Fortinet black logo

Administration Guide

About FortiAnalyzer-BigData

Copy Link
Copy Doc ID 6e24e010-489e-11ec-bdf2-fa163e15d75b:644652
Download PDF

About FortiAnalyzer-BigData

FortiAnalyzer-BigData improves upon base FortiAnalyzer appliances and offers analytics-powered security and event log management to process large volumes of data. FortiAnalyzer-BigData is redesigned with a new distributed backend and high-end hardware. The Security Event Manager, the backend log engine of FortiAnalyzer-BigData, is a horizontally scalable, high availability (HA) system that supports the needs of large enterprise organizations. The Security Event Manager comprises multiple server blades working together as a cluster, so you can add new blades to expand and scale the Security Event Manager as your organization grows.

Main Features

FortiAnalyzer-BigData offers the following features:

High ingestion throughput

A single FortiAnalyzer-BigData can sustain 300k events per seconds (EPS) log ingestion. FortiAnalyzer-BigData can sustain high throughput ingestion while continuing to perform analytics workload in the background.

Horizontal scalability backend

You can add additional appliance chassis to a running FortiAnalyzer-BigData without shutting down the system. This allows you to scale out the storage and query throughput.

Built-in high availability and fault tolerant backend

The backend, Security Event Manager, offers out-of-box fault tolerance and high availability with no need for initial configuration. All running services run under an active HA mode where data is replicated three times into different data hosts.

Easily recoverable data

By following regular backup scheduling procedures, you can recover lost data. FortiAnalyzer-BigData's backup drive configuration works with external Hadoop Distributed File System (HDFS) URLs.

Ease of management

FortiAnalyzer-BigData has a new Cluster Manager tile so you can manage and set up FortiAnalyzer-BigData from a centralized location. You can also monitor various service metrics, current host status, server logs and more from the Cluster Manager GUI.

Supported models

FortiAnalyzer-BigData supports the same FortiGate models as FortiAnalyzer 7.0.1. For a list of supported FortiGate models, see the FortiAnalyzer 7.0.1 Release Notes.

About FortiAnalyzer-BigData

FortiAnalyzer-BigData improves upon base FortiAnalyzer appliances and offers analytics-powered security and event log management to process large volumes of data. FortiAnalyzer-BigData is redesigned with a new distributed backend and high-end hardware. The Security Event Manager, the backend log engine of FortiAnalyzer-BigData, is a horizontally scalable, high availability (HA) system that supports the needs of large enterprise organizations. The Security Event Manager comprises multiple server blades working together as a cluster, so you can add new blades to expand and scale the Security Event Manager as your organization grows.

Main Features

FortiAnalyzer-BigData offers the following features:

High ingestion throughput

A single FortiAnalyzer-BigData can sustain 300k events per seconds (EPS) log ingestion. FortiAnalyzer-BigData can sustain high throughput ingestion while continuing to perform analytics workload in the background.

Horizontal scalability backend

You can add additional appliance chassis to a running FortiAnalyzer-BigData without shutting down the system. This allows you to scale out the storage and query throughput.

Built-in high availability and fault tolerant backend

The backend, Security Event Manager, offers out-of-box fault tolerance and high availability with no need for initial configuration. All running services run under an active HA mode where data is replicated three times into different data hosts.

Easily recoverable data

By following regular backup scheduling procedures, you can recover lost data. FortiAnalyzer-BigData's backup drive configuration works with external Hadoop Distributed File System (HDFS) URLs.

Ease of management

FortiAnalyzer-BigData has a new Cluster Manager tile so you can manage and set up FortiAnalyzer-BigData from a centralized location. You can also monitor various service metrics, current host status, server logs and more from the Cluster Manager GUI.

Supported models

FortiAnalyzer-BigData supports the same FortiGate models as FortiAnalyzer 7.0.1. For a list of supported FortiGate models, see the FortiAnalyzer 7.0.1 Release Notes.