Fortinet FortiAnalyzer 800B Appliance

Overview:

The FortiAnalyzer family of logging, analyzing, and reporting appliances securely aggregate log data from Fortinet devices and other syslog-compatible devices. Using a comprehensive suite of easily-customized reports, users can filter and review records, including traffic, event, virus, attack, Web content, and email data, mining the data to determine your security stance and assure regulatory compliance. FortiAnalyzer also provides advanced security management functions such as quarantined file archiving, event correlation, vulnerability assessments, traffic analysis, and archiving of email, Web access, instant messaging and file transfer content.

FortiAnalyzer™ Centralized Reporting Benefits:

• Secure data aggregation from multiple FortiGate and FortiMail security appliances provides network-wide visibility.
• Over 300 customizable reports help monitor and maintain acceptable use policies, identify attack patterns, and comply with governmental regulations regarding privacy and disclosure of security breaches.
• Network capacity and utilization data reporting enables network administrators to plan and manage networks more efficiently.
• Fully integrated with FortiManager appliances for a single point of command, control, analysis, and reporting.
• Advanced features such as event correlation, forensic analysis, and vulnerability assessment provide essential tools for in-depth protection of complex networks.
• Up to 4.8 TB of log data capacity and choice of RAID levels allow administrators to balance capacity and data assurance to match organizational needs.

Knowledge is Power

To meet the growing demand for Web-enabled applications and new IP-based services, such as multimedia messaging, voice over IP (VoIP), and video applications, enterprise networks are rapidly expanding and dramatically growing in complexity. As a result, monitoring and enforcing acceptable use policies, identifying and blocking new blended security threats, and complying with emerging governmental regulations requires sophisticated logging and reporting capabilities. Both real-time and historical views of network usage and security information are essential for discovering and addressing vulnerabilities across dispersed networks and user groups. The ability to capture network event, usage and content information for forensic purposes, and to comply with governmental regulations regarding privacy and disclosure of security breaches, is absolutely critical. Network and security administrators need a comprehensive set of logging and reporting tools that provide the knowledge required to implement a complete multi-layered security solution.

Solutions for Dynamic Security Management

The FortiAnalyzer family of real-time network logging, analyzing, and reporting systems are a series of dedicated network hardware appliances that securely aggregate log data from Fortinet devices and third-party devices. A full range of log record types may be archived, filtered and mined for compliance or historical analysis purposes. A comprehensive suite of standard graphical reports are built-in to the system, which also offers the flexibility to customize reports to specific needs. FortiAnalyzer solutions also provide advanced security management functions such as: quarantine archiving, event correlation, vulnerability assessments, traffic analysis, and archiving of email, Web access, instant messaging and file transfer content.

Key Features and Benefits: Network Event Correlation Allows IT administrators to more quickly identify and react to network security threats across the network. Streamlined Graphical Reports Provides network-wide reporting of events, activities and trends occurring on FortiGate and third party devices. Scalable Performance and Capacity FortiAnalyzer family models support thousands of FortiGate and FortiClient™ agents. Centralized Logging of Multiple Record Types Including traffic activity, system events, viruses, attacks, Web filtering events, and messaging activity/data. Centralized Content Archiving with Centralized Quarantine Provides reliable archiving of content data, such as email content, IM chat and file transfers, as well as a centralized quarantine repository for infected files. Centralized Log Aggregation Supports flexible deployment scenarios, such as deploying lower cost models in regional offices, and aggregating logs to centralized office. Seamless Integration with the Fortinet Product Portfolio Tight integration maximizes performance and allows FortiAnalyzer resources to be managed from FortiGate or FortiManager™ user interfaces.

Knowledge is the Key to Dynamic Security Management Security threats are becoming much more dynamic with attacks now using multiple vectors to penetrate, then exploit their intended targets. Businesses must immediately recognize new vulnerabilities or attacks and implement protective measures before the damage is done. FortiAnalyzer systems are a critical component of the comprehensive Fortinet security solution, providing enterprise-class logging and reporting features necessary to discover, analyze and mitigate threats. The FortiAnalyzer system’s forensic analysis tool enables detailed user activity reports, while the vulnerability assesment tool can automatically discover, inventory and assess the security posture of servers and hosts. Complete the security management solution with a FortiManager system for comprehensive and seamless centralized management for your entire network.

Deployments:

Centralized Logging & Reporting with FortiAnalyzer Integration for Complete Knowledge and Control
 

	Security Reporting—Security Management FortiAnalyzer is a centralized solution to the logging and reporting challenges in today’s complex and dynamic security environments. Implemented on scalable, high-performance platforms. FortiAnalyzer captures granular information across the entire range of security threats, not just the Firewall or IPS elements, and delivers the information in reports that are easy to configure, understand and use.
	Understanding the Dynamic Security Environment Not only are the security threats more complex in today’s business environment, but new regulatory, compliance and legal mandates also require businesses to not only understand activities on their networks but to proactively implement and enforce such regulatory requirements and to be responsible for acceptable use policies. FortiAnalyzer provides hundreds for standard reports as well as the ability to fully customize reports to unique business needs. Reports can be tailored to and delivered in the exact formats needed based on user requirements. Profile-based Administration allows unique access privileges and rights to be assigned to different users based on requirements and needs.
	Content Logging & Data Mining Network wide log aggregation and archiving is critical to identifying security threats and managing network usage. In addition to in-depth, real-time logging and reporting, FortiAnalyzer enables detailed content logging of user activities and network traffic. Activity can be monitored in real-time or logged, archived and later mined as needed. Activity be tracked by user, protocol, source, destination, etc., and the actual content exchanged in a session can be captured. Not only is content logging critical in order to implement regulatory mandates such as HIPAA and SOX compliance but absolutely required to enforce acceptable use policies and to protect valuable corporate assets and intellectual property.

Technical Specifications:

FortiAnalyzer Series Specifications:
FortiAnalyzer Models
	FortiAnalyzer-100B	FortiAnalyzer-800B	FortiAnalyzer-2000A	FortiAnalyzer-4000A
System Specifications
Security Hardened Platform	Yes	Yes	Yes	Yes
Number of Licensed Network Devices[1]	10	250	500	700
Number of FortiClient Devices	100	2500	5000	5000
Number of FortiMail Devices	50	100	200	200
Hardware Specifications
10/100 Ethernet	4	0	0	0
10/100/1000 Ethernet	0	4	2	2
Number of Hard Drives	1	4	6	12
Total Hard Drive Capacity	250.0 GB	2.0 TB	3.0 TB	6.0 TB
RAID Storage Management	No	Yes (0, 1, 5)	Yes (0, 1, 5, 10, 50)	Yes (0, 1, 5, 10, 50)
Redundant Hot Swap Power Supplies	No	No	Yes	Yes
Dimensions (H, W, L)	2.0 x 13.3 x 6.8 in(5 x 33.7 x 17.5 cm)	1.8 x 17.0 x 22.6 in(4.5 x 43.0 x 57.5 cm)	3.5 x 17.5 x 29.0 in(8.9 x 44.5 x 73.7 cm)	3.5 x 19.0 x 27.0 in. (8.9 x 48.3 x 68.6 cm)
Weight	4.4 lbs (2.0 kg)	20.0 lbs (9.1 kg)	63.0 lbs (28.6 kg).	68.0 lbs (30.8 kg)
Rack Mountable	No	Yes	Yes	Yes
Input Voltage	100-240VAC	100-240VAC	100-240VAC	100-240VAC
Input Current	0.8A	4A	9A	9A
Average Power Consumption	24W	195W	340W	432W
Environmental
Operating Temperature	32 to 104 deg F (0 to 40 deg C)
Storage Temperature	-13 to 158 deg F (-25 to 70 deg C)
Humidity	5 to 95% non-condensing.
Regulatory
Regulatory	FCC Class A Part 15 / CE Mark

[1] A licensed network device is defined as: One (1) FortiGate device without Virtual Domain (VDOM) mode enabled or One (1) VDOM if FortiGate device is running in multiple VDOM mode or One (1) Third-party SYSLOG compatible device

FortiAnalyzer Logging and Reporting Features:

Graphical Reporting

FortiAnalyzer systems empower the network or security administrator with the knowledge needed to secure their networks through a comprehensive suite of standard graphical reports and the total flexibility to customize custom reports. Network knowledge can be archived, filtered and mined for compliance or historical analysis purposes.

Real-time Log Viewer

The ability to monitor network, traffic and user events in real-time or browse historical for specific events provides powerful insight into network security threats, performance and user behavior.

Granular Information

The FortiAnalyzer User Interface (UI) enables administrators to drill deep within security log data to provide the granular level of reporting necessary to understand what is happening on your network. Historical or real-time views allow administrators to analyze log and content information, as well as network traffic. The advanced forensic analysis tools allow the administrator to track user activities to the content level.

Features:

All FortiAnalyzer models provide the following features:
 

Typical Applications:

Services & Support:

Supported Devices

• FortiGate Multi-Threat Security Systems
• FortiMail Email Security Systems
• FortiClient Mobile End-Point Security
• FortiClient PC End-Point Security
• FortiManager Centralized Management
• Any Syslog-Compatible Device

FortiCareSupport Services

•  24 x 7 x 365 FortiCare Web Service [1]
• 8x5 Telephone-based Technical Support [2]
• 1-Year Limited Hardware Warranty
• 90-Day Limited Software Warranty

[1] Annual renewal required to maintain service
[2] 24 x 7 Telephone Technical Support available.

Documentation:

Download the Fortinet FortiAnalyzer Datasheet (PDF).