Fortinet black logo

Security visibility

6.4.0
Copy Link
Copy Doc ID f03023fb-007b-11ec-8f3f-00505692583a:61323
Download PDF

Security visibility

Administrators can access the FortiAnalyzer unit from a GUI (through a web browser) without any specific software client. From the GUI, a global dashboard provides links to other main menus:

  • Dashboard has been designed to give a detailed view of the logging activity in the managed environments. The admin can quickly appreciate the average log rate as well as the number and volume of logs collected every day over a week. This information is crucial for designing the logging policy and working around capacity planning.
  • FortiView provides broad visibility on traffic, applications in use, threats, and the most visited websites in just one click. FortiView aggregates and then analyzes all data to instantaneously highlight the most relevant piece of information, and you can consult the information provided by each graph. You can also click graphs to view details of the underlying events.
  • Log View is intuitive and easily edited to optimize access to relevant information. A powerful search engine allows the filtering of logs according to multiple criteria.
  • Event Monitor correlates the logs to generate security alerts that the administrator can acknowledge, analyze, or delete. Double-click on a security event to show the list of all events linked to the alert. It is also possible to configure rules (send email, SNMP, or syslog) based on the log content to generate alerts, when an event or an event sequence occurs. Again, the most valuable alerts have been predefined to address the most frequent use cases.

Security visibility

Administrators can access the FortiAnalyzer unit from a GUI (through a web browser) without any specific software client. From the GUI, a global dashboard provides links to other main menus:

  • Dashboard has been designed to give a detailed view of the logging activity in the managed environments. The admin can quickly appreciate the average log rate as well as the number and volume of logs collected every day over a week. This information is crucial for designing the logging policy and working around capacity planning.
  • FortiView provides broad visibility on traffic, applications in use, threats, and the most visited websites in just one click. FortiView aggregates and then analyzes all data to instantaneously highlight the most relevant piece of information, and you can consult the information provided by each graph. You can also click graphs to view details of the underlying events.
  • Log View is intuitive and easily edited to optimize access to relevant information. A powerful search engine allows the filtering of logs according to multiple criteria.
  • Event Monitor correlates the logs to generate security alerts that the administrator can acknowledge, analyze, or delete. Double-click on a security event to show the list of all events linked to the alert. It is also possible to configure rules (send email, SNMP, or syslog) based on the log content to generate alerts, when an event or an event sequence occurs. Again, the most valuable alerts have been predefined to address the most frequent use cases.