Fortinet FortiAnalyzer BD VM
High-performance big data network analytics for large and complex networks

Overview:

The FortiAnalyzer BigData 4500F delivers high-performance big data network analytics for large and complex networks. It is designed for large-scale data center and high-bandwidth deployments, offering the most advanced cyber threat protection by employing hyperscale data ingestion and accelerated parallel data processing. Together with its new distributed software and hardware architecture and Fortinet’s high performance next generation firewalls, this powerful 4RU chassis offers blazing fast performance, enterprise-grade data resiliency, built-in horizontal scalability, and consolidated appliance management.

High Performance

• Totally redesigned and optimized architecture, employing the newest Big Data Kafka/Hadoop/Spark technologies
• Massive Parallel event streaming and data processing for highspeed ingestion, data storage and search capabilities
• The highest performing FortiAnalyzer appliance: 300,000 logs/ sec out-of-box, horizontally scalable to petabytes of storage

Unified Appliance Management

• Enterprise-grade Big Data Appliance with consolidated hardware and software monitoring through the Cluster Manager
• Simple installation, updating, expansion, and data management
• Built-in automation and customizable job templates

Reliable and Scalable Deployment

• Built-in enterprise high availability and data resiliency based on a newly optimized software and hardware architecture
• Designed for rapid scalability with multiple Big Data appliances using high speed 40Gb/s built-in switch modules
• Specifically designed to accelerate the visibility and expansion of the Fortinet Security Fabric

Big Data Security Analytics

• Monitor and analyze your entire network from end-to-end at an accelerated rate, maximizing the visibility of your entire attack surface, network traffic, applications, users, and end-point hosts
• Interactive dashboards and informative reports using realtime tracking of key security metrics, link health status and application steering performance
• Ready to use and customizable report templates for compliance, security posture assessments and system performance checks

Rapid Incident Detection & Response

• Intuitive event and incident workflow for SOC teams to focus on critical alerts
• The built-in correlation engine automates and groups alerts to remove false positives
• Out-of-box connectors and extensive APIs for security teams to automate repetitive tasks

Highlights:

FortiAnalyzer Big Data supports all of the features and technologies of FortiAnalyzer family. FortiAnalyzer Big Data also provides additional scalability and high-speed performance using new massive parallel data processing and Collumnar Data Store processes. After the data ingest, the FortiAnalzyzer Big Data provides an easy to use front-end UI that interacts with the distributed big data SQL engine to search, query and aggregate the data.

		FORTIANALYZER APPLIANCES	FORTIANALYZER BIG DATA 4500F
Security Analytics	Log View	✔️	✔️
	Interactive FortiView Dashboards	✔️	✔️
	Fabric View - Assets and Identity	✔️	✔️
	Out-of-Box Report Templates	✔️	✔️
Incident Response	Indicators of Compromise Service	✔️	✔️
	Event Correlation & Alerting	✔️	✔️
	Incident Escalation Workflow & Management	✔️	✔️
Automation & Integration	Security Fabric Connectors	✔️	✔️
	Security Fabric Integration	✔️	✔️
	REST API	✔️	✔️
Muti-Tenancy & RBAC	ADOM	✔️	✔️
	Role-Based Access Control	✔️	✔️
Performance & Scalability	Deployment	Small, Medium Enterprise	Large Enterprise & Service Providers
	High Availability and Redundancy	Yes, requires a second unit	Yes, built-in HA and redundancy
	Sustained Rate	Up to 100,000 logs/sec	Start at 300,000 logs/sec
	Horizontal Scalability	-	✔️
	Big Data Analytics Engine	-	✔️
	Massive Parallel Data Processing	-	✔️
	Distributed Architecture	-	✔️
	Collumnar Data Store	-	✔️
Appliance Management	Chassis	-	✔️
	Cluster Manager	-	✔️

Specifications:

FortiAnalyzer Big Data Virtual Appliance Specifications
Capacity
Storage Capacity	200 TB
Log Ingestion Rate (logs/sec)	150 000 (up to 500 000)
Devices/VDOMs (Maximum)	10,000+
Chassis Management	✔️
Virtual Machine
FortiGuard Indicator of Compromise (IOC)	✔️
SOC Subscription	✔️
FortiGuard Outbreak Alert Service	✔️
Hypervisor Support	Up-to-date hypervisor support information can be found in the release notes for each FortiAnalyzer Big Data version. Visit https://docs.fortinet.com/product/fortianalyzer-bigdata/ and find the Release Information at the bottom section. Go to “Product Integration and Support” -> “FortiAnalyzer BigData [version] support” -> “Virtualization”

Documentation:

Download the Fortinet FortiAnalyzer BD Series Datasheet (PDF).