We performed a comparison between Fortinet FortiSIEM and ThousandEyes based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The automation feature is valuable."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"Free ingestion for Azure logs (with E5 licence)"
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"The stability is very reliable. It offers very good performance."
"FortiSIEM is a great tool for making security processes transparent."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"We have many application systems, and I can set up Fortinet FortiSIEM for users to monitor their systems."
"The installation process is not hard at all."
"The most valuable feature of ThousandEyes is user-friendliness. It has been essential for us to have a solution that is easy to use."
"The most valuable aspect of the solution was the ability to see how the connection quality is between the sites and get an alert if it was turning bad."
"From our perspective, ThousandEyes stands out as an invaluable tool because of its deep and extensive capabilities."
"ThousandEyes gives companies better visibility."
"The company provides excellent service."
"The solution's initial setup process was straightforward...In terms of ROI, the solution is worth the money."
"The authentication overall - including to the VPN and LAN - is excellent."
"The only thing is sometimes you can have a false positive."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"One key area that can be improved is by building a strong integration with our XDR platform."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"I think the number one area of improvement for Sentinel would be the cost."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
"The performance can be improved. Sometimes it takes a long time to fetch data."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"There is room for improvement in terms of customization and user-friendliness."
"It would be nice if the solution covered other areas like server monitoring."
"The guest portal is hard to use."
"It's an expensive solution."
"It might be practical to extend monitoring capabilities to include network devices"
"Presently, it lacks the ability to integrate with other Cisco products."
"I would like the product to offer more agility."
"ThousandEyes could improve the dashboards by adding more features."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while ThousandEyes is ranked 12th in Network Monitoring Software with 11 reviews. Fortinet FortiSIEM is rated 7.6, while ThousandEyes is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of ThousandEyes writes "Reliable. simple to set up, and offers fast monitoring capabilities". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and PRTG Network Monitor, whereas ThousandEyes is most compared with Cisco Secure Network Analytics, Accedian Skylight, Dynatrace, SolarWinds NPM and LiveAction LiveNX.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
