Fortinet FortiAnalyzer supports analytics-powered use cases to provide better detection against breaches. FortiAnalyzer provides deep insights into advanced threats through Single-Pane Orchestration, Automation & Response for your entire attack surface to reduce risks and improve your organization’s overall security.
Total End Users
Quickly display a list of all users and endpoints in your FortiAnalyzer instance to quickly correlate against, logs, events and incidents.
Some users might use multiple endpoints in the network, and endpoints might use multiple different interfaces to connect, then network interfaces might have multiple IP addresses, and so on... Stratiam helps you quickly map out and understand these relationships. .
When FortiAnalyzer features are enabled, you can configure how an ADOM handles
log files from its devices. For example, you can configure how much disk space
an ADOM can use for logs, and then monitor how much of the allotted disk space is used.
Monitor FortiAnalyzer ADOMs in Stratiam and their corresponding properties. Cross-corerlate these with associated metrics.
Using the logs sent by your Fortigate Firewall to your FortiAnalyzer you can set up a monitoring/alerting function for any logs or events you wish to monitor.
Assign severity levels to these and send the corresponding output signal to Stratiam to cross-corerlate with other relevant datasets.
Integrated with Fortinet’s Security Fabric, FortiAnalyzer simplifies the complexity of analyzing and monitoring new and emerging technologies that have expanded the attack surface, and delivers end-to-end visibility, helping you identify and eliminate threats.
Endpoints and end users are important assets in a network as they are the main
entry points in a cybersecurity breach.
Some users might use multiple endpoints in the network, endpoints might use multiple different interfaces to connect, network interfaces might have multiple IP addresses, and so on. A map of users and their endpoints gives you better visibility when you analyze logs, events, and incidents. This also helps with your reporting and cross-correlation in Stratiam.
Chart types are an enhancement beyond what would be available in the native FortiAnalyzer platform and are an example Stratiam value-added feature. Actual platform visualisations may differ to what is demonstrated in the concepts below. All charts have linked drill-paths for further data-exploration.
Actual platform visualisations may differ. Charts linked to drill-down views.
Connecting to FortiAnalyzer via our API connector is easy, you simply need to request a trial, after which we'll help set you up with your API credentials, select visualisation types and relevant permissions to get started. If you have other data-services you are interested in connecting to, we'd recommend checking out our other data-connectors.