••••••••••••••••••

••••••••••••••••••
FortiAnalyzer™-400B Centralized Logging,
Analysis, and Reporting
Datasheet

Centralized Management Solutions for Fortinet Systems

Knowledge is Power
To meet the growing demand for Web-enabled applications and new IP-based services, such as multimedia messaging, voice over IP (VoIP), and video
applications, enterprise networks are rapidly growing in size and complexity. As a result, monitoring and enforcing acceptable use policies, identifying and
blocking emmerging security threats, and complying with emerging governmental regulations requires sophisticated logging and reporting capabilities.
Both real-time and historical views of network usage and security information are essential for discovering and addressing vulnerabilities across dispersed
networks and user groups. The ability to capture network event, usage and content information for forensic purposes, and to comply with governmental
regulations regarding privacy and disclosure of security breaches, is absolutely critical. Network and security administrators need a comprehensive set of
logging and reporting tools that provide the knowledge required to implement a complete multi-layered security solution.

Solutions for Dynamic Security Management

The FortiAnalyzer family of real-time network logging, analyzing, and reporting systems are a series of dedicated network hardware appliances that securely
aggregate log data from Fortinet devices and third-party devices. A full range of log record types may be archived, filtered, and mined for compliance or
historical analysis purposes. A comprehensive suite of standard graphical reports are built-in to the system, which also offers the flexibility to customize reports
to specific needs. FortiAnalyzer solutions also provide advanced security management functions such as: quarantine archiving, event correlation, vulnerability
assessments, traffic analysis, and archiving of email, Web access, instant messaging, and file transfer content.

• • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • •

Key Features and Benefits

Network Event Correlation Allows IT administrators to more quickly identify

and react to network security threats across the
network.

Streamlined Graphical Reports Provides network-wide reporting of events,

activities and trends occurring on FortiGate®
FortiAnalyzer-400B and third party devices.

Scalable Performance and FortiAnalyzer family models support thousands

Capacity of FortiGate and FortiClient™ agents.
••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••

Knowledge is the Key to Dynamic Security Management Centralized Logging of Multiple Including traffic activity, system events, viruses,
Record Types attacks, Web filtering events, and messaging
Security threats are becoming much more dynamic with activity/data.
attacks now using multiple vectors to penetrate, then exploit
their intended targets. Businesses must immediately recognize Centralized Content Archiving Provides reliable archiving of content data, such
new vulnerabilities or attacks and implement protective with Centralized Quarantine as email content, IM chat and file transfers, as
measures before the damage is done. FortiAnalyzer systems well as a centralized quarantine repository for
are a critical component of the comprehensive Fortinet security infected files.
solution, providing enterprise-class logging and reporting
Centralized Log Aggregation Supports flexible deployment scenarios, such
features necessary to discover, analyze, and mitigate threats.
as deploying lower cost models in regional
The FortiAnalyzer system’s forensic analysis tool enables offices, and aggregating logs to centralized
detailed user activity reports, while the vulnerability assesment office.
tool can automatically discover, inventory and assess the
security posture of servers and hosts. Complete the Fortinet Seamless Integration with the Tight integration maximizes performance
security management solution with a FortiManager system for Fortinet Product Portfolio and allows FortiAnalyzer resources to be
comprehensive and seamless centralized management for your managed from FortiGate or FortiManager™
entire network. user interfaces.
• • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • •

Technical Specifications

SYSTEM FORTIANALYZER OS
FortiAnalyzer-400B
SPECIFICATIONS FEATURES

Number of Licensed Network Devices.................................................................200 GENERAL SYSTEM FUNCTIONS FORENSIC ANALYSIS

Number of Licensed FortiClient Agents.............................................................2,000 Profile-Based Administration Track User Activities by Username, Email Address,
Number of FortiMail Devices...............................................................................100 Secure Web Based User Interface Encrypted Commu- or IM Name
Operating System............................................................Hardened FortiAnalyzer OS nication & Authentication Between FortiAnalyzer Supports FortiGuard Web Filtering Reports to Show
Server and FortiGate Devices Web Site Access And Blocked Web Sites Per User
Recommended FortiGate Models................................................Any FortiGate model
Mail Server Alert Output Configurable Report Parameters including:
Connect / Sync FortiAnalyzer - Profiles
HARDWARE SPECIFICATIONS
SNMP Traps - Devices
10/100/1000 Interfaces (Copper, RJ-45).................................................................4 Syslog Server Support - Scope
Hard Drive Bays......................................................................................................2 RAID Configurations - Types
Hard Drive Included..................................................................................1 x 500 GB Change / View RAID Level - Format
RAID Support........................................ Yes (RAID 0 or 1, with optional second drive) Support For Network Attached Storage (NAS) - Schedule
Dimensions Launch Management Modules - Output
Height.................................................................................... 1.7 inches (4.5 cm) Launch Administration Console Customized Report Output
Width............................................................................... 17.25 inches (43.8 cm) Configure Basic System Settings Reports on Demand
Online Help Report Browsing
Length............................................................................... 14.5 inches (36.8 cm)
Add/Change/Delete a FortiGate Device
Weight...........................................................................................10 lbs (4.5 kg)
View Device Groups CONTENT ARCHIVING / DATA MINING
Rack Mountable..............................................................................................Yes
View Blocked Devices All Functions of Log Analysis & Reporting
Input Voltage........................................................................................ 100-240V AC
View Alerts / Alert Events View by Traffic Type
Input Current.......................................................................................... 4.0 A (Max) Alert Message Console View Content Including:
Average Power Consumption (Avg)..................................................................121 W View FortiManager Connection Status - HTTP (Web URLs)
View System Information / Resources - FTP (Filenames)
ENVIRONMENTAL View License Information - Email (Text)
Operating temperature: ............................................32 to 104 deg F (0 to 40 deg C) View Statistics - Instant Messaging (Text)
Storage temperature: ..........................................-13 to 158 deg F (-25 to 70 deg C) View Operational History View Security Event Summaries
Humidity: ......................................................................... 5 to 95% non-condensing View Session Information View Traffic Summaries
Backup / Restore View Top Traffic Producers
REGULATORY......................................FCC Class A, Part 15, UL/CUL, C Tick, CE, VCCI Restore Factory Default System Settings
Format Log Disks LOG BROWSER AND REAL-TIME LOG VIEWER
Change the Firmware Real-Time Log Viewer
Change the Host Name Historical Log Viewer
Customized Log Views
NETWORK ANALYZER Log Filtering
Real-Time Traffic Viewer Log Search
Historical Traffic Viewer Log Rolling
Customizable Traffic Analyzer Log Top Users
Search Network Traffic Logs View Web Traffic
View Email Traffic
CENTRAL QUARANTINE View FTP Traffic
Configure Quarantine Settings View Instant Messaging and P2P Traffic
View Quarantined Files List Filter Traffic Summaries
Device Summary
LOG ANALYSIS & REPORTING Traffic Reports Including:
View/Search/Manage Logs - Event (Admin Auditing)
Automatic Log Watch - Viruses Detected
Profile-Based Reporting - Attack (IPS Attacks)
Over 300 Predefined Reports - Web Content Filtering
Log Aggregation to Centralized - Email Filtering
FortiAnalyzer - Content (Web, Email, IM)
FortiClient Specific Reports
VULNERABILITY SCANNER
Configure Vulnerability Scan Jobs
Run Vulnerability Scan Jobs
View Summary / Detailed Reports

FortiGuard Security Subscription Services

ƒƒ Antivirus ƒƒ Web Filtering ƒƒ Premier Signature Service
ƒƒ Intrusion Prevention ƒƒ Antispam Includes Antivirus and Intrusion Prevention Updates with
additional service level agreements

FortiCare™ Support Services

ƒƒ 24/7/365 Web-Based Technical Support ƒƒ 24-Hour Phone-Based Support (Optional) ƒƒ 1-Year Limited Hardware Warranty
ƒƒ Technical Account Management Service ƒƒ Professional Services (Optional) ƒƒ 90-Day Limited Software Warranty
(Optional)

• • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • •

Global Headquarters EMEA Sales Office-France APAC Sales Office-HONG KONG

Fortinet Incorporated Fortinet Incorporated Fortinet Incorporated
1090 Kifer Road, Sunnyvale, CA 94086 USA 120 rue Albert Caquot 61 Robinson Road
Tel +1-408-235-7700 06560, Sophia Antipolis, France #09-04 Robinson Centre
Fax +1-408-235-7737 Tel +33-4-8987-0510 Singapore 068893
www.fortinet.com/sales Fax +33-4-8987-0501 Tel: +65-6513-3730
Fax: +65-6223-6784
Copyright© 2009 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, and FortiGuard®, are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be trademarks of Fortinet. All other product or company
names may be trademarks of their respective owners. Performance metrics contained herein were attained in internal lab tests under ideal conditions. Network variables, different network environments and other conditions may
affect performance results, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding contract with a purchaser that expressly warrants that the identified product will perform
according to the performance metrics herein. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any guarantees. Fortinet
reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable. Certain Fortinet products are licensed under U.S. Patent No.
5,623,600. FAZ-400B-DAT-0109-R1