We performed a comparison between Fortinet FortiSIEM and Zabbix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The main benefit is the ease of integration."
"The pricing of the product is excellent."
"The machine learning and artificial intelligence on offer are great."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The CMDB and the device discovery features are most valuable."
"The product is quite well-organized. The GUI makes it easy to navigate."
"FortiSIEM provides a single PIN to monitor SOC and NOC. It's a nice tool for integration and monitoring. It provides multiple categories for monitoring based on security designations like low, medium, and high."
"The Threat Hunting feature provides complete traffic analysis."
"We find the solution to be stable."
"The product's initial setup phase was easy."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"Our customers also like that they don't have to use multiple modules. Micro Focus and major vendors typically require you to buy several modules and plugins. Our customers do not like that. We offer them a single product for all their monitoring needs."
"Templates are good. We download them from the official Zabbix site or the community. If the information we need isn't available, we create custom templates based on client requirements."
"The product is very stable."
"Zabbix is scalable."
"It is a great product. The SNMP protocol tracking feature is good. I really like how it tracks SNMP. The alerts are also great."
"The most valuable features are the monitoring and the ease with which we can set it up at customer sites with our custom Zabbix proxy and tools."
"Zabbix is very easy to implement."
"Simple network monitoring that is easy to install and manage."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"The product can be improved by reducing the cost to use AI machine learning."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"I would like to see more integration with other platforms."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate."
"The dashboard needs to improve."
"It would be good if the solution offered even more configuration options, especially in relation to the VPN so that it continues to be a very flexible option."
"The solution needs to add features for finding loopholes or problems and their root causes."
"I would like to see a more flexible mobile client, and better HA out of the box."
"It could be more stable."
"The product could be more secure and more stable."
"The System Center Operations Manager can be improved."
"An area for improvement would be the ease of doing aggregation from the value or different devices."
"Documentation terminology could be improved."
"I would like to better be able to monitor Oracle processes."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while Zabbix is ranked 1st in Network Monitoring Software with 101 reviews. Fortinet FortiSIEM is rated 7.6, while Zabbix is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and AlienVault OSSIM, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI. See our Fortinet FortiSIEM vs. Zabbix report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.