As part of the Fortinet Security Fabric, FortiAnalyzer provides security fabric analytics and automation to provide better detection and response against cyber risks.
N/A
FortiSOAR
Score 8.0 out of 10
N/A
CyberSponse was a security orchestration, automation and response (SOAR) solution, now known as FortiSOAR. Fortinet acquired and now supports the solution (December 2019).
FortiAnalyzer is a must have when you administer multiple FortiGate firewalls in a defense in depth enterprise environment. Total visibility can be achieved across multiple physical and virtual firewalls. Complete analysis of your threat landscape is possible along with real time detection, compliance reporting, and wholistic firewall rule analysis and reporting. Eliminating shadow rules, tuning unnecessarily permissive rules, automation and other analysis are built in to this easy to deploy software.
Most organization with medium & maturity SOC struggle with alert fatigue & false positives with addressing alert volume is result in increasing risk of critical alerts being masked by trivial one , in this situation FortiSOAR help in case management : rapidly response in case of crises also. FortiSOAR is designed very well where Fortinet have other stack of security component also like Fortinet NGFW & Forti SIEM etc.. Fortinet NGFW can and generate the FortiSOAR instance through FortiCloud for Customer . However In absence of FortiFabric it require lot of connectors to work well the solution.
Training Services- Fortinet offers courses geared towards administration and designed and development of FortiSOAR , Which required multiples access , we need all training services with self pace basis , I think here Fortinet need to improve.
Licensing Model- Being as a new technology Licensing model should be crystal & Clear, be it Concurrent Users or The number of FortiSOAR nodes there should be no ambiguity .
FortiAnalyzer is easy to deploy are ready to use right out of the box. The user interface is intuitive and the reporting engine is very customizable however most of the 'canned' reports are usable right away. It is easy to add firewalls under management and event correlation happens immediately. FortiAnalyzer is a great log aggregator for all of your firewalls and then upload meaningful data to a SEIM.
The cost of FortiAnalyzer is lower compared to other products, and the benefits it provides at this cost are notably superior. Given the presence of multiple FortiGate products in our network, its seamless integration enhances efficiency and usage, allowing us to maximize the utility of the product to a great extent.
Done prove of concept (POC) thoroughly , where we judged the solution on every aspect & We came to know FortiSOAR will work well in our environment as it is blended with features like Case managements , Product Flexibility * Scalable Architecture . These features were much required to optimum use of our SOC solution. Since we have all the Fortinet security stack in our environment it helped us a lot in selection (POC) and also commercially.
We are able to report to the management the real-time attacks on the network
User behavior analysis has become easy
Achieving a favorable return on investment (ROI) is easily attainable, given that the product cost is relatively moderate. Without the product, the amount of human work time required is significantly higher, further emphasizing the cost-effectiveness of its implementation.
