs, which can be really helpful during troubleshooting. 

It should have customized reports as well. While it currently has them, you need to write a script which is not straightforward.

No issues.

No issues.

I would rate it as a two out of 10. The technical support takes at least two days to reply on any ticket post raised on their website. 

We did not have a previous solution.

Initial setup is straightforward, and it has an easy setup.

It depends upon the company.

We evaluated SonicWall and Cisco.

We're resellers of Fortinet. The solution is a product for doing diagnostics on their security environment. Our primary clients are banks or medical organizations.

The solution is very easy to deploy. 

We are very familiar with the product. It makes it easy to use and implement. 

The interface is easy to configure and fast to deploy. For that reason we use FortiAnalyzer.

FortiAnalyzer only works with other Fortinet products. If you need to analyze the data from other devices, other vendors, this solution is not the best one to use.

The interoperability with other vendors is lacking. It's very limited. You can scan the logs from other vendors within FortiAnalyzer, however, it only collects these logs. You can't analyze anything coming from other devices or vendors. This works very well with Fortinet products. When you need to interoperate with other vendors, it's difficult, because you don't have that support.

In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short.

We've been using the solution for more than ten years at this point. It's been a decade or so.

The stability of the solution is excellent. It's very robust. We don't have issues with bugs or glitches. It doesn't crash or freeze. It's extremely reliable.

The scalability is okay, however, it depends. If you do your homework and make the right sizing, you don't need the scalability. However, if you need scalability, it depends on the kind of client. You may need to change the box or move the FortiAnalyzer to another analyzer - something bigger - or maybe move the analyzer hardware to a better machine, depending on the customer.

Normally, we deal with small to medium-sized organizations.

The technical support is very good. We have support right here in our country, and they give us very good support. We don't have a problem in this case. We've very satisfied with the level of service we get.

The initial setup is not complex at all. It's very, very straightforward.

The deployment is quick and it's easy to configure. How long it takes depends on the size of the company that we are working for. Normally, we're able to do it within the same day, and we deploy the device or the virtual machine within that time frame. Depending on the requirements of the company, we may also optimize the reporting.

We handle the deployment ourselves. We've been doing it for so long at this point, we've very comfortable with it.

We use different deployment versions of Fortinet solutions. We use, for example, 200E and 200D and 100 too. These are the most popular. Right now, use the virtual environment.

This is a product that is very good for when you're using a Fortinet ecosystem. If you have a mix of vendors, it's not recommended.

Overall, I would rate the solution at a nine out of ten. We've been quite happy with their offering.

The anti-virus protection it offers our clients is solid.

Currently, no solution can offer you 100% protection from viruses such as WannaCry ransomware. Fortinet should strive to improve their prevention systems.

I have been using this solution for about two to three years.

This solution is stable.

FortiAnalyzer does slow down when there is a heavy load of users, but it still does its job. Also, when many logs are generated throughout many sessions, the Analyser slows down. 

The technical support is not very reliable. Sometimes it takes them up to a week to get back to us. 

The initial setup is not complex. The basic setup takes roughly 30 minutes to one hour — reconfiguration can take up to one day.

If you have Fortinet Firewall, you must implement FortiAnalyzer because, without the Analyzer, you can't generate the polls. 

On a scale from one to ten, I would give this solution a rating of seven. I would give them a higher rating if they improved their scalability.

• Real time reports
• Reports on who tried to attack
• FortiGate monitor

Before using FortiAnalyzer, people would surf wherever and we could not monitor or see which computer in the company goes where. Everyone had the same IP. Now, using the analyzer, I am able to see each IP separately, including user name and other stats. One time the police called and told me someone from the company was breaking the law and I was able to monitor the specific computer.

They should learn from CheckPoint how to design UX for admins.

No issues encountered.

It's very stable.

I've not used them yet.

I've not used them yet.

We previously used a previous solution.

It was straightforward.

We did it in-house.

It's a great ROI for the price.

Only get it if you need it.