Fortinet FortiAnalyzer Reviews

The Primary case is to collect & monitor logs & events from all of our firewalls and appliances in one single interface with analysis

Our work has been more focused and efficient due to the automatic notifications and reports

You can monitor all appliances from a centralized location. 

You have a front dashboard for all our operations and all the logs. If you need to search for anything you can just dig deep into the logs.

For example, if you are searching for an email to find out why it is blocked, you will be able to see the policy that blocked it, which logs were triggered, etc... It gives you all the information you need right there, from the dashboard.

The solution offers excellent customizable reports. In our case, we needed a monthly report of all internet consumption, and we were able to easily create this.

There are pre-defined templates. The logs cover any question or need that we populate within these templates. However, you can also build your own template.

There is great analytics that can be used in different departments. For example, our marketing department can go more into media patterns and not just into browsing patterns.

Everything is easily visible and can be tracked and studied.

SOC is very helpful. It shows which IPs are targeting your environments. It shows you the threat levels of all the threats you're facing - including the locations, which policy was triggered et cetera. It will even tell you if the system blocked the threat or not.

FortiAnaylzer is compatible with all of our web browsers. 

There are customizable workflows that you can work with. You can automate certain tasks in FortiAnaylzer in the incidents and events sections. 

It is a pretty big software package. It has a lot of features which maybe aren't that useful. 

It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot.

The could be more automation and more artificial intelligence integrated into the solution.

It was a service model application originally. It needs to have some artificial intelligence in dealing with the analysis of the nodes, and not just showing the nodes. I'm one version behind the latest version, so I don't know if they added it yet, however, if they haven't it would be a good thing to put into their roadmap.

I've been using the solution for four years.

My solution is based on VM ova image which is predefined by Fortinet. I don't remember when was the last time I restarted the machine which shows no matter what is the size of logs collected the system doesn't crash.

The scalability is pretty good. It's only limited in the log size. You can buy five gigs or 10 gigs if you need to. It depends on how you're going to handle/store the logs.

That said, it is scalable since you are only billed with the size of logs you are using as per the packages and you don't need to modify the cpu/ram. I have it installed on a VM environment and it's connecting to data all over my sites that are both inside and outside Lebanon.

Technical support is perfect whether from the vendor or from the online support. I'm lucky to have a partner in Lebanon who is a preferred platinum partner with Fortinet. Whenever we open a case with them we always get a clear response. They are professional. We're quite satisfied with the level of support we are getting.

It is very straight forward, the only thing that you might do some customization in the report and the event management. Other than this everything is predefined and based on templates, so you are able to add your touch on the reports as well.

I have implemented it with a vendor who is the leader in our region working with Fortinet Solutions.

We're Fortinet end-users.

I was on older versions and now I'm with a newer version. People have faced many issues after downloading the latest update so I tend to keep one update back from the newest one to avoid issues.

I'd advise other potential users that, first of all, if they have Fortinet products in their environment, they should consider FortiAnaylzer. If they don't have it, they shouldn't consider it. They need to have Fortinet appliances.

Secondly, it is a very easy configuration, so companies will not have any problems configuring the FortiAnaylzer. It doesn't require a lot of resources.

We're going to bring a dedicated server for our FortiAnaylzer due to the fact that it is a bit of a predefined virtual machine that we can download from Fortinet's side. If you don't want to go deep in the reports and logs, it can rely on the built-in reporting tools in your appliances.

If you happen to have three Fortinet solutions in your environment then you need to have a FortiAnaylzer as it helps a lot in troubleshooting. It helps a lot with predicting everything that you might see happening on a lot on your network. You will need to have FortiAnaylzer due to the fact that the reporting is not that advanced in the appliances.

Overall, I'd rate the solution eight out of ten. If it was more automated and added in some AI elements, I would rate it higher.

The anti-virus protection it offers our clients is solid.

Currently, no solution can offer you 100% protection from viruses such as WannaCry ransomware. Fortinet should strive to improve their prevention systems.

I have been using this solution for about two to three years.

This solution is stable.

FortiAnalyzer does slow down when there is a heavy load of users, but it still does its job. Also, when many logs are generated throughout many sessions, the Analyser slows down. 

The technical support is not very reliable. Sometimes it takes them up to a week to get back to us. 

The initial setup is not complex. The basic setup takes roughly 30 minutes to one hour — reconfiguration can take up to one day.

If you have Fortinet Firewall, you must implement FortiAnalyzer because, without the Analyzer, you can't generate the polls. 

On a scale from one to ten, I would give this solution a rating of seven. I would give them a higher rating if they improved their scalability.

The most important feature is to be able to get reports or information about the state of all firewalls.

Fortinet FortiAnalyzer is not in the cloud environment like some of the other products. There could be a possibility of extending its functionality to the cloud environment. 

If possible, they could have a deal with or integrate with other firewall manufacturers, like Palo Alto and Cisco, and mix the information. It is a difficult functionality. I don't know if any product in the market provides such functionality.

I have been using Fortinet FortiAnalyzer for around one year.

It is very stable.

It is scalable up to the maximum requirement of our customers. Our customers don't require a lot of firewalls, such as 100 or 1,000.

We have contacted their technical support, and there was no problem. In general, we can directly communicate with their technical support and technicians.

I have used products from Palo Alto and Cisco.

The initial setup is not complex. The configuration of Fortinet FortiAnalyzer is easy for basic information. The configuration can be complex if you want to do a lot of reporting.

It is not very expensive when customers understand the value of this product and the importance of the information that it provides for security. 

We are a reseller. We have some customers who use this product, and I help them with the configuration of the basic features. 

Fortinet FortiAnalyzer is useful for seeing the problems of the network and analyzing what is happening in your network. If you have an attack or some security problem, you can immediately see the information in the logs. 

I would rate Fortinet FortiAnalyzer an eight out of ten.

Generally, Fortinet FortiAnalyzer gives you visibility around the network. You can track and monitor devices and pick the surrounding network. You can see which packets are being sent to the network, who the users are, and what are they using. You can also view the policies and firewall rules that are being used, the IDs that are being connected to, and the IP address a particular user is using.

Basically, it's a SOC. It's a security operations device. We use it for continuous monitoring, and it takes a team to do so. In my organization, three to four people are using it on a daily basis.

The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. 

It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well.

They can include integration with devices, such as firewalls, endpoints, from other vendors. They can include graphic monitoring of everything in the network, not just Fortinet products.

It would also be good to include customizable reports and customizable views of the reports. 

I have been using Fortinet FortiAnalyzer for about five to eight months. We are using the latest version. We have deployed it on-premises as a VM.

It's pretty stable.

I'd say that it's very scalable. Scalability depends on which version of the appliance you're using. 

If you're using a hardware-based appliance, it's obviously tough to scale as that would require purchasing new devices. If you go to cloud services or virtual services, it's pretty easy to scale. You need to purchase new VMs and add the IOCs that you need, which is easy. 

I have contacted technical support, but not particularly regarding Fortinet FortiAnalyzer. I have only contacted them for firewalls and routing issues. I have not yet contacted them for things related to Fortinet FortiAnalyzer.

It's very easy and straightforward. You just need the point the FortiGate devices to your Fortinet FortiAnalyzer, and it just automatically configures the security fabric. The time depends on how many devices you're actually using. Configuring one device into your Fortinet FortiAnalyzer takes about five minutes or so.

The deployment was pretty straightforward. I didn't need any help in setting it up. I did it myself very easily. It comes with useful guidelines for setting it up. They also provide documentation and information through their website.

One person can easily do the deployment, but the main goal of the solution is to continue to monitor the regular network traffic for which a team is required. Our software team is responsible for handling such things.

This product is only dedicated to packet analyzing, automation, and things like that. I have not used analyzers of other vendors. However, other solutions do provide similar functionalities. 

It is kind of a very good network packet analyzer solution. It does what a network analyzer should do, and it does it very well. 

In terms of firewalls and using network analyzers, Fortinet has always been the leader among the leaders. Fortinet provides very good features and products. Specifically, if you want to use Fortinet FortiAnalyzer, you need to have a FortiGate environment. You need at least one FortiGate or other similar product in your network. So, if you are already using or are into Fortinet products, then FortiAnalyzer is a very good product to add on top of other products. Having only FortiAnalyzer in your network is kind of useless.

I would rate Fortinet FortiAnalyzer a nine out of ten. It's a very good product.

We are using Fortinet FortiAnalyzer to manage services for our customers. We use it for log management.

Fortinet FortiAnalyzer is easy. For customers with basic knowledge, and for those who do not have a technical background, Fortinet is quite good and it should be the first choice.

The interface is simple and easy to navigate.

One of the main disadvantages is not having a direct link to the security policy when you see something in the log. You should be able to right-click and go directly to the security policy. When you compare with Checkpoint, they are very good with reporting and logging, and when you right-click on the log you can go to the policy and edit it.

In the next release, I would like to have a feature added where you can right-click and it takes you directly to the policy to edit it.

I have been working with Fortinet FortiAnalyzer for four years.

Fortinet FortiAnalyzer is stable.

This is solution is very scalable.

I don't have any issues with technical support.

The initial setup is straightforward. Everything with Fortinet is straightforward.

When comparing with other solutions such as Checkpoint and Cisco, Fortinet is priced well.

I am an expert in Juniper and Fortinet at a professional level.

Previously in another company, we were service providers, and I did the implementation for service delivery cargo, and for an enterprise company, I did the firewall migration.

I would recommend Fortinet FortiAnalyzer.

I would rate this solution a nine out of ten.

We're a service provider. Our clients use the solution for log management.

We are using physical and virtual end ware. We have a physical and logical virtual environment for using this platform, which we provide to our customers.

We are utilizing the previous site end dividers and the IPS, IDS DDoS features. 

The log analysis and reporting are both quite good. 

The solution doesn't have online analysis. We can't analyze certain parts of the logs. For example, we can't analyze current logs.

It would be helpful if we could use the system we use to monitor everything to also check the live traffic or live logs.

The solution lacks business intelligence features. It's much too basic.

I've been using the solution for two or three years.

The solution is stable. We've never faced issues.

The solution does not scale easily. It's a hardware solution. We have FortiAnalyzer hardware, and since it has a hardware agent on the storage ware, it requires Forti capacity for analyzing purposes. There's only a finite amount of space in the hardware itself. It isn't infinite.

We've dealt with technical support in the past and we've been very satisfied at the level of support we've received so far.

The initial setup varies from company to company. Some are straightforward, some are complex.

Deployment is a simple task. FortiAnalyzer comes with the hardware version and a virtual agent. We just deploy and integrate it with the other Fortinet products.

There is a lot of competition for Fortinet in this area, including USM and Palo Alto.

We are Fortinet partners.

For those organizations that need to use a product for reporting or some analysis of logs, this is a good solution. 

I'd rate the solution seven out of ten. The features are basic, and there's not too much business intelligence behind them. If it offered more of that, I'd rate it higher.

We use this solution for reporting. We also use it to keep logs for our clients that require logs with a history of more than seven days.

In addition to our own firewalls, we have several clients with firewalls that report into the same FortiAnalyzer.

We have a private cloud deployment, set up on-premises.

The most valuable features are customizing reports, and the ability to drill down to display critical information in real-time. FortiGate itself, for example, doesn't offer all of this information on the entry-level firewalls. You can get more detailed information from FortiAnalyzer based on the log that is retrieved from FortiGate while it is operating.

I would like to be able to do more customization. For example, I would like to be able to develop my own set of reports that I can upload to the analyzer, and then it can report in a fashionable way as to what I really expect, rather than the ones that are preconfigured. Then we can play around with them in terms of where you can position your top bandwidth users, and such.

The reports are good, but they are over-summarized.

The device has been pretty much stable. We haven't really had issues with it in the time that we've been using it.

The licensing limits the storage in terms of how much information it can store. For example, you can collect seven gigs of log files in a day.

We have twenty firewalls connecting to FortiAnalyzer. We are moving some of them to the FortiCloud platform because we get thirty days of reporting on a non-subscription basis with FortiCloud. With FortiAnalyzer, we would have to pay for more licenses.

At this stage, we do not plan to increase usage. The majority of our clients who have entry-level firewalls are now depending on FortiCloud. It is more robust than us having more of the FortiAnalyzer devices. Because FortiCloud is accessible from anywhere, a client can easily manage it, rather than us giving them access to the Fortianalyzer. So, we're finding FortiCloud being a better option than us having an on-site FortiAnalyzer.

When I speak with Fortinet technical support it is usually in regards to FortiGate. I would rate their support team an eight out of ten. Sometimes, what happens is that we open a webchat with them where you don't have to open a ticket. The problem is that you may end up dealing with the level-one support who doesn't really give you the answer, so they then refer you to open a ticket. This delay can be a problem when you have a client that needs an issue resolved right then and there.

We have not used any other solutions for log analysis.

The initial setup of this solution is pretty straightforward. We have a few FortiGate firewalls, and they communicate with FortiAnalyzer over the public networks by sending their logs.

The deployment was not difficult and did not take much time. It is just the initial configuration on FortiAnalyzer, which takes no more than ten minutes. Then, the analyzer will be synchronized with FortiGate. It is just a matter of entering the FortiAnalyzer IP address, then allowing it to register. In total, it takes about twenty minutes.

There are three administrators for this solution, and I handle the maintenance myself.

We handled the deployment ourselves. The documentation from Fortinet is pretty straightforward.

The pricing of this solution is fair, and it is based on what you can manage. There are no costs in addition to the licensing fees.

We tried NetFlow Analyzer, and the product was good but it was highly expensive.

This solution, at every stage, does what I expect it to.

My advice for anybody researching this solution is to consider the size of their organization. If it is very big and they need to retain a log for a specific number of days or a period of time, for example, going back to thirty days and they also need to analyze the traffic in real-time, then FortiAnalyzer would be ideal. However, the same service is now available on FortiCloud, which is something else that I highly recommend.

With other solutions, such as NetFlow Analyzer, you can really customize your report to what you expect. Together you can insert logs, you can customize your reports with the logs that you're receiving, unlike with FortiAnalyzer. This is a major drawback.

I would rate this solution a seven out of ten.

Our primary use case of this solution is to deep-dive and get deep visibility analyzing of logs and proxy of the network. In other words, to get good customized reports.

The solution allows us to see what our users do on their computers. Some way they work all day long, but then we see that they have been surfing on net, using YouTube, streaming or looking at Facebook. It is therefore a very handy program. 

I am very impressed by the new version's security - on-premise or on the cloud. We have integrated the program with FortiView to get a better-customized log and more scalability on the application. The newer version is also much faster than the previous one and we have more visibility on whatever is happening on our system. 

Reporting wasn't very good in the previous version, but I believe it has greatly improved. The newer version has more features and the quality of reporting is better too. 

I would also like to see an improvement in the rebooting.

The stability of the solution is good - better than the previous version. Even the hardware had changed from DCVs to some STVs so now the hardware and software are more powerful compared to the previous version. We are now able to do 14-hour functionality. The program is disabled on the FortiManager by default, but we can enable it via the console in order to get the same visibility on the FortiAnalyzer. 

The scalability of the program is good and we are hoping to increase our usage. I would like to see new features and better functionality, though. For the scalability of the FortiAnalyzer, we need to take into consideration the time it will take to load 30 users instead of only 14. So maybe we would perhaps need an upgrade license for FortiAnalyzer deployment in that case.

The technical support isn't very good, I rate it a 2 out of 5. I don't really rely on their support because in the past I had some issues and the support team could not help me. 

The initial setup was really straightforward. The duration of the deployment depends on the requirements of the customer and the kind of reports they want to get. It can be customized to the client's specifications. Some only use it for visibility while others want to get detailed reports. If the requirements are complex, it will take around two days. Otherwise, it will take a few hours. It is very easy to deploy the FortiAnalyzer. 

This program is quite expensive. We have to renew the hardware every year and the hardware is very expensive. And we need to renew the licensing for application control too. 

I rate this solution a 6 out of 10. It is a good security firmware for automation. From a single dashboard we can get all the logs and traffic information on our firewall. We can get more visibility, so there is no need for the engineer to go in each and every firewall to get information. 

Even if we don't use the FortiAnalyzer, we can use a FortiCloud to send a log. But we are still using a cloud-based solution. We are using our internet bandwidth to send logs. That's in real-time or scheduling. If bandwidth is the key factor, I will not recommend the customer to use a FortiCloud. And even if you are using the FortiCloud, the basic free version, you have a retention log for only seven days. If you want to have a longer retention log, let's say for one year, then you need to create a subscription with FortiGate. In that case, it is better to have a FortiAnalyzer on-premise. Always try to listen to your customer.