FortiAnalyzer version 6.0.0 includes the following new features and enhancements:
Incident Detection & Response
Event Manager 2.0
- From Event Manager > All Events, you can now search and filter events, customize columns and save filtered events to a Custom View.
- The secondary Group By option from the event handler edit screen provides flexibility on event information organization.
- Built-in event handler to provide threat feed to the FortiOS automation framework.
You can raise an incident from detected events. The raised incident is listed under the Incidents menu for further analysis and evidence collection.
- Fortinet Security Best Practice Dashboard: a simple CISO dashboard to show a snapshot of the security of your network, including the current security ranking score, industry peer comparison, and security maturity level.
- New Vulnerability Dashboard: displays a summary of detected endpoint vulnerabilities along with the detailed FortiGuard information for each critical vulnerability.
- IOC scan now includes Traffic logs and DNS logs to provide better detection coverage.
- The IOC Notification Service provides event notification to FortiOS when a compromised host is detected.
FortiAnalyzer High Availability
Support automatic failover over IP for log redundancy and high system availability.
Secure Syslog Forwarding
Support forwarding logs in syslog format over TLS/SSL.