We compared Fortinet FortiAnalyzer and IBM Security QRadar based on our users' reviews in five categories. We reviewed all of the data, and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real time. QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. QRadar can be costly because users need to buy new hardware to upgrade.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. QRadar delivers a high return on investment, improving security through its advanced user behavior analytics.
"The solution provides good standardized reports and is easy to troubleshoot."
"Storage in SSD helps in generating customized reports."
"Log View is the most valuable part for us, as we can view logs from different Fortigates on a single GUI."
"The ability to gather all gateway information and logs in a single location is the most valuable feature."
"We use the solution for enterprise firewalls, URL filtering, and SD-WAN."
"The most valuable features of Fortinet FortiAnalyzer are the dashboards and supporting services."
"Many of my clients are financial institutions that transmit files from around the country across a VPN. In a setup like this, it's helpful to have a centralized dashboard to manage firewalls and other security solutions across a distributed environment. You can do all sorts of analysis and configure it to trigger alarms."
"The log events are quite useful for us."
"Vulnerability detection is the most valuable feature. It's the tool that finds the threats."
"It is really helpful to us from the compliance point of view."
"There are a lot of great out-of-the-box features included."
"The features that I have found most valuable in QRadar are its data enrichment, use case creations, and adding references - those kinds of features are very good. Also QRadar's event filtration and device integration are perfect."
"The solution is easy to use, manage, and review all incidents."
"It has a lot of good correlation rules. From a customer's point of view, it is one of the best solutions because you don't need to create correlation rules from scratch. You just review them and customize them as you want."
"Integrations are quite a useful and key feature of this solution. It has integration with the CVSS score, which is a central point for all the data and scores about the threats. There is an IBM Bluemix dashboard that is integrated with the CVSS score."
"There are other third-party plugins that we can use."
"The solution should be more price competitive."
"The UI could use some improvement. It can be tough for a beginner to navigate because you don't know what to do even if you read the guide. I've talked to some users who said that they couldn't figure out what to do even after looking at the documentation."
"The cost of FortiAnalyzer could be cheaper, especially when you are installing to a VM. For 90 percent of customers, the VM solution is enough."
"Our organization wants the solution to be able to provide us access to a centralized dashboard that displays a log view for all firewalls under Fortinet FortiAnalyzer."
"The solution can improve the incident response function to provide more detailed information on where the incident is originating."
"The integration with other vendors for log collection could be enhanced."
"I don't find Fortinet FortiAnalyzer to be as robust as Check Point Security Management."
"FortiAnalyzer's price could be lower."
"There is room for improvement in IBM QRadar in integrating features for SOC maturity and security levels directly into QRadar."
"I have noticed a few things while working on this. After the restart of the server, sometimes, the services misbehave, and you need to manually start or restart the service. I have seen that specifically with the Tomcat service. Sometimes, when you click on log sources, instead of opening the log source extension, it redirects you over the internet."
"The solution is highly used here in Pakistan and in many sectors, they could improve it by having more SIEM connectors."
"We have had problems with networking."
"Some of the cloud apps need improvement."
"I would like to see a better GUI."
"Do your research before implementing it, because it is tough to implement."
"I don't give it a 10 because it is something we have to request. I would love it if UBA was included out of the box like Microsoft."
Fortinet FortiAnalyzer is ranked 7th in Log Management with 87 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Fortinet FortiAnalyzer is rated 8.0, while IBM Security QRadar is rated 8.0. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Grafana Loki, Graylog and SolarWinds Kiwi Syslog Server, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh and LogRhythm SIEM. See our Fortinet FortiAnalyzer vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.