Content

Fortinet FortiSIEM 5.2.6

Fortinet’s FortiSIEM platform enables protects every infrastructure edge with zero-trust network access, identifying and securing entities both on and off the network and accelerating network performance. Through its expanded security fabric ecosystem, FortiSIEM reduces the complexity of supporting multiple products. It integrates easily with other threat sharing initiatives and third-party technologies to provide broad attack surface visibility and better risk management.

AI has become a key component to threat detection, automating workflows to increase security efficiency. AI powers FortiGuard Labs, Fortinet’s threat intelligence, which analyzes billions of events every day to detect and prevent threats. Security teams need to be able to detect threats immediately and the automated remediation options of FortiGuard Labs increase the efficiency of threat detection and response. Its automation also reduces the impact of human limitations that would otherwise lead to unseen threats and an infinitely long remediation backlog.

For many businesses, security operations are notoriously time consuming. For example, most security teams must regularly generate reports, which have tremendous value and are a critical component of IT security. However, generating such reports, especially compliance reports, is a lengthy and mundane task. FortiSIEM offers a much more efficient alternative. The platform has a report builder with fully customizable graphs and scheduling functionality so that repeated data discoveries occur at preset days and times. The FortiSIEM generator issues reports that have room for multiple sections with various elements. Analysts can access actionable information from them quickly using easy drilldown and pivoting functionalities. Many dashboard templates are available out-of-the box. One dashboard can even hold several sub-dashboards at once, allowing security teams to customize and optimize their visibility. Users can share their customized dashboards with others who can then clone them or alter them to suit their own purposes.

Inventory and configuration management database (CMDB) discovery provide precise business-service monitoring that flags all anomalous network activity. And though actionable information and visibility simplify the investigation process dramatically, we believe that the graphical design of the threat chain is slightly inferior to those of other products. However, this inferiority is mostly superficial and has little to no impact on usability.  

FortiSIEM has a scalable, multi-tenant architecture that optimizes security operation performance and ensures critical business services maintain high availability. The ability to provide CMDB and performance monitoring in a SIEM is impressive. FortiSIEM is an ideal SIEM solution for MSSPs and those looking for high usability in a scalable architecture with robust out-of-the-box content.

Pricing starts at $8,271 and covers a one-year subscription with 8/5 phone, email and website support for up to 50 devices. Customers also have access to a knowledgebase and FAQ list. Fabric DevOps is a community forum with community-driven scripts that automate network and security provisions, configurations and orchestrations. 24/7 support is available for a fee. 

Tested by: Tom Weil

Product title
Fortinet FortiSIEM 5.2.6
Product info
Vendor: Fortinet Contact: www.fortinet.com Price: $8,721 for one-year subscription for up to 50 devices
Strength
The ability to provide CMDB and performance monitoring in a SIEM is impressive.
Weakness
None that we found.
Verdict
FortiSIEM is an ideal SIEM solution for MSSPs and those looking for high usability in a scalable architecture with robust out-of-the-box content.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.