Subscription and onboarding
How can I subscribe to the service?
To subscribe to SOCaaS, purchase the subscription license for logging Fabric devices (for example, FortiGate through a licensed reseller) and register them in FortiCloud.
After the license is registered, go to the Services > Cloud Services > SOCaaS to access the SOCaaS Welcome page and submit your onboarding request by completing the Onboarding Wizard.
Customers must have an on-premise FortiAnalyzer or a FortiAnalyzer Cloud instance and have configured their FortiGate to send logs to FortiAnalyzer.
For more information on subscribing to SOCaaS, see Subscribing to SOCaaS.
How are customers onboarded?
Please review the links below from the SOCaaS User Guide available on the Fortinet Documents Library for onboarding information.
Does Fortinet offer a trial/POC of SOCaaS?
Fortinet offers a 30 day SOCaaS trial/POC. Please contact your Account Manager or Sales Engineer (AM/SE) if you require a SOCaaS trial license. The Account Manager or Sales Engineer (AM/SE) will also be responsible for obtaining approval for initiating your POC/trial.
The following is required in order to do a proof of concept (POC) for SOCaaS:
- FortiAnalyzer on-prem or FortiAnalyzer Cloud. If you do not have a FortiAnalyzer, the SOCaaS trial license will include one for free.
- A minimum of one FortiGate or FortiGate-VM.
Where can I find SOCaaS user guides?
The SOCaaS User Guide is available in the Resources tile on the SOCaaS dashboard.
If I want an HA pair of firewalls to run as an active/passive pair, does this require two SOCaaS SKUs?
Yes.
What is the SOCaaS onboarding process?
Following is the SOCaaS standard onboarding process:
What is the checklist that I need to follow to onboard my FortiGate and FortiAnalyzer?
-
There are some best practice configurations you can review as part of prepping the FortiGates for onboarding.
FortiGate configuration checklist: - All traffic, system, event, UTM, and security logging is enabled and forwarded to your FortiAnalyzer.
- UTM profiles are created and assigned to FortiGate policies.
- Your FortiAnalyzer is configured to forward logs to the SOCaaS FortiAnalyzer. The destination URL will be provided by the SOC team via email during onboarding.
Is the SOCaaS subscription stackable?
Yes, the SOCaaS SKU is stackable.
For example, if a customer purchases a 3 year FortiGate license and wants to purchase the SOCaaS SKU for 3 years as well, the customer can purchase FC-10-[FortiGate Model Code]-464-02-12 (x3).