Forti Net Company, with the policy of accessing security features in separate products, has produced the FortiAnalyzer product for storing and managing reports. This device comprehensively examines and analyzes the logs received from other products of this company such as Fortigate and Fortiweb. With syslog.
The reports of this FortiAnalyzer are user-friendly so that you can easily access all kinds of reports related to cyber threats, attacks, accesses, contents and attachments in emails and messaging applications, and so on. The advantage of these reports is the protection of confidential information and vital data of organizations. The filters in FortiAnalyzer make it easy to access comprehensive reports, and it allows you to report a large number of FortiNet products on the network.
Click here for more information on the Fortinet license
Forti Analyzer Features
Central search and reporting platform
Provide reports of similar searches on Google-like network traffic, threats, network activity, and network trends.
Automatic Compromise Indicators (IOC)
Scans security reports using FortiGuard IOC Intelligence to detect APT.
Real-time and Historical Views into Network Activity
View instant and history of all applications, resources, destinations, websites, security threats, administrative changes, and system events.
Light-weight Event Management
It is easy to define alarms for predefined security events.
Incident Response
This feature of Forti Analyzer is provided by focusing on event management and analysis at the endpoint. Preventive database for estimated default events is used to detect malicious and suspicious activity. Integrating logged events with the FOS Automation Framework provides endpoint threat quarantine.
Incident detection and tracking, as well as gathering and analyzing evidence through integration with ITSM operating systems, helps to perform security response, improvement and reinforcement in the Security Operation Center.
FortiView-Powerful Network Visibility
The FortiAnalyzer License Customizable Interactive Dashboard helps you quickly identify problems using a visual overview of network traffic, threats, applications, and more. FortiView is a comprehensive monitoring system for your network that integrates real-time and historical data into a single view. It can record and monitor network threats, filter data at multiple levels, track office activity, and more.
Indicators of Compromise
The IOC, which stands for Indicators of Compromise, provides the network administrator with a summary of the set of threatening activities the user uses on the web. The mechanism is to examine information such as IP addresses at the endpoint, hostname, operating system, etc. و and provide an overall ranking based on these behaviors.
To prepare this index, Forti Analyzer compares the web reports received from each user with its database, and finally, according to the number of these behaviors, assigns a final score to the user in terms of the threat index.
This index is generated through information received from FortiGate web filtering devices and fortianalyzer subscription with the mechanism of synchronizing the local threat database with the threats identified in fortiGaurd.
reports
With this feature of Forti Analyzer, managed reports can be obtained from logs. The FortiAnalyzer license has more than 30 built-in templates and uses sample reports to provide the best report to suit your needs.
It is also possible to receive custom reports via email at specified intervals in this device. It is possible to receive custom reports with the help of more than 300 preset tables in various formats such as PDF, HTML, CVS and XML with this device.
FortiAnlyzers NOC-SOC is a management center that helps you secure your overall network by providing login and threat information. SOC helps you with centralized monitoring and awareness of threats, events and network activity, using FAZ predefined dashboards and widgets, from the network, websites, applications, databases and other technologies Protect.