FortiAnalyzer
Network traffic analysis (NTA) software
Network security software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if FortiAnalyzer and its alternatives fit your requirements.
Contact the product provider
Free TrialFree version
Small
Medium
Large
-
What is FortiAnalyzer
FortiAnalyzer is a security analytics and centralized logging platform for Fortinet environments that collects, stores, and analyzes event and traffic logs from network security devices. It supports security operations use cases such as incident investigation, compliance reporting, and operational monitoring through dashboards, reports, and alerting. The product is commonly deployed by IT and security teams that run Fortinet firewalls and related appliances and need long-term log retention and correlation. It is available as a hardware appliance, virtual machine, and cloud-delivered option depending on deployment requirements.
Deep Fortinet ecosystem integration
FortiAnalyzer is designed to ingest and normalize telemetry from Fortinet products, including firewall, VPN, and other security device logs. This tight integration typically reduces setup effort for log collection, parsing, and reporting compared with more general-purpose monitoring tools. It also enables cross-device views that align with Fortinet policy objects and security events. For organizations standardized on Fortinet, this can simplify day-to-day security operations workflows.
Centralized logging and retention
The platform provides centralized collection, indexing, and retention of security logs, supporting investigations that require historical context. It includes built-in reporting and scheduled report delivery for common audit and compliance needs. Role-based access and multi-tenant-style administration features support separation of duties across teams or managed environments. These capabilities help consolidate security log management that might otherwise be spread across individual devices.
Dashboards, correlation, and reporting
FortiAnalyzer offers dashboards and analytics views to summarize security events, traffic patterns, and device health indicators. It supports event correlation and alerting to help analysts prioritize notable activity. Prebuilt and customizable reports provide repeatable outputs for operations and governance stakeholders. This combination supports both real-time monitoring and periodic review processes.
Best fit for Fortinet-heavy stacks
FortiAnalyzer’s strongest value comes from Fortinet telemetry and workflows, and it is less compelling as a universal analytics layer across heterogeneous security and observability sources. Organizations with many non-Fortinet controls may need additional tooling or integrations to achieve consistent parsing and correlation. This can increase operational complexity when compared with platforms built to aggregate broad third-party telemetry by default. As a result, it may not fully replace other enterprise-wide analytics systems in mixed environments.
Scaling and storage planning required
Log volume, retention requirements, and analytics needs can drive significant storage and sizing considerations. Hardware/VM sizing and licensing choices may require careful capacity planning to avoid performance bottlenecks during peak ingest or intensive searches. Long retention periods can increase infrastructure cost and administrative overhead. Teams often need to tune log sources and retention policies to balance cost and investigative needs.
Advanced analytics may need add-ons
While FortiAnalyzer provides correlation, dashboards, and reporting, some advanced detection engineering and automation use cases may require complementary Fortinet components or external systems. Organizations seeking extensive cross-domain analytics (e.g., endpoint, cloud, identity, and application telemetry) may find gaps without additional integrations. Custom content development (reports, rules, and dashboards) can also require specialized expertise. This can affect time-to-value for complex SOC workflows.
Plan & Pricing
| Plan | Price | Key features & notes |
|---|---|---|
| FortiAnalyzer (Appliance models: 1000G, 3100G, 3510G, 3700G, BigData 4500G, etc.) | Not listed on Fortinet official site — contact Fortinet or an authorized reseller / partner for pricing | Hardware appliances with varying GB/day and LPS capacities. Requires purchase of device license and typically FortiCare/Enterprise Protection services. See product datasheet/specs on Fortinet site. |
| FortiAnalyzer VM (Perpetual / stackable GB/day licenses: VM-BASE, VM-GB1, VM-GB5, VM-GB25, VM-GB100, VM-GB500, VM-GB2000) | Not listed on Fortinet official site — licenses sold through authorized resellers (BYOL) or marketplace PAYG where applicable | VM is sold as stackable/perpetual licenses (GB/day increments). Official docs list the GB/day SKUs and note VM licenses are perpetual and stackable; activation/registration required. A free built-in evaluation (15-day) and other trial/evaluation mechanisms are documented. |
| FortiAnalyzer Cloud (FortiAnalyzer Cloud subscription; SOCaaS option available) | Not listed on Fortinet official site — subscription SKUs exist; contact Fortinet/partner or check cloud marketplace listing for PAYG hourly pricing | FortiAnalyzer Cloud requires specific subscription SKUs (examples: FC-10-[FortiGate Model Code]-585-02-DD for Cloud subscription and FC-10-...-464-02-DD for Cloud with SOCaaS). Cloud supports additional storage add-on SKUs. BYOL and PAYG ordering options depend on cloud marketplace (Fortinet docs describe both models). |
| FortiAnalyzer Cloud storage add-ons | Not listed on Fortinet official site — SKUs available to purchase; pricing via reseller/marketplace | Official SKUs for additional FortiGate storage for FortiAnalyzer Cloud: +5 GB/day (FC1-10-AZCLD-463-01-DD), +50 GB/day (FC2-10-AZCLD-463-01-DD), +500 GB/day (FC3-10-AZCLD-463-01-DD). |
Seller details
Fortinet, Inc.
Sunnyvale, California, USA
2000
Public
https://www.fortinet.com/
https://x.com/Fortinet
https://www.linkedin.com/company/fortinet/
