Hello, I have the following request. Which Fortinet products can perform the following tasks that I will outline? Here's what the product should do: SIEM: A local SIEM solution. Ability to separately analyze raw logs when needed, with the ability to export them in .json, .cef, and .csv formats. If the SIEM does not have this capability, the applicant must propose an alternative solution that allows retaining all security and application logs for 90 days. The solution should have User Behavior Analytics (UBA) functionality. Endpoint Security EDR/XDR: A local solution for endpoint detection and response (EDR) or extended detection and response (XDR). Privileged Access Management (PAM) Software: A local PAM solution for managing and controlling privileged access. Seven licenses required. Network Traffic Flow Recording Solution: A solution that can integrate with SIEM and firewall and/or network devices (switches, routers) to record traffic flow at the full TCP/IP packet level (in .pcap or .pcapng format) from the moment a SIEM alert or firewall alert is received.which products can do this requirements? i need your help guys. thanks all

Explorer II

Solved

Fortinet Products

Hello, I have the following request. Which Fortinet products can perform the following tasks that I will outline? Here's what the product should do:

SIEM:

A local SIEM solution.
Ability to separately analyze raw logs when needed, with the ability to export them in .json, .cef, and .csv formats. If the SIEM does not have this capability, the applicant must propose an alternative solution that allows retaining all security and application logs for 90 days.
The solution should have User Behavior Analytics (UBA) functionality.

Endpoint Security EDR/XDR:

A local solution for endpoint detection and response (EDR) or extended detection and response (XDR).

Privileged Access Management (PAM) Software:

A local PAM solution for managing and controlling privileged access. Seven licenses required.

Network Traffic Flow Recording Solution:

A solution that can integrate with SIEM and firewall and/or network devices (switches, routers) to record traffic flow at the full TCP/IP packet level (in .pcap or .pcapng format) from the moment a SIEM alert or firewall alert is received.
which products can do this requirements? i need your help guys. thanks all

Best answer by spoojary

FortiSIEM, FortiEDR, FortiPAM and Fortianalyzer

Staff

FortiSIEM, FortiEDR, FortiPAM and Fortianalyzer