Overview
FortiSIEM is a highly scalable multi-tenant Security Information and Event Management (SIEM) solution that provides real time infrastructure and user awareness for accurate threat detection, analysis and reporting. FortiSIEM first discovers the infrastructure including devices, applications, users in physical / virtual, on-premise / cloud environments and auto-populates a Configuration Management Database (CMDB). It then collects various pieces of information such as logs, traffic flows, performance metrics, configuration changes and correlates them in real time to detect security and performance issues. FortiSIEM has built-in integrations with over 350 devices and applications for data collection, major external threat intelligence sources, major ticketing systems and supports all major compliance requirements. FortiSIEM has a purpose built software architecture that can scale collection, real time correlation and reporting by incrementally adding virtual appliances without any down time.
Highlights
- Unified analysis of log, flow, performance and change data in context of auto-discovered CMDB
- Real time alerting, Compliance Reporting, Cloud Scale Architecture for On-premise and Cloud Infrastructure and Application Data sources
- Multi-tenant, MSP/MSSP Ready
Details
Pricing
Additional AWS infrastructure costs
Type | Cost |
|---|---|
EBS General Purpose SSD (gp3) volumes | $0.08/per GB/month of provisioned storage |
Vendor refund policy
BYOL, work directly with your Fortinet or Fortinet authorized channel account team.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
Single VM or a cluster of VMs for scale-out. The head-end VM node is called Supervisor. First step is to create a VM from the AMI and add one or two 50GB+ disk(s) for data storage if you choose Clickhouse or local EventDB for log storage. If you choose NFS or Elasticsearch for log storage, then you don't need these extra disks. You can also choose AWS EFS or AWS Elasticsearch for log storage. Steps to install and use are here:
- FortiSIEM v7.2.x - AWS Installation and Migration Guide
https://docs.fortinet.com/product/fortisiem/7.2
-
Obtain a POC or trial license or production license from Fortinet using licensing guide (https://docs.fortinet.com/fortisiem/admin-guides ). Navigate via https to the IP address of the supervisor. Choose Service Provider or Enterprise deployment, and upload license
-
Login with default credentials as given in the above installation guide, choose storage type as detailed in the above AWS installation guide. Configure the product based on details in the user guide.
Resources
Support
Vendor support
Fortinet FortiCare support offerings provide global support for all Fortinet products and services. Customer satisfaction is Fortinet's number one priority. With FortiCare support, customers can be assured that their Fortinet security products are performing optimally and protecting their corporate assets with the best security technology at the best possible price. Fortinet offers end-users multiple options for FortiCare contracts so that they can obtain the right level of support for their org
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
