Fortinet FortiAnalyzer 810G Appliance
Security Fabric Network Analytics
Click here to jump to more pricing!
Overview:
Analytics, Reports, and Compliance Across the Security Fabric
FortiAnalyzer is a powerful log management, analytics, and reporting platform that provides organizations with a single console to manage, automate, orchestrate, and respond, enabling simplified security operations, proactive identification and remediation of risks, and complete visibility of the entire attack landscape.
Integrated with the Fortinet Security Fabric, FortiAnalyzer enables Network and Security Operations Teams with real-time detection capabilities, centralized security analytics and end-to-end security posture awareness to help analysts identify advanced persistent threats (APTs) and mitigate risks before a breach can occur.
Highlights:
- Centralized network monitoring and visibility
- Advanced threat and vulnerability detection with event and log data correlation
- Augmented NOC/SOC operations for real-time response, analytics, and reporting
- Automation to save time, reduce errors, and improve efficiency
- Multi-tenancy solution with quota management
- Administrative domains for operational effectiveness and compliance
- 70+ reports and 2000+ ready-to-use datasets, charts, and macros
Features:
Incident Detection and Response
Centralized NOC/SOC Visibility for the Attack Surface
FortiAnalyzer provides Security Fabric Analytics across all device logs with event correlation and real-time detection of Advanced Persistent Threats (APTs), vulnerabilities and Indicators of Compromise (IOC) for FortiGate NGFWs, FortiClient, FortiSandbox, FortiWeb, FortiMail and other Fortinet products, for deep visibility and critical network insights. Simplified orchestration and automated workflows provide Network Security Operations teams with real-time notifications, reports, and dashboards for single-pane visibility and actionable results.
Incidents and Event Management
Security teams can monitor and manage alerts and event logs from Fortinet devices, with events processed and correlated in a format that analysts can easily understand. Investigate suspicious traffic patterns and search using filters in predefined or custom event handlers to generate real-time notifications and monitoring for NOC and SOC operations, SD-WAN, SSL VPN, wireless, Shadow IT, IPS, network recon, FortiClient, and more.
The Incidents component enables analysts to manage incident handling and life cycle, with incidents generated by events that show affected assets, endpoints, users and timelines.
Fabric Automation
FortiAnalyzer Playbooks boost an organization’s security team abilities to simplify investigation efforts through automated incident response, freeing up resources and allowing analysts to focus on critical tasks. Out-of-the-box playbook templates enable SOC analysts to quickly customize their use cases, define custom processes, interact with other Security Fabric devices like FortiOS and EMS, edit playbooks and tasks in the visual playbook editor and use the Playbook Monitor for investigation of compromised hosts, infections and critical incidents, data enrichment for Assets and Identity views, blocking malware, C&C IPs, and more.
Security Fabric Analytics
Analytics and Reporting
FortiAnalyzer automation driven analytics empowers network security operations teams to complete a fast assessment of network devices, systems, and users, with correlated log data and FortiGuard threat intelligence for analysis of real-time and historical events.
- FortiView Monitors and Views provide deep insights with context and meaning of network activity, risks, vulnerabilities, attack attempts, indicators of compromise and anomalies, sanctioned and unsanctioned user activity
- Log View enables analysts to expand their investigation and utilize search filters on managed device logs, drill down on logs, with custom views and log groups, including a SIEM database with normalized logs for Fortinet devices in Fabric ADOMs.
- Reports provide comprehensive analysis of your Security Posture, including reports for Operational Technology (OT), security rating, security rating for PCI, Secure SD-WAN, VPN, FortiNDR network anomaly detection, cyber threat assessments, 360 Security Reviews, situational awareness, compliance, auditing, and more.
Assets and Identity
FortiAnalyzer Fabric View with Assets and Identity monitoring provides SOC teams with elevated awareness and visibility into an organization’s endpoints and users with dashboards and correlated device and UEBA information, vulnerability detections, EMS tagging, and asset classifications through telemetry with EMS, NAC, Fortinet Fabric Agent, and an OT Dashboard View.
Subscriptions and Extensions:
Subscription Licenses and FortiGuard Security Services
- FortiGuard Outbreak Detection Service delivers automated content package download for detecting the latest malware, including a summary of outbreaks and kill chain mapping for how the malware works. The package includes a FortiGuard Report for the outbreak, Event Handler, and a Report Template to detect outbreaks.
- FortiGuard Indicators of Compromise Service empowers security teams with forensic data from 500 000 IOCs daily, used in combination with FortiAnalyzer analytics to identify suspicious usage and artifacts observed on the network or in an operations system, that have been determined with high confidence to be malicious infections or intrusions, and historical rescan of logs for threat hunting.
- Shadow IT Monitoring Service provides continuous monitoring of unapproved devices, resources, unsanctioned accounts and unauthorized use of SaaS and IaaS, API integration, and third party apps. The service identifies rogue users using personal accounts for managing company assets, using correlated FortiOS and FortiCASB data with a FortiCASB account subscribed for SaaS features.
- OT Security Service provides security teams with advanced OT analytics, risk and compliance reports, OT event handlers, and use-case correlation rules.
- Security Rating and Compliance Service helps security teams design, implement, and maintain their security posture, and provides actionable configuration recommendations as well as key performance and risk indicators.
- Security Automation Service subscription enables further automation for incident response with enhanced monitoring and escalation, built-in incident management workflows, connectors, playbooks and more.
Management Extension Applications (MEAs)
The Management Extensions pane allows you to enable licensed applications that are released and signed by Fortinet, which can be installed and run on FortiAnalyzer, including the FortiSIEM and FortiSOAR.
Deployments
- Deploying FortiAnalyzer
- FortiAnalyzer High Availability (HA)
- Multi-Tenancy with Flexible Quota Management
- Analyzer-Collector Mode
- Log Forwarding for Third-Party Integration
Cloud Services
FortiAnalyzer Cloud FortiAnalyzer Cloud offers customers a PaaS-based delivery option for automation-driven, single pane analytics, providing log management, analytics, and reporting for Fortinet NGFW and SD-WAN with an easily accessible cloud-based solution. FortiAnalyzer Cloud delivers reliable real-time insights into network activity with extensive reporting and monitoring for clear, consistent visibility of an organization’s security posture. Customers can easily access their FortiAnalyzer Cloud from their FortiCloud single sign-on portal.
Virtual Offereings
FortiAnalyzer VM-Subscription
The FortiAnalyzer VM Subscription license model consolidates into one single SKU: VM product SKU, FortiCare Support SKU, FortiGuard IOC and Outbreak Detection Service, Security Automation services, to simplify the product purchase, upgrade, and renewal. FortiAnalyzer-VM S provides organizations with centralized security event analysis, forensic research, reporting, content archiving, data mining, malicious file quarantining, and vulnerability assessment. Centralized collection, correlation, and analysis of geographically and chronologically diverse security data from Fortinet and third party devices deliver a simplified, consolidated view of your security posture.
The FortiAnalyzer-VM S series SKUs come in stackable 5, 50, and 500 GB/ day logs licenses, so that multiple units of this SKU can be purchased together providing organizations with the ability and cost-efficiencies to scale and meet their logging needs.
FortiAnalyzer VM
Fortinet offers the FortiAnalyzer-VM licensing in a stackable perpetual license model with a-la-carte technical support and subscription services.
This software-based version of the FortiAnalyzer hardware appliance is designed to run on many virtualization platforms, which allows you to expand your virtual solution as your environment expands.
Specifications:
| Particulars | Fortianalyzer 810G | |||||
|---|---|---|---|---|---|---|
| Capacity and Performance | ||||||
| GB/Day of Logs | 200 | |||||
| Analytic Sustained Rate (logs/sec) | 4,000 | |||||
| Collector Sustained Rate (logs/sec) | 6,000 | |||||
| Devices/VDOMs (Maximum) | 800 | |||||
| Max Number of Days Analytics | 50 | |||||
| Options Supports | ||||||
| FortiGuard Indicator of Compromise (IOC) | ||||||
| SOC Subscription | ||||||
| FortiGuard Outbreak Alert Service | ||||||
| Enterprise Bundle | ||||||
| Hardware Bundle | ||||||
| Hardware Specifications | ||||||
| Form Factor | 1 RU Rackmount | |||||
| Total Interfaces | 4 x RJ45 GE, 2 x SFP | |||||
| Storage Capacity | 16TB (4x 4TB) 3.5 in SAS HDDs | |||||
| Usable Storage (After RAID) | 8 TB | |||||
| Removable Hard Drives | ||||||
| RAID Levels Supported | RAID 0/1,1s/5,5s/10 | |||||
| RAID Type | Hardware / Hot Swappable | |||||
| Default RAID Level | 10 | |||||
| Redundant Hot Swap Power Supplies | Optional | |||||
| Dimensions | ||||||
| Height x Width x Length (inches) | 1.73 x 17.32 x 21.65 | |||||
| Height x Width x Length (cm) | 4.4 x 44.0 x 55.0 | |||||
| Weight | 25.75 lbs (11.68 kg) | |||||
| Environment | ||||||
| AC Power Supply | 100-240Vac, 50~60Hz, 4A max | |||||
| Power Consumption (Average) | 115W / 150W | |||||
| Heat Dissipation | 433 BTU/h | |||||
| Operating Temperature | 32 - 104° F (0 - 40° C) |
|||||
| Storage Temperature | -4–167° F (-20–75° C) |
|||||
| Humidity | 5 to 95% non-condensing | |||||
| Operating Altitude | Up to 7,400 ft (2,250 m) | |||||
| Compliance | ||||||
| Safety Certifications | FCC Part 15 Class A, RCM, VCCI, CE, UL/cUL, CB | |||||
Documentation:
Download the FortiAnalyzer Data Sheet (PDF).
Pricing Notes:
- All prices displayed are Ex-VAT. 20% VAT is added during the checkout process.
- Hardware plus 24x7 FortiCare and FortiAnalyzer Enterprise Protection
Hardware Unit, 24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (Indicators of Compromise Service and SOC Subscription license) plus term of contract - Enterprise Protection (24x7 FortiCare plus Indicators of Compromise Service and SOC Subscription license)
24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades, Enterprise Services Bundle (Indicators of Compromise Service and SOC Subscription license) - 24x7 FortiCare Contract
24x7 Comprehensive Support, Advanced Hardware Replacement (NBD), Firmware and General Upgrades/li> - Prices are for one year of Premium RMA support. Usual discounts can be applied.
- Annual contracts only. No multi-year SKUs are available for these services.
- Contact Fortinet Renewals team for upgrade quotations for existing FortiCare contracts.
- Pricing and product availability subject to change without notice.