We performed a comparison between Fortinet FortiSIEM and Zabbix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI-based analytics are excellent."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The connectivity and analytics are great."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"Both the collecting logs and duo correlation are valuable features for us."
"We find the solution to be stable."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."
"To add workers and even collectors is pretty easy."
"The solution’s IP database is awesome."
"The most valuable feature is the alert and alarm monitoring."
"The performance and bandwidth are valuable features."
"The most valuable feature is the protocol to manage anything."
"The basic setup is very easy."
"The flexible licensing model is one of the solution's most valuable aspects. It really allows for great flexibility for companies."
"Zabbix has a roadmap and they are continuously and frequently adding new features."
"The most valuable feature is the support for monitoring Cisco switches."
"The most valuable feature is network traffic monitoring."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"The playbook is a bit difficult and could be improved."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"I would like to see more integration with other platforms."
"FortiSIEM is not a market leader in the SIEM space."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"Zabbix is powerful, but it is difficult to understand initially. There are many things that can be improved, but we might not be using Zabbix to its fullest extent. The software has more features than we need."
"I would like to remotely connect to the computer, and Zabbix doesn't have this capability."
"We would like to monitor other touchpoints such as ATM machines. It would be great if it can provide monitoring of ATM machines. Compatibility with other products would also be great."
"Documentation terminology could be improved."
"The product delivers false positives during reporting because of flapping. Other reasonably priced alternatives may have better performance."
"Outside of the normal standard monitoring, I would like to extend patching, importing patching, and supporting patching for Windows Servers."
"There is a bit of a learning curve during installation."
"If Zabbix had a better dashboard then it would be nice."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while Zabbix is ranked 1st in Network Monitoring Software with 100 reviews. Fortinet FortiSIEM is rated 7.6, while Zabbix is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and AlienVault OSSIM, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI. See our Fortinet FortiSIEM vs. Zabbix report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
