We performed a comparison between Fortinet FortiSIEM and Icinga based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"The automation feature is valuable."
"Log aggregation and data connectors are the most valuable features."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"It's pretty powerful and its performance is pretty good."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"It gives us the opportunity to generate notifications based upon rules that get triggered, and the rules could be specific to PCI, HIPAA, GIBA, NIST, and so forth."
"Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same."
"FortiSIEM's log correlation is good."
"Fortinet FortiSIEM is easy to use."
"To add workers and even collectors is pretty easy."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"FortiSIEM is a great tool for making security processes transparent."
"It is really easy in Icinga to create your own plugin and integrate it without any fuss. And it works just perfectly fine."
"The value of Icinga is that it has hundreds of plugins, so it's really easy to monitor pretty much anything."
"Icinga does the job and is fairly stable."
"Macros and the ability to connect it to Google Maps are valuable features."
"The drafts are easy but what I like about Icinga is that there are many add-ons that you can download."
"The best thing about the solution is how it highlights errors, the issues, and what needs my attention. The solution directs me to areas that I should look for first."
"This solution has a self-healing handler where if the service is down, it is automatically restarted."
"There's a module called Icinga Director, which helps us configure the product using an intuitive interface through clicks instead of creating a text configuration. It's very helpful for us."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"There is room for improvement in entity behavior and the integration site."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"I would like to be able to monitor applications outside of the Azure Cloud."
"I would like to see easier implementation in the future."
"They need to integrate better with Cisco and Palo Alto."
"There could be more AI features included in the product."
"It would be good if the solution offered even more configuration options, especially in relation to the VPN so that it continues to be a very flexible option."
"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"At this time, the layout of the website is a bit difficult. It should be more user-friendly for changing the background and logos."
"One thing that Icinga lacks is the capability to create advanced and customized dashboards within the tool itself."
"I think the software is quite good, but we have had problems with getting it to recognize certain areas and amend certain checks, where we needed so we would have to create backend scripts for those checks. Though, being open source, it has the support to create backend scripts, it would be better to have these scripts in-built."
"We have found some problems with Nagios, and support isn't very responsive."
"In general, the product does not look good. However, it does what it is supposed to do. So, the improvements should focus on usability and UI."
"The user interface should be improved."
"The installation and configuration are very complex."
"The solution lacks many features important to higher-level IT management and network support."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while Icinga is ranked 22nd in Network Monitoring Software with 16 reviews. Fortinet FortiSIEM is rated 7.6, while Icinga is rated 7.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Icinga writes "A stable, scalable and cost-effective solution that helps with inbuilt scripts for easy modification". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas Icinga is most compared with Zabbix, Checkmk, Nagios Core, Nagios XI and Centreon. See our Fortinet FortiSIEM vs. Icinga report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.