FortiAnalyzer Cloud Central Logging & Analytics - Abonnementlisensfornyelse (1 år) - 1 enhet - med vert - including all FortiGate log types, IOC service, SOC service and FortiGuard Outbreak Detection service - for FortiGate 200G

Tilgjengelighet: Ikke på lager
Sku: FC-10-FG2HG-585-02-12
23 120,00 kr eksl mva
Beskrivelse

FortiAnalyzer is a powerful log management, analytics, and reporting platform that provides organizations with a single console to manage, automate, orchestrate, and respond, enabling simplified security operations, proactive identification and remediation of risks, and complete visibility of the entire attack landscape. Integrated with the Fortinet Security Fabric, advanced threat detection capabilities, centralized security analytics, end-to-end security posture awareness and control, helps security teams identify and mitigate threats before a breach can occur.

Centralized NOC/SOC visibility for the attack surface

The FortiSOC view helps security and network operations teams protect network assets with correlated log and threat data and insights through actionable views with deep drill-down capabilities. Real-time notifications, reports, predefined or customized dashboards deliver single-pane visibility and actionable results. Utilize FortiAnalyzer workflow automation for simplified orchestration of security operations, management of threats, vulnerabilities, and incident response. Proactively investigate anomalies and threats through analysis of SIEM normalized logs in Threat Hunting view.

Event management

Security teams can monitor and manage alerts and event logs from Fortinet devices, with events processed and correlated in a format that analysts can easily understand. Investigate suspicious traffic patterns and search using filters in predefined or custom event handlers to generate real-time notifications and monitoring for NOC and SOC operations, SD-WAN, SSL VPN, wireless, Shadow IT, IPS, network recon, FortiClient, and more.

Incident management

The Incidents component in FortiSOC enables security operations teams to manage incident handling and life cycle with incidents created from events to show affected assets, endpoints, and users. Analysts can assign incidents, view and drill down on event details, incident timelines, add analysis comments, attach reports and artifacts, and review playbook execution details for complete audit history.

Playbook automation

FortiAnalyzer Playbooks boost an organization's security team abilities to simplify investigation efforts through automated incident response, freeing up resources and allowing analysts to focus on tasks that are more critical. Out-of-the-box playbook templates enable SOC analysts to quickly customize their use cases, including playbooks for investigation of compromised hosts, infections and critical incidents, data enrichment for Fabric view assets and identity views, blocking of malware, C and C IPs, and more. Security teams can define custom processes, edit playbooks and tasks in the visual playbook editor, utilize the playbook monitor to review task execution details, import or export playbooks, and use built-in connectors with OAuth2 authentication, allowing playbooks to interact with other Security Fabric devices like FortiOS and EMS. The connector health check provides an indicator for verifying that connectors are always up and working.

Generelt
KategoriOnline og apparatbaserte tjenester - skydataprogramvare, fjerntilgang / påloggingskontroll, dataanalyse
ProdukttypeAbonnementlisensfornyelse - 1 år
InstallasjonstypeMed vert - SaaS
Lisensiering
Antall lisenser1 enhet
DetaljerInkluderer alle FortiGate loggtyper, IOC-tjeneste, SOC-tjeneste og FortiGuard Outbreak Detection-tjeneste
Informasjon om kompatibilitet
Designet forFortinet FortiGate 200G