FortiAnalyzer is used by the Network Engineering and Operations department to 1) upload firewall logs to a SEIM, 2) as a surveillance tool to monitor the integrity of multiple firewalls across the enterprise, 3) Compliance and reporting engine, 4) Firewall rules auditor, 5) comprehensive enterprise wide security analysis and other Security Governance tasks.
- Event correlation
- Real-time detection
- Compliance Reporting
- Security Tools orchestration
- Security workflow automation
- Integration with ServiceNOW
- Centralized NOC/SOC visibility
- Administrative Domains and Software Versions are difficult to maintain
- managing different FortiOS versions gets complicated quite easily
- Administrative Domains must be well architected from the beginning
FortiAnalyzer is a must have when you administer multiple FortiGate firewalls in a defense in depth enterprise environment. Total visibility can be achieved across multiple physical and virtual firewalls. Complete analysis of your threat landscape is possible along with real time detection, compliance reporting, and wholistic firewall rule analysis and reporting. Eliminating shadow rules, tuning unnecessarily permissive rules, automation and other analysis are built in to this easy to deploy software.