We performed a comparison between Fortinet FortiSIEM and Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"The initial setup is very simple and straightforward."
"The pricing of the product is excellent."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"We have no complaints about the features or functionality."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"We have many application systems, and I can set up Fortinet FortiSIEM for users to monitor their systems."
"FortiSIEM's log correlation is good."
"It gives us the opportunity to generate notifications based upon rules that get triggered, and the rules could be specific to PCI, HIPAA, GIBA, NIST, and so forth."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"The most valuable feature is the flexible log for identifying security threats inside an application. Sentinel is very good at this."
"The solution's Kusto Query Language (KQL) execution time is pretty good."
"The stability is phenomenal and we never had any issues with downtime or even had to restart."
"Sentinel gave us logs to tell us what's going right and wrong in your environment so we could secure the network."
"It makes everything easier by automating some tasks and growing with our needs."
"The tool is simple to use."
"The most valuable feature of this solution is that it provides a central locking system for many event sources."
"The native integration with out-of-the box format is hassle free and allows data to be used advantageously."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"We are invoiced according to the amount of data generated within each log."
"The solution should allow for a streamlined CI/CD procedure."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"The graphs on the user interface could be improved as we often experience glitches."
"We expect the latest patch from Fortinet FortiSIEM to give the ability to work with signature files."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries."
"The challenge I face with Fortinet FortiSIEM is the lack of support."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"Areas for improvement would be the ease of use and the integration with Fortinet's own products."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"There is a need for more flexibility in customization, especially when working with different vendors and platforms."
"You need a lot of Unix scripting knowledge in order to manage the tool, which is one of the main issues that we faced."
"Creating a drag-and-drop dashboard or workbook in Sentinel is a little more complex compared to other tools like LogRhythm and IBM QRadar."
"I rate Sentinel a six out of ten for scalability."
"There is no integration in the web-side of the tool."
"The solution does not allow outsourced authorizations."
"This product's connection to certain types of cloud systems could be improved. We can do Microsoft, Google, and Amazon, but there are a lot of other things happening in the cloud that we do not connect well enough to. This product could be improved with better connection to cloud-based solutions."
"It is an ancient product."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while Sentinel is ranked 18th in Security Information and Event Management (SIEM) with 15 reviews. Fortinet FortiSIEM is rated 7.6, while Sentinel is rated 7.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Sentinel writes "An automated solution that helped me detect threats in less than half the time it used to take". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas Sentinel is most compared with IBM Security QRadar, Splunk Enterprise Security, Google Chronicle Suite, Wazuh and LogRhythm SIEM. See our Fortinet FortiSIEM vs. Sentinel report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
