Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    Home SOCaaS User Guide

    Requirements

    Requirements

    The following items are required to use SOCaaS:

    • FortiCloud account to activate your SOCaaS license, access the SOCaaS portal, and submit onboarding requests. For instructions about creating a FortiCloud account, see Creating a FortiCloud account in the FortiCloud documentation.

      To successfully submit onboarding requests, ensure the FortiCare account meets the following requirements:

      • Uses a valid business email address. Webmail addresses like Gmail or Hotmail are not accepted.

      • Registered business domain or website and business address information has been added to the FortiCare account. Residential addresses are not accepted.

      If your FortiCare account does not meet all the requirements, please provide an explanation in the Notes field when creating the onboarding request so that the SOCaaS Onboarding team can validate.

      Note

      When making changes to your FortiCare ID in FortiCloud, it is important to submit those changes in SOCaaS.

      Please notify the SOCaaS team of FortiCare ID changes by submitting a technical assistance Service Request including the new ID and any important changes to your account, as well as any changes to emails or other account contact information.

    • FortiGate (6.4.5 or later) with a valid FortiCloud SOCaaS subscription to forward logs to the SOC FortiAnalyzer.

      Note

      When adding FortiGates configured under a High Availability (HA) setup, each FortiGate in the HA cluster must be on version 6.4.5 or later with a subscription to SOCaaS.

    • One of the following for collecting logs from customer devices:

      • On-premise FortiAnalyzer (6.4.5 or later)—If you are configuring FQDN for log forwarding, FortiAnalyzer version 7.2.4/7.4.2 and later are recommended. See Sending logs from an on-premise FortiAnalyzer.

      • FortiAnalyzer Cloud—The SOCaaS license includes a complimentary FortiAnalyzer Cloud instance that you can use if you do not have a FortiAnalyzer on-premise or a FortiAnalyzer Cloud instance of your own. See Sending logs from FortiAnalyzer Cloud.

    • Prerequisite configurations on your FortiGate and FortiAnalyzer (or FortiAnalyzer Cloud) to ensure that the FortiGate is logging to the FortiAnalyzer (or FortiAnalyzer Cloud).

    • (Optional) An onboarded FortiClient EMS has a valid FortiClient Forensic Service license in order to view and submit forensic analysis requests.

    You are required to filter all confidential and personal data from all logs sent to SOCaaS. Fortinet is not responsible for any customer logs that contain confidential or personal data.

    Previous
    Next

    Requirements

    Requirements

    The following items are required to use SOCaaS:

    • FortiCloud account to activate your SOCaaS license, access the SOCaaS portal, and submit onboarding requests. For instructions about creating a FortiCloud account, see Creating a FortiCloud account in the FortiCloud documentation.

      To successfully submit onboarding requests, ensure the FortiCare account meets the following requirements:

      • Uses a valid business email address. Webmail addresses like Gmail or Hotmail are not accepted.

      • Registered business domain or website and business address information has been added to the FortiCare account. Residential addresses are not accepted.

      If your FortiCare account does not meet all the requirements, please provide an explanation in the Notes field when creating the onboarding request so that the SOCaaS Onboarding team can validate.

      Note

      When making changes to your FortiCare ID in FortiCloud, it is important to submit those changes in SOCaaS.

      Please notify the SOCaaS team of FortiCare ID changes by submitting a technical assistance Service Request including the new ID and any important changes to your account, as well as any changes to emails or other account contact information.

    • FortiGate (6.4.5 or later) with a valid FortiCloud SOCaaS subscription to forward logs to the SOC FortiAnalyzer.

      Note

      When adding FortiGates configured under a High Availability (HA) setup, each FortiGate in the HA cluster must be on version 6.4.5 or later with a subscription to SOCaaS.

    • One of the following for collecting logs from customer devices:

      • On-premise FortiAnalyzer (6.4.5 or later)—If you are configuring FQDN for log forwarding, FortiAnalyzer version 7.2.4/7.4.2 and later are recommended. See Sending logs from an on-premise FortiAnalyzer.

      • FortiAnalyzer Cloud—The SOCaaS license includes a complimentary FortiAnalyzer Cloud instance that you can use if you do not have a FortiAnalyzer on-premise or a FortiAnalyzer Cloud instance of your own. See Sending logs from FortiAnalyzer Cloud.

    • Prerequisite configurations on your FortiGate and FortiAnalyzer (or FortiAnalyzer Cloud) to ensure that the FortiGate is logging to the FortiAnalyzer (or FortiAnalyzer Cloud).

    • (Optional) An onboarded FortiClient EMS has a valid FortiClient Forensic Service license in order to view and submit forensic analysis requests.

    You are required to filter all confidential and personal data from all logs sent to SOCaaS. Fortinet is not responsible for any customer logs that contain confidential or personal data.

    Previous
    Next