FortiAnalyzer 6.0.2 Administration Guide

FortiAnalyzer 6.0.0

FortiAnalyzer 6.0.0 includes the following new features and enhancements:

Incident Detection & Response

Event Manager 2.0

  • From Event Manager > Event Monitor > All Events, you can now search and filter events, customize columns and save filtered events to a Custom View.
  • The secondary Group By option from the event handler edit screen provides flexibility on event information organization.
  • Built-in event handlers provide threat feed to the FortiOS automation framework. You can raise an incident from detected events. The raised incident is listed under the Incidents menu for further analysis and evidence collection.

SOC Dashboards

  • Fortinet Security Best Practice Dashboard: a simple CISO dashboard to show a snapshot of the security of your network, including the current security ranking score, industry peer comparison, and security maturity level.
  • New Vulnerability Dashboard: displays a summary of detected endpoint vulnerabilities along with the detailed FortiGuard information for each critical vulnerability.

IOC Enhancements

  • IOC scan now includes Traffic logs and DNS logs to provide better detection coverage.
  • The IOC Notification Service provides event notification to FortiOS when a compromised host is detected.


FortiAnalyzer High Availability

Support automatic failover over IP for log redundancy and high system availability.

Secure Syslog Forwarding

Support forwarding logs in syslog format over TLS/SSL.