- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
- Fortinet Community
- Knowledge Base
- FortiSIEM
- What makes your SIEM a Winner?
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Let's talk about three important areas of SIEM deployments: functionality, scalability, and flexibility.
Functionality
What does a SIEM do? Wikipedia [1] suggests: Data aggregation; Correlation; Alerting; Dashboards; Retention, and; Forensic Analysis - a good list of foundational features, but these are taken-for-granted in a modern SIEM. What else does a SIEM do for you,? What makes your SIEM a winner in your environment?
FortiSIEM brings a raft of functionality that provides a winning solution for modern enterprise and service provider environments:
|
Feature |
Description |
Benefit |
|
Combined NOC&SOC Analytics |
Performance and availability monitoring via active device discovery |
|
|
Integrated CMDB |
Asset list of discovered devices, plus device monitoring |
|
|
Integrated UEBA |
Visibility of client activity. AI driven anomaly detection. |
|
|
Mitre ATT&CK(r) Framework |
ATT&CK framework integration down to the technique level |
|
|
Flexible multi-tier dashboards |
Customizable, graphical, widget based dashboards |
|
|
Integrated case management |
Built in case management, plus integration with external ticket systems |
|
|
Full multi-tenancy capabilities |
End to end multi-tenancy features for service provider deployments |
|
|
And more… |
|
Scalability
How big will your SIEM deployment be on day 1? How about the day after? A year later? Sizing a SIEM deployment can be tricky, but is a critical part of deploying a solution that will deliver the log ingestion and query performance that you need.
FortiSIEM's Rapid Scale Architecture utilizes a scale out architecture and shared storage to scale from a small single node deployment up to a large multi-node cluster. The architecture is easy to understand and easy to scale; it consists of just three node types: supervisor, worker and collector. Need to scale your FortiSIEM? Add more workers and collectors.
Flexibility
FortiSIEM's broad feature set and scalable architecture deliver a flexible, winning solution for our customers:
- Deploy FortiSIEM in a small enterprise that needs an easy to use solution that can deliver real added value to IT departments
- Deploy FortiSIEM in a large enterprise environment that needs a scalable and effective but easy to use SIEM solution that provides: more functionality. greater visibility, and reduced MTTR
- Deploy FortiSIEM in a MSP or MSSP environment that needs a scalable, multi-tenant capable platform that can be easily and efficiently used to deliver hosted or managed SIEM services
Head over to https://www.fortinet.com/products/siem/fortisiem to read more about how FortiSIEM can bring greater value to your organization, or contact your Fortinet partner or account manager today.
References
[1] https://en.wikipedia.org/wiki/Security_information_and_event_management
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.