FortiSIEM旨在成为您安全运营团队的支柱,是抵御攻击的终极防线。该系统包含一套独特的高性能IT/OT安全信息和事件管理功能集,基于先进分析技术构建,内置完整的配置管理数据库(CMDB)、原生安全编排、自动化和响应 (SOAR) 功能以及生成式人工智能(GenAI)辅助系统。
|
FortiSIEM真正实现了新一代安全信息和事件管理(SIEM),具备全企业范围的IT/OT事件收集能力、先进的检测分析功能、丰富的用户体验以及独特的配置管理数据库(CMDB),所有这些都由最新的自动化和人工智能技术驱动。开箱即用的价值、完全的灵活性和终极的可扩展性,使其成为任何规模组织的理想解决方案。
观看演示视频
安全信息和事件管理价值的核心在于TDIR。FortiSIEM通过用户行为分析(UEBA)、超过2800条IT/OT关联规则以及客户可控的机器学习模型,实现独特的攻击检测能力。分析师调查与快速响应由风险优先级排序、实时威胁情报、原生自动化及全面事件管理驱动,所有功能均由FortiAI-Assist提供支持。
了解更多关于 FortiAI-Assist 的信息
FortiSIEM将FortiSIEM与FortiSOAR的强大功能整合为单一安全信息和事件管理解决方案,为任何FortiSIEM活动带来SOAR自动化的简易性与强大效能。通过自动化分析师体验、预构建的操作手册库以及简易的操作手册创建功能,安全编排、自动化和响应 (SOAR) 自动化能够加速完成任何分析师任务。
阅读 FortiSIEM 7.4 博客
FortiSIEM包含完整的IT/OT配置管理数据库(CMDB),既能促进资产健康状况监控,又能支持安全分析师的调查工作。该系统具备自动资产发现与分类、普渡模型映射、资产健康指标采集与状态预警以及导入/导出功能,可提供关键IT信息并辅助安全事件管理。
下载解决方案简报现代化 SOC 要求 SIEM 解决方案不仅限于处理日志收集、简单的规则关联、内容搜索和合规报告等传统任务。FortiSIEM 既支持传统任务,又搭载诸多独特的优势功能,满足当今安全运营需求。
内置IT/OT配置管理数据库
被动与主动发现,加之对资产健康状况和性能的持续监控
实时安全分析
基于UEBA引擎、可定制机器学习及2800余条关联规则的强健IT/OT威胁检测
内置的SOAR自动化
丰富灵活的自动化功能可加速威胁调查与响应,并能处理任何分析师任务。
由 FortiAI-Assist 提供支持
基于FortiAI-Assist生成式人工智能的引导式、简化式与自动化安全防护
OSquery 端点可见性
扩展端点调查与取证监控,实现无缝集成
广泛集成
支持数百种第三方解决方案,并为Fortinet产品提供增值功能
FortiSIEM荣获2024年Gartner Peer Insights™安全信息与事件管理领域客户之选奖项。FortiSIEM在所有类别中均表现卓越——包括产品功能、支持/交付、用户推荐意愿、评论数量以及评论市场覆盖率。
*基于截至2024年8月31日止年度的106条评价
FortiSIEM的检测与响应功能由FortiGuard威胁情报服务以及数十种可选的行业安全信息源提供支持。
Fortinet 致力于帮助广大用户赢得商业成功,FortiCare 服务每年助力成千上万的用户,充分挖掘现有产品和服务的投资潜力,实现价值最大化。为此,FortiCare 基于生命周期理念,为广大用户提供业内卓越的安全服务,助力用户持续拥抱商业成功。
技术支持服务
各种基于设备的选项支持高效操作。FortiCare Elite 选项为关键产品提供 15 分钟的响应时间。
高级支持
通过指定专家的运营审查,可提供各种基于客户的白手套服务,以减少干扰并提高生产力。
专业服务
我们的多供应商专家可以设计和部署基于最佳实践的完整解决方案,帮助您实现网络或安全目标并采用新功能。
RMA
整个产品系列均提供 Premium RMA 选项,加急更换有缺陷的硬件,以满足您的可用性目标。
Delivering out-of-the-box value, complete flexibility, and ultimate scale, FortiSIEM is the right solution for organizations and managed sercurity service providers (MSSPs) of any size.
Security teams can adopt FortiSIEM and FortiSOAR to provide advanced enterprisewide threat detection, complete incident management capabilities, and critical SOC functions, all based on AI and automation.
This demo offers an overview of key new FortiSIEM features (as of June 2025) used throughout the incident investigation and response workflow.
See how Fortinet's new GenAI assistant, Fortinet Advisor, guides and turbocharges the FortiSIEM analyst experience across incident investigation, response, report creation, and more.
Learn about security’s biggest gap and how the NOC-SOC approach helps close that gap.
SIEMs can be difficult, SOCs are expensive, and the related compliance is a pain. StratoZen reduces or eliminates these challenges for their clients by using FortiSIEM as part of their SOC and SIEM “as a service” solutions.
Learn about the new features in FortiSIEM 5.0 – CMDB, UEBA and SOAR Orchestration. Learn how you can do more with less, harmonizing security and networking operations to business focused outcomes.
Fortinet Named a Challenger in the 2025 Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM)
Improved Security Team Operational Efficiency and Reduced Risk to the Organization, Each by Up to 99%
1touch.io provides automated real-time discovery, mapping, and tracking of personal data across structured and unstructured repositories found on-prem or in the cloud. Together with Fortinet, 1touch.io enables joint customers to effectively and granularly protect and report sensitive personal data across the enterprise.
Creating a Service-Centric Workload and Connectivity Converged Infrastructure that empowers our Enterprise customers to innovate without compromise. Our cloud networking and zero trust solution allows you to select Fortinet to protect your traffic.
6connect is the global leader in network resource provisioning automation and control. Together with Fortinet, 6connect’s ProVision platform provides unparalleled flexibility for SDWAN migration and increased flexibility for the modern enterprise dealing with the realities of hybrid cloud and distributed multi-vendor networks.
ABB is a pioneering technology leader that works closely with utilities, industry, transportation and infrastructure customers to write the future of industrial digitalization and realize value.
Acalvio ShadowPlex Autonomous Deception solution provides early detection of advanced threats with precision and speed. Together with Fortinet, Acalvio can automatically quarantine any compromised enterprise hosts based on the deception alerts and user-configurable threat severity levels.
Acronis is a global cyber protection company that provides natively integrated cybersecurity, data protection, and endpoint management for managed service providers (MSPs), small and medium businesses (SMBs), and enterprise IT departments. Through Acronis with Fortinet, MSPs can initiate various response actions to remediate malicious changes and prevent future attacks from network-based threats.
At ADVA Optical Networking, we're creating a new vision for a more connected world. Our award-winning network functions virtualization (NFV) solutions provide our customers with unprecedented choice and flexibility. Our ADVA Ensemble solution suite provides a comprehensive NFV architecture that includes programmable hardware, comprehensive software and end-to-end orchestration solutions.
Advantech helps service providers and enterprises extend the cloud to the IoT edge by providing scalable network platforms that accelerate network transformation. Advantech network appliances and edge servers combined with Fortinet security software offer key foundational building blocks that will form the backbone of the new IoT economy.
Aislelabs is a location analytics and marketing automation platform designed for brick & mortar enterprises across multiple verticals. Aislelabs products, deployed on Fortinet infrastructure, enables end-to-end customer behavioral analytics by not only tracking how customers behave within the space, but also tools to engage them online and offline.
AMD is transforming our lives by building great products that accelerate next-generation high-performance and adaptive computing experiences. AMD and Fortinet unlock high-performance capabilities for customers, enabling them to experience a best-in-class security and user experience with a compelling value proposition.
Gartner, Magic Quadrant for Security Information and Event Management, Andrew Davies, Eric Ahlm, Angel Berrios, Darren Livingstone, 8 October 2025
Gartner, Gartner Peer Insights ‘Voice of the Customer’: Security Information and Event Management, Peer Contributors, 10 December 2024
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, MAGIC QUADRANT and PEER INSIGHTS are registered trademarks and The GARTNER PEER INSIGHTS CUSTOMERS’ CHOICE badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.
Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.
