Fortinet FortiAnalyzer 1000G Appliance
Centralized Logging, Analysis, and Reporting
Click here to jump to more pricing!
Overview:
FortiAnalyzer is a powerful log management, analytics, and reporting platform that provides organizations with a single console to manage, automate, orchestrate, and respond, enabling simplified security operations, proactive identification and remediation of risks, and complete visibility of the entire attack landscape. Integrated with the Fortinet Security Fabric, FortiAnalyzer enables Network and Security Operations Teams with real-time detection capabilities, centralized security analytics and end-to-end security posture awareness to help analysts identify advanced persistent threats (APTs) and mitigate risks before a breach can occur.
Highlights:
- Centralized network monitoring and visibility
- Advanced threat and vulnerability detection with event and log data correlation
- Augmented NOC/SOC operations for real-time response, analytics, and reporting
- Automation to save time, reduce errors, and improve efficiency
- Multi-tenancy solution with quota management
- Administrative domains for operational effectiveness and compliance
- 70+ reports and 2000+ ready-to-use datasets, charts, and macros
Features:
Incident Detection and Response
Centralized NOC/SOC Visibility for the Attack Surface
FortiAnalyzer provides Security Fabric Analytics across all device logs with event correlation and real-time detection of Advanced Persistent Threats (APTs), vulnerabilities and Indicators of Compromise (IOC) for FortiGate NGFWs, FortiClient, FortiSandbox, FortiWeb, FortiMail and other Fortinet products, for deep visibility and critical network insights. Simplified orchestration and automated workflows provide Network Security Operations teams with real-time notifications, reports, and dashboards for single-pane visibility and actionable results.
Incidents and Events Management
Security teams can monitor and manage alerts and event logs from Fortinet devices, with events processed and correlated in a format that analysts can easily understand. Investigate suspicious traffic patterns and search using filters in predefined or custom event handlers to generate real-time notifications and monitoring for NOC and SOC operations, SD-WAN, SSL VPN, wireless, Shadow IT, IPS, network recon, FortiClient, and more.
The Incidents component enables analysts to manage incident handling and life cycle, with incidents generated by events that show affected assets, endpoints, users and timelines.
Fabric Automation
FortiAnalyzer Playbooks boost an organization’s security team abilities to simplify investigation efforts through automated incident response, freeing up resources and allowing analysts to focus on critical tasks. Out-of-the-box playbook templates enable SOC analysts to quickly customize their use cases, define custom processes, interact with other Security Fabric devices like FortiOS and EMS, edit playbooks and tasks in the visual playbook editor and use the Playbook Monitor for investigation of compromised hosts, infections and critical incidents, data enrichment for Assets and Identity views, blocking malware, C&C IPs, and more.
Security Fabric Analytics
Analytics and Reporting
FortiAnalyzer automation driven analytics empowers network security operations teams to complete a fast assessment of network devices, systems, and users, with correlated log data and FortiGuard threat intelligence for analysis of real-time and historical events.
- FortiView Monitors and Views provide deep insights with context and meaning of network activity, risks, vulnerabilities, attack attempts, indicators of compromise and anomalies, sanctioned and unsanctioned user activity.
- Log View enables analysts to expand their investigation and utilize search filters on managed device logs, drill down on logs, with custom views and log groups, including a SIEM database with normalized logs for Fortinet devices in Fabric ADOMs.
- Reports provide comprehensive analysis of your Security Posture, including reports for Operational Technology (OT), security rating, security rating for PCI, Secure SD-WAN, VPN, FortiNDR network anomaly detection, cyber threat assessments, 360 Security Reviews, situational awareness, compliance, auditing, and more.
Assets and Identity
FortiAnalyzer Fabric View with Assets and Identity monitoring provides SOC teams with elevated awareness and visibility into an organization’s endpoints and users with dashboards and correlated device and UEBA information, vulnerability detections, EMS tagging, and asset classifications through telemetry with EMS, NAC, Fortinet Fabric Agent, and an OT Dashboard View.
Specifications:
| FortiAnalyzer 400E | FortiAnalyzer 800F | FortiAnalyzer 1000G | ||
|---|---|---|---|---|
| Capacity and Performance | ||||
| GB/Day of Logs | 200 | 300 | 660 | |
| Analytic Sustained Rate (logs/sec)* | 6,000 | 8,250 | 20,000 | |
| Collector Sustained Rate (logs/sec)* | 9,000 | 12,000 | 30,000 | |
| Devices/VDOMs (Maximum) | 200 | 800 | 2000 | |
| Max Number of Days Analytics** | 30 | 30 | 60 | |
| Options Supported | ||||
| FortiGuard IOC and Outbreak Detection Service | Yes | Yes | Yes | |
| Security Automation Service | Yes | Yes | Yes | |
| Enterprise Bundle | Yes | Yes | Yes | |
| Hardware Bundle | Yes | Yes | Yes | |
| OT Security Service | Yes | Yes | Yes | |
| Security Rating and Compliance Service | Yes | Yes | Yes | |
| Hardware Specifications | ||||
| Form Factor | 1 RU Rackmount | 1 RU Rackmount | 2 RU Rackmount | |
| Total Interfaces | 4x GE | 4 x GE, 2x SFP | 2x 2.5GbE RJ45 + 2x 25GbE SFP28 | |
| Storage Capacity | 12 TB (4x 3 TB) | 16 TB (4x 4 TB) | 32 TB (8 x 4TB) 3.5 in SAS SED HDD | |
| Usable Storage (After RAID) | 6TB | 8TB | 24TB | |
| Removable Hard Drives | Yes | Yes | Yes | |
| RAID Levels Supported | RAID 0/1/5/10 | RAID 0/1/5/10 | RAID 0/1/5/6/10/50/60 | |
| RAID Type | Software | Hardware / Hot Swappable | Hardware / Hot Swappable | |
| Default RAID Level | 10 | 10 | 50 | |
| Redundant Hot Swap Power Supplies | No | No | Yes | |
| Dimensions | ||||
| Height x Width x Length (inches) | 1.7 x 17.2 x 19.8 | 1.75 x 17.44 x 22.16 | 9.5 x 3.5 x 8 | |
| Height x Width x Length (cm) | 4.3 x 43.7 x 50.3 | 4.4 x 44.3 x 56.3 | 24.1 x 8.9 x 20.55 | |
| Weight | 31 lbs (14.1 kg) | 28.6 lbs (13.0 kg) | 9.35 lbs (4.24 kg) | |
| Environment | ||||
| AC Power Supply | 100–240V AC, 60–50 Hz | 100–240V AC, 60–50 Hz | 100–240V AC, 60–50 Hz | |
| Power Consumption (Max / Average) | 93 W / 133W | 108W / 186W | 36 W / 43 W | |
| Heat Dissipation | 456 BTU/h | 634 BTU/h | 147.4 BTU/h | |
| Operating Temperature | 41–95°F (5–35°C) | 32 - 104° F (0 - 40° C) | 32 - 104° F (0 - 40° C) | |
| Storage Temperature | -40–140°F (-40–60°C) | 95 - 158° F (-35 - 70° C) | -4°F to 167° F (-20°C to 75° C) | |
| Humidity | 8–90% non-condensing | 20 to 90% non-condensing | 5% to 95% non-condensing | |
| Operating Altitude | Up to 9,842 ft (3,000 m) | Up to 7,400 ft (2,250 m) | Up to 7,400 ft (2,250 m) | |
| Compliance | ||||
| Safety Certifications | FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB | |||
* Sustained Rate - maximum constant log message rate that the FAZ platform can maintain for minimum 48 hours without SQL database and system performance degradation.
**is the max number of days if receiving logs continuously at the sustained analytics log rate. This number can increase if the average log rate is lower.
Documentation:
Download the FortiAnalyzer Datasheet (PDF).
Pricing Notes:
- All prices displayed are Ex-VAT. 20% VAT is added during the checkout process.
- Hardware plus 24x7 FortiCare and FortiAnalyzer Enterprise Protection
Hardware Unit, 24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (Indicators of Compromise Service and SOC Subscription license) plus term of contract - Enterprise Protection (24x7 FortiCare plus Indicators of Compromise Service and SOC Subscription license)
24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (Indicators of Compromise Service and SOC Subscription license) - 24x7 FortiCare Contract
24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades/li> - Prices are for one year of Premium RMA support. Usual discounts can be applied.
- Annual contracts only. No multi-year SKUs are available for these services.
- Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
- Pricing and product availability subject to change without notice.