SE RVICE DE SC RIPTIO N

FORTIANALYZER™ CLOUD
1. Introduction

FortiAnalyzer Cloud is a cloud-based SaaS-hosted analytics-powered security and log management solution for
FortiGate™ and supported Fortinet security products as communicated by Fortinet in applicable product data
sheets and release notes (the “Supported Products” and the “Service”). The Service provides solutions for
centralized reporting, traffic analysis, event and incident management, and log retention without the need for
additional hardware, software, or management overhead.

Using a web-based portal, a number of benefits can be achieved, including:

 End-to-end visibility with event correlation and threat detection.
 Hosted log retention with cloud based storage.
 Security intelligence and analytics with SOC views.
 Automation through scripts and connectors.
 Indicators of compromise detection service.
 Event alerts and incident management.

For clarity, the Service provides a consistent set of features for the Supported Products and product-specific
functionality is provided based on the product type.

2. Service Features and Deliverables

The Service will be made available on a twenty-four hours a day by seven days a week basis and available in
various regional secure datacenters that enable customers to keep their data within defined boundaries. The
Service does not share any Customer logs or configurations between regional datacenter instances. The
following Service features are included for all supported technology:

 Target portal availability of 99.99%.

 Traffic and application visibility through a dashboard view that displays various system and log widgets
with real-time monitors.
 Automated incident response capability for improved management and analytics with a focus on event
management and identifying compromised endpoints.
 Log retention based on subscription levels.

3. Customer Required Contribution & Responsibilities

In order to benefit from the Service features, the Customer must:

 Purchase, register and maintain an active FortiCloud™ Premium Account subscription license.
 Register all Supported Products to be covered under the Service in the Support Portal.
 Configure the Supported Products to be covered under the Service appropriately to use the Service.
 Provide network connectivity with required configuration to enable the Supported Products, to be
covered under the Service, to communicate with the Service. Logs are sent periodically during which
time internet connectivity must be available.
 Access the portal through supported web browser software with appropriate internet connectivity.
 Complete the Service renewal before the expiration of the current term. Otherwise, log files will be
purged after seven (7) days with no grace period.
 Ensure the products and versions are the Supported Products and suitable for the Service.
 Manage configurations of the Supported Products covered by the Service to ensure any data
transmitted is done in accordance with Customer’s data privacy requirements.
 The flow of logs and bandwidth between the Supported Products covered by the Service and the
FortiAnalyzer Cloud instance are regulated based on device log rate limits. Restrictions may apply if the

FORTINET PUBLIC – CUSTOMERS AND PARTNERS #870-2726-1.3 Page | 1 of 4

FORTIANALYZER CLOUD Service Description
 bandwidth exceeds the daily allotted bandwidth amount set per Fortinet device.
 FortiAnalyzer log data analytics cannot exceed more than three (3) months or one-hundred (100) days.
 FortiAnalyzer log data retention cannot exceed more than twelve (12) months or three-hundred and
sixty-five (365) days.
 Customers are responsible for performing external back-ups and storage of their logs and data as
needed past the allowed retention period, if required for compliance or other purposes.
 The firmware of the FortiAnalyzer Cloud instance must be upgraded regularly to the latest build for
stability and support purposes. Customers will be notified when a new build is available and that an
upgrade is required providing a period before an automatic upgrade occurs (the “Upgrade Period”).
Once within the Upgrade Period the Customer may initiate the upgrade at a time of their choosing by
accepting the upgrade. Additionally, if it is discovered that there is a vulnerability in a firmware build
which is determined to be an emergency, Fortinet may upgrade the instance without notice to or
acceptance from the Customer.
 At least thirty (30) days prior to the Service expiration, the Customer will receive a renewal notification
from the cloud portal on a weekly basis. The Service expiration date will be displayed within the
FortiAnalyzer Cloud instance where the Customer will also be prompted with daily notifications for
renewal. Upon Service expiration, the FortiAnalyzer Cloud instance will be shut down and an email
notification will be sent to the Customer. The Customer then has thirty (30) days to contact support to
renew their license and regain access to the FortiAnalyzer instance. After thirty (30) days as of the
expiration, the instance will be deleted and a notification sent to the Customer. For clarity, the
Customer is explicitly advised that, once the instance is deleted, the data will be no longer recoverable.
 The effectiveness of the Service is dependent on the configuration utilized by the Customer on their
local platform and the available bandwidth for communicating the data.

4. Scope & Conditions

 In the event that continued provision of the Service to the Customer would compromise the integrity
or security of the Service, the Customer agrees that Fortinet may temporarily limit or suspend the
Service to the Customer at Fortinet’s sole discretion.
 Customer agrees to use the Service for legitimate and lawful business purposes only. In particular, the
Customer is responsible for ensuring that its usage of the Service shall be in accordance with all
applicable laws (including, but not limited, privacy and security laws) and proper controls and processes
shall be implemented in this respect. Therefore, Fortinet explicitly advises the Customer to always
assess and ensure that the usage of the Service complies with local legislation prior to its deployment.
Should Fortinet discover illegal activity, the Service may be terminated without notice and the relevant
authorities may be notified regardless of intent. In the event that the continued provision of the Service
to the Customer would compromise the security of the Service or Fortinet’s systems, networks or
reputation, the Customer agrees that Fortinet may temporarily or permanently suspend the Service to
the Customer. The Customer accepts and acknowledges that: (a) Fortinet shall not be liable for any
damages, fines, claims, costs or expenses incurred or suffered by the Customer or any third parties as
a result of or in connection with the breach of these warranties; and (b) it shall fully indemnify and hold
Fortinet harmless from and against any and all claims, liabilities, losses, damages, penalties or fines,
including all reasonable legal fees, arising directly or indirectly as a consequence of the breach of these
warranties. Customers are responsible for configuring analytics and retention periods at the time of
setup. After the retention period all logs will be deleted permanently.
 Where maintenance of the Fortinet infrastructure is required, Fortinet will aim to perform such
maintenance without any Service disruption. With any planned maintenance activity that may cause
Service disruption, Fortinet will use reasonable efforts to provide the Customer with forty-eight (48)
hours advanced notice. Planned maintenance will not be performed between the hours of 8 a.m. and
6 p.m. in the time zone where the infrastructure is located, and will not be more than eight (8) hours in
any calendar month. Notification will be made through the most appropriate method dependent on
user impact, which may include email, portal messages, or other means.
 The Customer acknowledges and agrees that: (a) the Service is subject to intrinsic reliability and
technical limitations; (b) the Service helps to prevent, find or eliminate malware and security breaches
but it is technically impossible to guarantee email or network security as no security device or service

FORTINET PUBLIC – CUSTOMERS AND PARTNERS #870-2726-1.3 Page | 2 of 4

FORTIANALYZER CLOUD Service Description
 can guarantee full security or the blocking of all known malicious activity; and (c) Fortinet accepts no
liability for any damage or loss resulting directly or indirectly from any failure of the Service to detect
malware, malicious activity or for false positives including security breach, data loss, data corruption,
and service interruptions and/or degradations of the Company’s network, systems.
 In the event that the integrity of the Service is at risk, Fortinet may perform emergency maintenance
actions at its sole discretion and Fortinet will use reasonable efforts to inform all affected parties within
one hour of the start of the maintenance activity.
 All service levels described in this document are targets which Fortinet will use reasonable efforts to
achieve. Any loss of connectivity is the responsibility of the Customer with the Service continuing to be
considered as being utilized. The availability target only applies to the Service infrastructure. Service
targets are measured as of the submission of the support ticket to Fortinet and will exclude delays
related to Service unavailability or disruption caused by any of following events, without limitation:
i. scheduled maintenance or emergency maintenance;
ii. unauthorized user changes;
iii. Customer initiated changes whether implemented by Customer or Fortinet or a third party
on behalf of Customer;
iv. Customer exceeding the subscribed Service entitlement;
v. Customer's failure to adhere to Fortinet implementation, support processes and
procedures;
vi. acts or omissions of the Customer, its employees, agents, third party contractors or vendors
or any third party accessing the Service;
vii. any violations of the Customer responsibilities defined herein;
viii. any event not wholly within the control of Fortinet;
ix. negligence or willful misconduct of the Customer, or others authorized by the Customer to
use the Services provided by Fortinet;
x. any failure of any component for which Fortinet is not responsible, including but not limited
to all Customer´s infrastructure including electrical power sources, networking equipment,
computer hardware, computer software or email content;
xi. any failures that cannot be corrected because the Customer, its systems or networks are
not reasonably accessible to Fortinet. It is the Customer's (if applicable) responsibility to
ensure that technical contact details are kept up to date by submitting a request ticket to
confirm or update the existing the technical contact details.
 The Service will be delivered in accordance with Fortinet’s privacy policy made available and updated
from time to time at https://www.fortinet.com/corporate/about-us/privacy. The Customer is
responsible for ensuring that their use of the Service is in accordance with such laws or regulations.
 The Customer is responsible for ensuring that their use of the Service is in accordance with all applicable
privacy and security laws, and the Customer will ensure it has in place proper controls and processes in
this respect.
 The Service is subject to the terms of Fortinet’s then-current Service Terms & Conditions located at
https://www.fortinet.com/corporate/about-us/legal.html and Fortinet’s then-current privacy policy
available at: https://www.fortinet.com/corporate/about-us/privacy.html (or any other sites as
designated by Fortinet from time-to-time).

5. Eligibility & Purchasing:

The Service is available for purchase by an end-customer (the “Customer”) through authorized Fortinet resellers
and distributors globally. Fortinet’s resellers and distributors are independent third parties that conduct
business in their own name and account and, consequently, cannot bind Fortinet in any way. The Service is
delivered to the Customer of Fortinet products as referenced in the purchase order placed with Fortinet by a
customer or Fortinet-authorized partner or distributor.

FORTINET PUBLIC – CUSTOMERS AND PARTNERS #870-2726-1.3 Page | 3 of 4

FORTIANALYZER CLOUD Service Description
 Unit
FortiAnalyzer Cloud Service
(FortiGate™/FortiWifi™, FortiGate
Chassis Platforms, FortiGate VM)
FortiGate 360 Protection Bundle—
includes FortiAnalyzer Cloud Service
FortiGate VM 360 Protection
Bundle—includes FortiAnalyzer
Cloud Service
FortiAnalyzer-cloud Premium
Subscription
Options SKU
FortiAnalyzer Cloud: Base FC-10-XXXXX-188-02-DD
subscription for Cloud‐based Events
and Security Log Management plus
IOC Service
360 Protection (ASE FortiCare plus FC-10-XXXXX-816-02-DD
App Ctrl, IPS, AV, Web Filtering,
Antispam, FSA Cloud, Security
Rating, SD‐WAN Cloud Assisted
Monitoring, SD‐WAN Overlay Ctrl
VPN, FMG/FAZ Cloud,
IndustrialSecurity, FortiConverter
Svc, and FortiCASB (10 users)
360 Protection (ASE FortiCare plus FC-10-XXXXX-819-02-DD
App Ctrl, IPS, AV, Web Filtering,
Antispam, FSA Cloud, Security
Rating, SD‐WAN Cloud Assisted
Monitoring, SD‐WAN Overlay Ctrl
VPN, FMG/FAZ Cloud, Industrial
Security, FortiConverter Svc, and
FortiCASB (10 users))
Premium subscription for Cloud‐ FC-10-XXXXX-208-02-DD
based Central Logging & Analytics.
Supports all FortiGate log types with
IOC service, SOC subscription and
24x7 FortiCare support included.

Where XXXXX is defined by the appliance or platform it may apply to. Please refer to Fortinet’s then-current
price list to identify the specific SKU for the appropriate product.

The date of the Service registration determines the start date of the Service (the “Service Start Date”) which will
run for the period determined by the Service SKU purchased by Customer notwithstanding if the Service
entitlements are not fully consumed (the “Service End Date”). The registration and delivery of the Service
covered by this service description must commence within three hundred and sixty-five (365) days from the
contract creation date, after which the service is forfeit without any refund. In no circumstances will the duration
of the Service be extended. All sales are final.

As a requirement to benefit from the Service, the Customer shall validly purchase and register an active
FortiCloud Premium Account License to access FortiAnalyzer Cloud. The FortiCloud Premium account provides
eligibility and access to cloud products and trials, as well as enabling full configuration and device management
for FortiAnalyzer Cloud.

Unit Options SKU

FortiCloud Premium Account Access to advanced account and FC-15-CLDPS-219-02-DD
License) platform features. Per account
license. See datasheet/online
resources for included
feature/license details.

FORTINET PUBLIC – CUSTOMERS AND PARTNERS #870-2726-1.3 Page | 4 of 4

FORTIANALYZER CLOUD Service Description