Must Have for FortiGate Management
September 10, 2021

Must Have for FortiGate Management

Shahab Razak | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with FortiAnalyzer

FortiAnalyzer is used by the Network Engineering and Operations department to 1) upload firewall logs to a SEIM, 2) as a surveillance tool to monitor the integrity of multiple firewalls across the enterprise, 3) Compliance and reporting engine, 4) Firewall rules auditor, 5) comprehensive enterprise wide security analysis and other Security Governance tasks.
  • Event correlation
  • Real-time detection
  • Compliance Reporting
  • Security Tools orchestration
  • Security workflow automation
  • Integration with ServiceNOW
  • Centralized NOC/SOC visibility
  • Administrative Domains and Software Versions are difficult to maintain
  • managing different FortiOS versions gets complicated quite easily
  • Administrative Domains must be well architected from the beginning
  • log aggregation
  • multi firewall visibility
  • analysis of enterprise security landscape
  • easy to deploy
  • we were able to retire 3 legacy security tools in favor of FortiAnalyzer
  • Automate 155 security tasks and reporting
  • one click compliance reporting for PCI-DSS
  • Enterprise security governance
  • Visualize the security landscape
  • Eliminate and or prune unnecessary rules
  • Tune overly permissive rules for tighter security
FortiAnalyzer is significantly cheaper and a better value for the money especially if you have FortiGate firewalls in the datacenter or in the cloud. FortiAnalyzer manages physical, virtual, and cloud firewalls in a single pane of glass providing a wholistic enterprise view of your security landscape. Compliance reporting comes built-in with the most popular reports ready at a click of a button. FortiAnalyzer is a great aggregation point before uploading logs to a SEIM / SOC tool.

Do you think FortiAnalyzer delivers good value for the price?

Yes

Are you happy with FortiAnalyzer's feature set?

Yes

Did FortiAnalyzer live up to sales and marketing promises?

Yes

Did implementation of FortiAnalyzer go as expected?

Yes

Would you buy FortiAnalyzer again?

Yes

FortiAnalyzer is a must have when you administer multiple FortiGate firewalls in a defense in depth enterprise environment. Total visibility can be achieved across multiple physical and virtual firewalls. Complete analysis of your threat landscape is possible along with real time detection, compliance reporting, and wholistic firewall rule analysis and reporting. Eliminating shadow rules, tuning unnecessarily permissive rules, automation and other analysis are built in to this easy to deploy software.

Evaluating FortiAnalyzer and Competitors

  • Price
  • Product Features
  • Product Usability
Product usability inside a global FortiGate FW deployment both for Corporate and Datacenter environments. Easy deployment and turn key operation was very important and proved true in our defense in depth topology. Fast data ingestion and real-time detection enabled the product to work immediately in our environment and integrate with existing SEIM, NOC, and SOC tools.
The FortiAnalyzer instance was deployed straight into the AZURE platform as a service endpoint for all firewalls deployed in AZURE regions and physical datacenters across the globe providing security analytics immediately for the enterprise. A FortiAnalyzer Federation deployment architecture would have been better to start in our scenario as we quickly out grew the single cluster.

Using FortiAnalyzer

FortiAnalyzer is easy to deploy are ready to use right out of the box. The user interface is intuitive and the reporting engine is very customizable however most of the 'canned' reports are usable right away. It is easy to add firewalls under management and event correlation happens immediately. FortiAnalyzer is a great log aggregator for all of your firewalls and then upload meaningful data to a SEIM.
ProsCons
Like to use
Relatively simple
Easy to use
Well integrated
Consistent
Quick to learn
Convenient
Feel confident using
None
  • Compliance Reporting
  • Real-time detection
  • Event correlation
  • Enterprise FortiGate Firewall Management
  • Setting up Administrative Domains
  • Managing multiple FW versions become clunky and complicated
  • Choice of physical or virtual appliance or cloud instance