FortiSIEM 旨在成为您的安全运营团队的支柱,提供各种各样的功能,从自动编制资产清单到应用前沿行为分析快速进行威胁检测与响应。FortiSIEM 是业内唯一完全内置了配置管理数据库 (CMDB) 的安全运营平台。
凭借 CMDB,FortiSIEM 可以自动利用主动和被动发现方法来编制资产清单。包括设备及其应用等资产,并跟踪这些资产在不同时间的状态。持续收集配置、性能、漏洞、与业务服务的关系及其 Purdue 模型 OT 关联等上下文,帮助团队了解事件发生时的环境状态。而且还为团队提供主动解决问题所需的可见性。
FortiGuard Labs 威胁情报专家 24x7 全天候工作,极速分析最新威胁并构建缓解措施。FortiSIEM 结合利用 UEBA 等最新的 AI 驱动的行为异常检测功能,防范已知和未知威胁。利用统计模型收集奇怪和不可能的偏差,例如需要超级英雄般的速度(或被盗凭据)的跨地区登录。
FortiSIEM 在单个可扩展解决方案中同时提供可见性、关联、自动响应和修复功能。它降低了网络管理和运营安全的复杂性,可有效释放资源,改进漏洞检测,甚至防止入侵。为提高威胁猎捕效率,FortiSIEM 现包含新的链路图技术,可以轻松实现用户、设备和事件之间关系的可视化。
日志聚合、简单的关联规则和合规性远不能满足现代 SOC 的要求,但这些基础知识仍然很重要。
自学资产清单
被动和主动发现方法、运用代理、FortiGate 和 OT 资产管理系统
实时安全分析
利用 1600 余条开箱即用的规则,并映射到 MITRE ATT&CK
业界领先的威胁情报
由 500 多名研究人员提供支持,全球规模最大的传感器阵列为 AI 馈送数据
简化调查
利用推荐的手册和威胁猎捕功能简化工作流程
深度架构集成
通过强大的 API 跨整个 Fortinet 产品组合和第三方解决方案集成 Security Fabric
持续合规性
3500 余种开箱即用的报告,可用于按需自助进行的只读审计调查
FortiGuard NOC(网络运营中心)/SOC(安全管理平台)安全套件提供针对网络运营中心和安全管理平台团队优化的先进安全技术。通过 AI 和自动化实现更多关注点,更快响应攻击。
| 型号 | 每秒事件数 | 存储 | 技术参数表 |
|---|---|---|---|
| FortiSIEM 500F |
5000 |
3 TB |
|
| FortiSIEM 500G |
5000 |
4 TB |
|
| 型号 | 每秒事件数 | 存储 | 技术参数表 |
|---|---|---|---|
| FortiSIEM 2000F |
15,000 |
36 TB |
|
| FortiSIEM 2000G |
20,000 |
32 TB + 4 TB NVMe |
|
| 型号 | 每秒事件数 | 存储 | 技术参数表 |
|---|---|---|---|
| FortiSIEM 3500G |
40,000 |
96 TB |
|
Fortinet 致力于帮助客户取得成功,每年 FortiCare 服务都会帮助成千上万的组织充分利用其对 Fortinet 产品和服务的投资。为此,FortiCare 采用生命周期方法,并提供独特的服务来帮助客户成功。
技术支持服务
各种基于设备的选项支持高效操作。FortiCare Elite 选项为关键产品提供 15 分钟的响应时间。
高级支持
通过指定专家的运营审查,可提供各种基于客户的白手套服务,以减少干扰并提高生产力。
专业服务
我们的多供应商专家可以设计和部署基于最佳实践的完整解决方案,帮助您实现网络或安全目标并采用新功能。
RMA
整个产品系列均提供 Premium RMA 选项,加急更换有缺陷的硬件,以满足您的可用性目标。
Learn about security’s biggest gap and how the NOC-SOC approach helps close that gap.
SIEMs can be difficult, SOCs are expensive, and the related compliance is a pain. StratoZen reduces or eliminates these challenges for their clients by using FortiSIEM as part of their SOC and SIEM “as a service” solutions.
Learn about the new features in FortiSIEM 5.0 – CMDB, UEBA and SOAR Orchestration. Learn how you can do more with less, harmonizing security and networking operations to business focused outcomes.
AWS services are trusted by more than a million active customers around the world – including the fastest growing startups, largest enterprises, and leading government agencies – to power their infrastructures, make them more agile, and lower costs.
Learn more on the Fortinet-AWS alliance
Armis the leading unified asset visibility and security platform designed to address the new threat landscape that connected devices create. Our real-time and continuous protection sees the full context of all managed, unmanaged, and IoT devices, including medical devices, operational technology, and industrial control systems.
ATAR Labs builds next-generation SOAR platform ATAR. Together with Fortinet, SOC teams become more agile and respond to complex threats and defend their infrastructure. Automatic processes deployed and orchestrated from ATAR, and enforcement, and detection from Fortinet creates an integrated operation to achieve a secure environment.
Brocade networking solutions help the world's leading organizations turn their networks into platforms for business innovation. With solutions spanning public and private data centers to the wireless network edge, Brocade is leading the industry in its transition to the New IP network infrastructures required for today's era of digital business.
Cisco is the worldwide leader in IT that helps companies seize the opportunities of tomorrow by proving that amazing things can happen when you connect the previously unconnected.
Citrix is leading the transition to software-defining the workplace, uniting virtualization, mobility management, networking, and SaaS solutions to enable new ways for businesses and people to work better.
Claroty's ICS Security Platform passively protects industrial networks and assets from cyberattack; ensuring safe and continuous operation of the worlds most critical infrastructures without compromising the safety and security of personnel or expensive industrial assets. 2018 S4 ICS Challenge winner!
Cloud Range is the industry’s leading cyber preparedness simulation platform that reduces exposure to cyber risk across the organization. Fortinet and Cloud Range have partnered to provide cybersecurity teams with full-service, live-fire simulation exercises designed explicitly for OT/ICS, IT, IoT, and converged environments.
CrowdStrike has redefined security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk — endpoints and cloud workloads, identity, and data.
CyGlass is an AI based SaaS security platform that uses network data to uncover, pinpoint, and respond to advanced cyber threats that have evaded traditional security controls.
