Speaking of FAZ, I've a question about how licensing works. Let's say we have a 1GB/Day license. If the input log size exceeds 1GB in a day, what happens exactly? Collecting logs stops completely? Logs are collected but only 1GB per day are analyzed and available to make reports? or any other method?
If logging volume exceeds the licenced volume, FortiAnalzyer does not forcibly drop logs, stop processing them or not use them in reporting, but there can be performance issues which can eventually lead to loss of logs.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.