FortiSIEM Deployment Options

Leave a reply

Deployment Options

FortiSIEM architecture of workers, collectors, and supervisors offers a number deployment options for enterprises at any level of scale, as well as deployment options for managed service providers who need multi-tenant solutions. Topics in this section describe these deployment options in detail, including use cases for each deployment type as well as node and server configurations for each deployment type.

Enterprise Deployment Options

Standalone Supervisor Deployment for Enterprises

Supervisor and Worker Cluster Deployment for Enterprises

Supervisor with Collectors Deployment for Enterprises

Matrix of Enterprise Deployment Configuration Options

Multi-Tenant Deployment Options for Managed Service Providers or Multiple Organizations

Standalone Supervisor Deployment for Multi-Tenancy

Supervisor and Worker Cluster Deployment for Multi-Tenancy

Supervisor with Collectors Deployment for Multi-Tenancy

Matrix of Multi-Tenancy Deployment Configuration Options

Enterprise Deployment Options

For FortiSIEM, an Enterprise deployment is one in which there is a single organization for which data is gathered and analyzed, and the virtual appliances are located entirely on-premises for that organization.

Standalone Supervisor Deployment for Enterprises

Supervisor and Worker Cluster Deployment for Enterprises

Supervisor with Collectors Deployment for Enterprises

Matrix of Enterprise Deployment Configuration Options

Standalone Supervisor Deployment for Enterprises

This is the simplest possible deployment option, in which a single Supervisor handles all the work of monitoring, processing, and analyzing data.

You can configure the Supervisor to use local or NFS storage, depending on your event data storage requirements, as described in Using NFS

Storage with AccelOps

Supervisor and Worker Cluster Deployment for Enterprises

As the number of monitored devices, or the analyzed event rate, grows, one Supervisor may not be able to handle the load. In that case, you can deploy a cluster of Supervisor and Worker virtual appliances that share data over NFS. In a cluster deployment, the Supervisor and Worker nodes have specific functions:

This entry was posted in Administration Guides, FortiSIEM on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.