We performed a comparison between Fortinet FortiSIEM and SolarWinds NPM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The machine learning and artificial intelligence on offer are great."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The automation feature is valuable."
"The connectivity and analytics are great."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"Both the collecting logs and duo correlation are valuable features for us."
"AccelOps can handle a lot of data and it's just so important to true monitoring. Also, I can create a lot of rules to detect anything I like."
"We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us."
"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"The solution is easy to use and user-friendly."
"Easy alert setup which enables different alerts in different categories."
"The event correlation is pretty robust. The GUI is pretty good."
"The solution ranks as one of the top five monitoring tools."
"There are a lot of options for customization of the dashboard, alerts, and reports."
"We had some interfaces where the SFP Ports were having some problems after a while. We found which of the SFP Ports was having the error and changed it, so the bandwidth become okay."
"The most valuable feature is the graphical user interface."
"It gives us a map of the network setup and one console to see the entire network."
"The initial setup is easy."
"It is very extensible with 'SWQL' and APIs to where we are beginning to integrate it with network automation."
"SolarWinds is reasonably priced."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"We are invoiced according to the amount of data generated within each log."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The dashboard needs to improve."
"There is no proper guide for integration or configuration."
"The biggest thing that could be better is a quicker response to support cases."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"FortiSIEM is not a market leader in the SIEM space."
"I would like to see easier implementation in the future."
"Consolidation of platforms would provide a smoother experience."
"SolarWinds could offer more support and insights for a broader range of devices. Currently, it focuses on routers, switches, and some load balancers. However, it lacks an out-of-the-box dashboard for monitoring firewalls and some other modern network security devices. We have to customize it a lot."
"A feature I would ask for is for them to have this solution available for Linux systems instead of Windows."
"The root cause analysis and installation faults are not clear."
"It would be good to have high security."
"The reporting is good, but I want it to be a little easier when creating custom reports. The reports are all on the website now, but it takes some know how to get some to display the way you would like."
"The solution is not always good with new features, so it's take a long time."
"The product is scalable, but at a cost. Extra modules have to be purchased for each extra server. The initial set up isn't complex, but will require someone who is experienced with the network monitoring system"
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while SolarWinds NPM is ranked 4th in Network Monitoring Software with 147 reviews. Fortinet FortiSIEM is rated 7.6, while SolarWinds NPM is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of SolarWinds NPM writes "High-level, comprehensive, and proactive monitoring in a user-friendly interface". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas SolarWinds NPM is most compared with Zabbix, PRTG Network Monitor, ManageEngine OpManager, ThousandEyes and Entuity. See our Fortinet FortiSIEM vs. SolarWinds NPM report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.