Centralized Network Security Logging and Reporting

Networks are constantly evolving due to threats, organizational growth, or new regulatory/business requirements. Traditional analysis products focus on recording and identifying company-wide threats through logging, analysis, and reporting over time. FortiAnalyzer offers the features to identify these threats, as well as providing flexibility to evolve along with your ever-changing network. FortiAnalyzer minimizes the effort required to monitor and maintain acceptable use policies, as well as identify attack patterns.

FortiAnalyzer enterprise-class features deliver:

  • Network event correlation to enable quick response to threats across the network
  • Forensics and drill-down capabilities for auditing suspicious activity
  • Highly customized reports to meet your business needs
  • Choice of operating modes: can be deployed for analysis, collection (forwarder), or log fetching
  • Seamless integration with Fortinet portfolio products


FortiAnalyzer 400E

FortiAnalyzer 1000E

FortiAnalyzer 2000E

FortiAnalyzer 3000E

FortiAnalyzer 3500E

FortiAnalyzer 3900E


fortimail 1000E


The FortiAnalyzer Virtual Appliances securely aggregate log data from Fortinet devices and other syslog-compatible devices. Using a comprehensive suite of easily-customized reports, users can filter and review records, including traffic, event, virus, attack, Web content, and email data, mining the data to determine your security stance and assure regulatory compliance.

FortiAnalyzer Virtual Appliance Features & Benefits:

  • Over 550 reports and customizable charts help monitor and maintain identify attack patterns, acceptable use policies, and demonstrate policy compliance
  • Network capacity and utilization data reporting allow you to plan and manage networks more efficiently
  • Scalable architecture allows the device to run in collector or analyzer modes for optimized log processing
  • Advanced features such as event correlation, forensic analysis, and vulnerability assessment provide essential tools for in-depth protection of complex networks
  • Secure data aggregation from multiple FortiGate and FortiMail™ security appliances provides network-wide visibility and compliance

Security Event Information Management

You can put time back in your day by deploying a FortiAnalyzer platform into your security infrastructure, creating a single view of your security events, archived content, and vulnerability assessments. FortiAnalyzer platforms accept a full range of data from Fortinet solutions, including traffic, event, virus, attack, content filtering, and email filtering data. It eliminates the need to manually search multiple log files or manually analyze multiple consoles when performing forensic analysis or network auditing. A FortiAnalyzer platform’s central data archiving, file quarantine and vulnerability assessment further reduce the amount of time you need to spend managing the range

Base license for stackable FortiAnalyzer-VM
1 GB/Day of Logs and 500 GB storage capacity.  Unlimited GB/Day when used in collector mode only.
Designed for VMware vSphere, Xen, KVM and Hyper-V platforms.
Upgrade license for adding 1 GB/Day of Logs and 500 GB storage capacity.
Upgrade license for adding 5 GB/Day of Logs and 3 TB storage capacity.
Upgrade license for adding 25 GB/Day of Logs and 10 TB storage capacity.