Fortinet black logo

SD-WAN Architecture for Enterprise

FortiAnalyzer

7.0.0
Copy Link
Copy Doc ID 7030e0d2-4287-11ec-bdf2-fa163e15d75b:698925
Download PDF

FortiAnalyzer

FortiAnalyzer collects information, such as traffic and security events, and reduces the effort required to monitor the information system.

The FortiAnalyzer solution is responsible for the collection and the valuation of logs generated by FortiGate, FortiMail, FortiClient solutions, FortiWeb, FortiManager, FortiSandbox, FortiDDoS, and FortiCache. It receives logs, stores them, produces predefined and customized reports, and supports configuration of advanced alerting.

FortiAnalyzer provides two operation modes: Analyzer and Collector. Analyzer mode is the default mode that supports the full FortiAnalyzer features. The primary task of a Collector is to receive logs from connected devices and upload the logs to an Analyzer. Instead of writing logs to the database, the Collector retains them in their original (binary) format and sends them to the Analyzer.

FortiAnalyzer is available in the following form factors:

  • Physical appliance
  • Virtual machine for public and private cloud environments
  • SaaS offering service directly from Fortinet

The key features are:

  • Security Fabric analytics: event correlation across all logs and real-time anomaly detection, with Indicator of Compromise (IOC) service and threat detection, reducing time-to-detect.
  • Fortinet Security Fabric integration: correlates with logs from FortiClient, FortiSandbox, FortiWeb, and FortiMail for deeper visibility and critical network insights.
  • Security automation: Reduce complexity and leverage automation via REST API, scripts, connectors, and automation stitches to expedite security response.
  • Multi-tenancy and administrative domains (ADOMs): separate customer data and manage domains with ADOMs to be compliant and operationally effective
  • Flexible deployment options and archival storage: supports deployment of an appliance, VM, hosted or cloud storage. Use AWS, Azure, or Google to archive logs as a secondary storage.

This section includes the following information about some of these key features:

FortiAnalyzer

FortiAnalyzer collects information, such as traffic and security events, and reduces the effort required to monitor the information system.

The FortiAnalyzer solution is responsible for the collection and the valuation of logs generated by FortiGate, FortiMail, FortiClient solutions, FortiWeb, FortiManager, FortiSandbox, FortiDDoS, and FortiCache. It receives logs, stores them, produces predefined and customized reports, and supports configuration of advanced alerting.

FortiAnalyzer provides two operation modes: Analyzer and Collector. Analyzer mode is the default mode that supports the full FortiAnalyzer features. The primary task of a Collector is to receive logs from connected devices and upload the logs to an Analyzer. Instead of writing logs to the database, the Collector retains them in their original (binary) format and sends them to the Analyzer.

FortiAnalyzer is available in the following form factors:

  • Physical appliance
  • Virtual machine for public and private cloud environments
  • SaaS offering service directly from Fortinet

The key features are:

  • Security Fabric analytics: event correlation across all logs and real-time anomaly detection, with Indicator of Compromise (IOC) service and threat detection, reducing time-to-detect.
  • Fortinet Security Fabric integration: correlates with logs from FortiClient, FortiSandbox, FortiWeb, and FortiMail for deeper visibility and critical network insights.
  • Security automation: Reduce complexity and leverage automation via REST API, scripts, connectors, and automation stitches to expedite security response.
  • Multi-tenancy and administrative domains (ADOMs): separate customer data and manage domains with ADOMs to be compliant and operationally effective
  • Flexible deployment options and archival storage: supports deployment of an appliance, VM, hosted or cloud storage. Use AWS, Azure, or Google to archive logs as a secondary storage.

This section includes the following information about some of these key features: