Call a Specialist Today! (02) 9388 1741
Free Delivery! Free Delivery!

FortiSIEM-Manager
Enterprise-Grade Protection for Smaller Networks

FortiSIEM-Manager


Live Demo! Click here to load

Overview:

FortiSIEM brings together visibility, correlation, automated response, and remediation in a single, scalable solution. It reduces the complexity of managing network and security operations to effectively free resources, improve breach detection, and even prevent breaches.

FortiSIEM Manager

  • Used to monitor and manage multiple FortiSIEM instances.
  • Must be installed on a separate Virtual Machine and requires a separate license.
  • Only FortiSIEM Manager and FortiSIEM Supervisor instances version 6.5.0+ are supported.

Communication and Upgrades

  • Communication between FortiSIEM Manager and instances is handled via REST APIs over HTTP(S).
  • FortiSIEM Manager must be upgraded first before upgrading all FortiSIEM Instances.
  • This applies to both Content Updates and Software Image Updates.

Features:

Instance Registration and Communication

Each FortiSIEM Instance registers with the FortiSIEM Manager, establishing a two-way HTTP(S) communication channel. This enables seamless coordination and data exchange between instances and the Manager.

Incident, License, and Health Data Forwarding

Incidents are forwarded in near real-time, Health information is updated every minute, and License information is refreshed hourly. The FortiSIEM Manager stores Incidents and License details in a local PostgreSQL database, while raw events are fetched on demand from the originating instance.

Rule and Incident Synchronization

All Incident status changes and rule modifications from FortiSIEM instances are automatically forwarded to the Manager, ensuring consistent visibility and control across all deployments.

Centralized Operations

From the FortiSIEM Manager, you can clear, resolve, or comment on Incidents, disable rules, adjust rule or incident severity, and even run FortiSOAR Playbooks and Connectors with updates reflected across the connected instances.

One-Click Deep Investigation

Use a single click to log into the relevant FortiSIEM instance where an Incident occurred, enabling fast and detailed investigation without breaking workflow.