FortiAnalyzer 是 Fortinet Security Fabric 安全架构的基础,提供集中日志记录和分析,以及端到端可见性。因此,分析师可以更有效地管理安全状态,将安全流程自动化,并快速响应威胁。
FortiAnalyzer 可自动收集、存储和分析所有 Fortinet 安全设备的日志,包括 FortiGate 下一代防火墙 (NGFW)、VPN 以及入侵检测和防护系统。您可以使用各种搜索条件轻松管理大量日志,搜索特定事件。单一管理平台可见性和各种可行结果有助于检测潜在安全威胁,优化网络,提高性能。
|
FortiAnalyzer 利用可映射到 MITRE ATT&CK® 用例的直观规则编辑器,可跨不同类型的日志源使用复杂的事件关联。支持分析师先发制人地设置 if-this-then-that(如果……那么……)标准。FortiGuard 集成共享有关新出现的威胁和漏洞的实时信息。同时提供准确的图片,共同帮助在整个攻击表面界定风险范围,加速威胁检测,并查明哪些地方需要立即响应。
马上观看
FortiAnalyzer 监控和分析流经 SD-WAN 部署的流量。分析师可以分析带宽、不同应用程序和使用最多的链路,以及是否存在任何瓶颈。通过识别需要增加带宽的区域、导致网络拥塞的应用程序以及使用了哪些链路来提高性能。
端到端可见性
利用 FortiGuard IOC 服务快速识别威胁,缩短检测时间
缩短平均故障发现时间 (MTTI)
通过关联威胁数据、共享威胁情报实时识别网络异常
企业级高可用性
自动备份 FortiAnalyzer 数据库,以备灾难恢复
安全自动化
利用支持自动化的 REST API、脚本、连接器、自动化拼接,降低复杂性和成本
开放式平台方法
通过强大的 API 集成 Fortinet 产品组合和第三方解决方案
高级合规性报告
预先构建数百份针对特定法规的报告和模板,轻松证明合规性
FortiGuard Labs - Fortinet 的精英网络安全威胁情报和研究机构由经验丰富的威胁猎手、研究人员、分析师、工程师和数据科学家组成,负责开发和增强 FortiGuard AI 驱动的安全服务,并通过 FortiGuard 专家驱动的安全服务提供宝贵的专业帮助。
Fortinet Security Operations Center-as-a-Service (SOCaaS) 是一种基于云的安全监控服务,适用于购买了 FortiGate、FortiEDR、FortiXDR 和/或 FortiClient 的 Fortinet 客户。Fortinet SOCaaS 可以通过集成、自动化技术和安全专业知识来补充和强化您的企业安全运营中心 (SOC) 功能。这些服务分析从您的设备生成的事件,执行警报分类并上报威胁,以加强您团队的能力,并为他们腾出时间以专注于最重要的事情。
FortiGuard 入侵指标服务 (IOC) 有助于安全分析师根据这些现象,识别有风险的设备和用户。
“易于配置 • 易于部署 • 易于集中管理 • 单一设备:SD-WAN + 高级路由 + NGFW 功能帮助我们整合其他点产品。”
“我使用 Fortianalyzer 很长时间了,如果您有 Fortigate 设备,请一定要使用 Fortianalyzer,因为它会提供更多有关您的网络的信息,助您进一步了解网络的安全性。它有自己的安全仪表板和易于操作的 Web 界面,可轻松搜索流量日志。
“我们最初购买 FortiAnalyzer 只是将其作为一个检测控件。现在我们利用它来排除客户端 vpn 连接和流量指标等故障。”
View by:
GB/天 |
25 |
可承受每秒日志数 (LPS) |
500 |
收集器模式可承受 LPS |
750 |
可承受 LPS 上限的天数 |
90 |
设备/VDOM 数量上限 |
50 |
ADOM 数量上限 |
5 |
GB/天 |
100 |
可承受每秒日志数 (LPS) |
2,000 |
收集器模式可承受 LPS |
3,000 |
可承受 LPS 上限的天数 |
28 |
设备/VDOM 数量上限 |
180 |
ADOM 数量上限 |
25 |
GB/天 |
200 |
可承受每秒日志数 (LPS) |
4,000 |
收集器模式可承受 LPS |
6,000 |
可承受 LPS 上限的天数 |
50 |
设备/VDOM 数量上限 |
800 |
ADOM 数量上限 |
50 |
GB/天 |
660 |
可承受每秒日志数 (LPS) |
20,000 |
收集器模式可承受 LPS |
30,000 |
可承受 LPS 上限的天数 |
34 |
设备/VDOM 数量上限 |
2,000 |
ADOM 数量上限 |
50 |
GB/天 |
3,000 |
可承受每秒日志数 (LPS) |
42,000 |
收集器模式可承受 LPS |
60,000 |
可承受 LPS 上限的天数 |
30 |
设备/VDOM 数量上限 |
4,000 |
ADOM 数量上限 |
500 |
GB/天 |
5,000 |
可承受每秒日志数 (LPS) |
60,000 |
收集器模式可承受 LPS |
90,000 |
可承受 LPS 上限的天数 |
38 |
设备/VDOM 数量上限 |
10,000 |
ADOM 数量上限 |
500 |
GB/天 |
8,300 |
可承受每秒日志数 (LPS) |
100,000 |
收集器模式可承受 LPS |
150,000 |
可承受 LPS 上限的天数 |
60 |
设备/VDOM 数量上限 |
10,000 |
ADOM 数量上限 |
1,200 |
GB/天 |
20TB |
可承受每秒日志数 (LPS) |
300,000 |
收集器模式可承受 LPS |
- |
可承受 LPS 上限的天数 |
30 |
设备/VDOM 数量上限 |
10,000+ |
ADOM 数量上限 |
10,000 |
In 2019 alone, over $124 billion was spent on cybersecurity;1 however, many organizations’ security teams are struggling to keep up. Challenges include too many consoles, alert overload, a reliance on manual processes, and a shortage of cybersecurity personnel.
Enterprise Security for Changing Times - Protection for Expanding Infrastructures, Increasing Attacks, and Compliance
FortiAnalyzer for Increased Efficiencies, Faster Response, and Compliance
Read the eBook to understand how FortiManager and FortiAnalyzer support network operations use cases for centralized management, compliance, and automation to provide better detection and protection against breaches.
Discover how organizations can meet the performance and capacity requirements of an increased remote workforce accessing applications hosted in the cloud and SaaS services more than ever before.
Discover how Fortinet’s Fabric Management Center, which combines FortiManager and FortiAnalyzer for effective network operations, enables agile network management for Fortinet customers.
Learn how this hospital system was able to quickly scale its secure network to multiple temporary testing sites by deploying a “network in a box” from Fortinet.
From state agencies to retail businesses, efficiency is a crucial component of the IT security infrastructure. Learn how these three organizations leveraged Fortinet's Fabric Management Center to enable effective and efficient network security.
Explore how this government organization effectively and efficiently develops and maintains a security infrastructure by leveraging automation and analytics.
FortiAnalyzer solves challenges with consolidated network information and automated processes. Part of the Fortinet Security Fabric, FortiAnalyzer integrates with other Fortinet offerings and enables you to leverage security analytics and automation without the need for additional consoles or solutions.
Fortinet simplifies SD-WAN operations with network operations center solutions
Organizations face a number of different potential emergency situations, such as illness, flood, hurricanes, and power outages. Implementing a business continuity plan is essential to ensuring that the organization is capable of maintaining operations in the face of adversity and preparing for potential disasters.
Catholic Health Services (CHS) provides healthcare services to thousands of people through its 38 locations across Broward and Miami-Dade counties in Florida. Its role and location place CHS at risk, not only of internet outages due to hurricanes and other hazards but also of cyberattacks due to the personal health information it collects. For this budget-strapped non-profit, Fortinet’s centrally managed SecurityFabric with Secure SDWAN affords both resilient connectivity and efficient IT operations. Learn how Catholic Health Services secured the modernization of its network with the Fortinet Security Fabric and Fortinet Secure SD-WAN.
The largest family owned and operated specialty gift business in the northeastern U.S., The Paper Store employs more than 4,000 people at nearly 90 stores across six states, and in the company’s 500,000-square-foot distribution center. With frequent new store launches, technology management grew more complex, and wide area networking costs soared.
Learn more about what's new in FortiAnalyzer in this video including some of the ways organizations can use FortiAnalyzer to gain more IoT visibility and anomaly detection, automate incident response, and collaborate with teams to reduce incident response time.
When shifting from an on-prem environment to a cloud environment, organizations are not just experiencing digital transformation - they’re benefiting from a financial change, as well. In this video, learn the advantages of #Fortinet’s #FortiAnalyzer Cloud such as centralized reporting, event, incident management, and more.
Watch an overview of how #Fortinet’s #FortiAnalyzer can aggregate logs, receive analytics, and easily implement automation to simplify complex operations.
Part of the OT-Aware Security Platform, FortiAnalyzer for OT provides comprehensive network traffic analysis, log management, and automated threat responses.
Analytical Fragmentation Creates Challenges for Security Architects
This Voluntary Product Accessibility Template reviews Fortinet’s FortiAnalyzer centralized reporting platform for 508 compliance.
FortiAnalyzer 提供了众多主要供应商的集成,以此作为 Fortinet Security Fabric 安全架构的一部分。以下是当前产品联盟合作伙伴列表:
AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance
Criterion Networks is a SaaS and professional services company specializing in network transformation and modernization. Customers greatly benefit from on-demand and custom design, deployment, training, demo and PoC capabilities of Fortinet SD-WAN and security solutions, accelerating network transformation initiatives, shortening sales cycles and deployment times, while lowering cost structures.
CyberArk is the global leader in privileged account security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets.
D3 Security's award-winning SOAR platform seamlessly combines security orchestration, automation and response with enterprise-grade investigation/case management, trend reporting and analytics. With D3's adaptable playbooks and scalable architecture, security teams can automate SOC use-cases to reduce MTTR by over 95%, and manage the full lifecycle of any incident or investigation.
DFLabs IncMan SOAR leverages existing security products to dramatically reduce the response and remediation gap caused by limited resources and the increasing volume of incidents. Together with Fortinet, IncMan allows joint customers to respond to security incidents in a faster, more informed and efficient manner.
Google Cloud Platform is a secure, dedicated public cloud computing service operated by Google which provides a range of infrastructure and application services that enable deployments in the cloud. Fortinet provides critical firewalling, advanced security and scalable BYOL protection for elastic compute, container, and machine-learning workloads in Google’s innovative public cloud.
Guardicore solutions provide a simpler, faster way to guarantee persistent and consistent security — for any application, in any IT environment. Together with Fortinet Guardicore provides visibility and control for hybrid clouds and data centers.
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio enables organizations to effectively manage risk and defend against emerging threats.
Microsoft is the leading platform and productivity company for the mobile-first, cloud-first world, and its mission is to empower every person and every organization on the planet to achieve more.
Nutanix makes infrastructure invisible, elevating IT to focus on the applications and services that power their business. The Nutanix enterprise cloud platform leverages web-scale engineering and consumer-grade design to natively converge compute, virtualization and storage into a resilient, software-defined solution that delivers any application at any scale.
FortiAnalyzer 为 Fortinet Security Fabric 架构提供集中式网络安全日志记录和报告功能。FortiAnalyzer 可接受来自多种下游 Fortinet 设备接入(例如 FortiGate、FortiMail 和 FortiWeb 设备等)的入站日志。FortiAnalyzer 的主要特性包括查看/过滤单个事件日志、生成安全报告、基于行为的警报以及深入的流量行为审查等。通过此演示,了解 FortiAnalyzer 如何为您提供网络可视性,例如应用、Web 使用情况以及潜在恶意网络行为的汇总可视化。
