Must Have for FortiGate Management
Overall Satisfaction with FortiAnalyzer
FortiAnalyzer is used by the Network Engineering and Operations department to 1) upload firewall logs to a SEIM, 2) as a surveillance tool to monitor the integrity of multiple firewalls across the enterprise, 3) Compliance and reporting engine, 4) Firewall rules auditor, 5) comprehensive enterprise wide security analysis and other Security Governance tasks.
Pros
- Event correlation
- Real-time detection
- Compliance Reporting
- Security Tools orchestration
- Security workflow automation
- Integration with ServiceNOW
- Centralized NOC/SOC visibility
Cons
- Administrative Domains and Software Versions are difficult to maintain
- managing different FortiOS versions gets complicated quite easily
- Administrative Domains must be well architected from the beginning
- log aggregation
- multi firewall visibility
- analysis of enterprise security landscape
- easy to deploy
- we were able to retire 3 legacy security tools in favor of FortiAnalyzer
- Automate 155 security tasks and reporting
- one click compliance reporting for PCI-DSS
- Enterprise security governance
- Visualize the security landscape
- Eliminate and or prune unnecessary rules
- Tune overly permissive rules for tighter security
- Tufin Orchestration Suite and Splunk Enterprise Security (SIEM)
FortiAnalyzer is significantly cheaper and a better value for the money especially if you have FortiGate firewalls in the datacenter or in the cloud. FortiAnalyzer manages physical, virtual, and cloud firewalls in a single pane of glass providing a wholistic enterprise view of your security landscape. Compliance reporting comes built-in with the most popular reports ready at a click of a button. FortiAnalyzer is a great aggregation point before uploading logs to a SEIM / SOC tool.
Do you think FortiAnalyzer delivers good value for the price?
Yes
Are you happy with FortiAnalyzer's feature set?
Yes
Did FortiAnalyzer live up to sales and marketing promises?
Yes
Did implementation of FortiAnalyzer go as expected?
Yes
Would you buy FortiAnalyzer again?
Yes
Evaluating FortiAnalyzer and Competitors
- Price
- Product Features
- Product Usability
Product usability inside a global FortiGate FW deployment both for Corporate and Datacenter environments. Easy deployment and turn key operation was very important and proved true in our defense in depth topology. Fast data ingestion and real-time detection enabled the product to work immediately in our environment and integrate with existing SEIM, NOC, and SOC tools.
The FortiAnalyzer instance was deployed straight into the AZURE platform as a service endpoint for all firewalls deployed in AZURE regions and physical datacenters across the globe providing security analytics immediately for the enterprise. A FortiAnalyzer Federation deployment architecture would have been better to start in our scenario as we quickly out grew the single cluster.
Using FortiAnalyzer
Pros | Cons |
---|---|
Like to use Relatively simple Easy to use Well integrated Consistent Quick to learn Convenient Feel confident using | None |
- Compliance Reporting
- Real-time detection
- Event correlation
- Enterprise FortiGate Firewall Management
- Setting up Administrative Domains
- Managing multiple FW versions become clunky and complicated
- Choice of physical or virtual appliance or cloud instance
Comments
Please log in to join the conversation