Fortinet black logo

Administration Guide

Home FortiInsight Cloud 5.6.0 Administration Guide
5.6.0
21.2.0
21.1.0
6.4.0
6.2.0
6.0.0
5.6.0
5.4.0

Introduction

Introduction

FortiInsight is a unique data security and threat detection solution that delivers advanced threat hunting to help you detect, respond to, and manage risky behaviors that put your organization's business-critical data at risk. FortiInsight combines powerful and flexible machine learning with detailed forensics around user actions to provide complete visibility of activities around your organization's data. By monitoring user behavior and data movement both on and off your organization's network, and instantly alerting you to anomalous activities, FortiInsight helps you strengthen your security posture, protect your sensitive information, and support regulatory compliance.

What's new in FortiInsight version 5.6.0

The following table lists new features and enhancements in FortiInsight version 5.6.0:

Feature

Description

Initial User timeline view
  • View alerts, and select events across a timeline. This view collates multiple sources of data into a single timeline so you can see all information on the specific user. For instance, in one view you can see AI alerts, Policy alerts, Event information summaries - including applications, files, activities and user log-on, log-offs.

Searchbar usability and enhancements

  • Plain text mode allows you to build your search without using the Searchbar Pills, you can just type and search.

  • FortiInsight has improved the functionality of its DateTime picker across the board. You can now edit the input for the date picker. Simply use the arrow keys via the input for picking the year, month, day, hour or minute.

  • Now when the search bar has a valid search request it will auto-search it for you, rather than having to click enter for every change of the search bar.

  • Error highlighting provides a simple error highlighting function across both advanced and plain text search bars. This allows you to pinpoint issues with the search bar, and to fix them.

  • Previously you would have had to delete large elements of the search bar, just to include a single pill. Now, you can easily edit in-between pills with additional operators, brackets or full pills.

Policies and tag import/export
  • You can now export and import tags and settings from a JSON file.

New Widgets and Summary tabs
  • FortiInsight has improved the view of the summary tabs on Threat Hunting (includes a pie chart for top 10 elements).
  • The total number is now provided on headings.
  • Full context menu integration.
  • Highlighting and contextual feedback.

System requirements

To successfully install and use FortiInsight version 5.6.0, your system must meet the following requirements.

Component

Requirements

Endpoint agent support

FortiInsight provides endpoint agents for the following platforms:

  • Windows 7 and later (32-bit and 64-bit)

  • Windows Server 2008 and later (32-bit and 64-bit)

Endpoint computers
  • 1.0 GHz CPU - x86 or x64 (agent uses 0.1% to 5%)
  • 1 GB RAM (agent uses 10 to 30 MB)
  • 20 MB free disk space (more space is needed to store compressed and encrypted offline events)

Browser
  • Google Chrome (recommended)
  • Chromium
  • Mozilla Firefox
  • Apple Safari

Other web browsers may work correctly, but FortInsight does not support them.

Input devices

The FortiInsight UI is not optimized to use with touch devices. We recommend using a keyboard and mouse as the input devices for interacting with the UI.

Related resources

The following resources provide more information about FortiInsight:

Previous
Next

Introduction

FortiInsight is a unique data security and threat detection solution that delivers advanced threat hunting to help you detect, respond to, and manage risky behaviors that put your organization's business-critical data at risk. FortiInsight combines powerful and flexible machine learning with detailed forensics around user actions to provide complete visibility of activities around your organization's data. By monitoring user behavior and data movement both on and off your organization's network, and instantly alerting you to anomalous activities, FortiInsight helps you strengthen your security posture, protect your sensitive information, and support regulatory compliance.

What's new in FortiInsight version 5.6.0

The following table lists new features and enhancements in FortiInsight version 5.6.0:

Feature

Description

Initial User timeline view
  • View alerts, and select events across a timeline. This view collates multiple sources of data into a single timeline so you can see all information on the specific user. For instance, in one view you can see AI alerts, Policy alerts, Event information summaries - including applications, files, activities and user log-on, log-offs.

Searchbar usability and enhancements

  • Plain text mode allows you to build your search without using the Searchbar Pills, you can just type and search.

  • FortiInsight has improved the functionality of its DateTime picker across the board. You can now edit the input for the date picker. Simply use the arrow keys via the input for picking the year, month, day, hour or minute.

  • Now when the search bar has a valid search request it will auto-search it for you, rather than having to click enter for every change of the search bar.

  • Error highlighting provides a simple error highlighting function across both advanced and plain text search bars. This allows you to pinpoint issues with the search bar, and to fix them.

  • Previously you would have had to delete large elements of the search bar, just to include a single pill. Now, you can easily edit in-between pills with additional operators, brackets or full pills.

Policies and tag import/export
  • You can now export and import tags and settings from a JSON file.

New Widgets and Summary tabs
  • FortiInsight has improved the view of the summary tabs on Threat Hunting (includes a pie chart for top 10 elements).
  • The total number is now provided on headings.
  • Full context menu integration.
  • Highlighting and contextual feedback.

System requirements

To successfully install and use FortiInsight version 5.6.0, your system must meet the following requirements.

Component

Requirements

Endpoint agent support

FortiInsight provides endpoint agents for the following platforms:

  • Windows 7 and later (32-bit and 64-bit)

  • Windows Server 2008 and later (32-bit and 64-bit)

Endpoint computers
  • 1.0 GHz CPU - x86 or x64 (agent uses 0.1% to 5%)
  • 1 GB RAM (agent uses 10 to 30 MB)
  • 20 MB free disk space (more space is needed to store compressed and encrypted offline events)

Browser
  • Google Chrome (recommended)
  • Chromium
  • Mozilla Firefox
  • Apple Safari

Other web browsers may work correctly, but FortInsight does not support them.

Input devices

The FortiInsight UI is not optimized to use with touch devices. We recommend using a keyboard and mouse as the input devices for interacting with the UI.

Related resources

The following resources provide more information about FortiInsight:

Previous
Next