We performed a comparison between Fortinet FortiSIEM and Zabbix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"The initial setup is very simple and straightforward."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"To add workers and even collectors is pretty easy."
"The most valuable feature of Fortinet FortiSIEM is the correlation of many events."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"Analytics. It can provide log information from the device. With log information, I can see if there is a threat"
"During my testing, the features that I like the most are that it can be integrated with my system, and it provides me with reports of all of my servers."
"The flexible licensing model is one of the solution's most valuable aspects. It really allows for great flexibility for companies."
"It can send messages to our ticketing system."
"It has improved our server performance monitoring overall. We know right away when there are problems. It has built-in statistics, so we can go back and see if there's spiking. We can check what's happening every day around the same time and check the configuration to see if there's something that's running and needs to be fixed."
"Zabbix can use old data to current data to set the threshold. We can use previous data to set the threshold."
"The most valuable features are the monitoring and the ease with which we can set it up at customer sites with our custom Zabbix proxy and tools."
"Our customers also like that they don't have to use multiple modules. Micro Focus and major vendors typically require you to buy several modules and plugins. Our customers do not like that. We offer them a single product for all their monitoring needs."
"The most valuable feature is the monitoring of virtual machines."
"Sentinel's reporting is complex and can be more user-friendly."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"We'd like also a better ticketing system, which is older."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"The product can be improved by reducing the cost to use AI machine learning."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"Its training can be improved. Its price also needs to be improved."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"The dashboard needs to improve."
"There is no proper guide for integration or configuration."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"Patching is not great - we're not getting the support we'd expect."
"In terms of user-friendliness, large maps could be more interactive. We should be able to click on some areas and move some objects. It would make it simpler to see things while analyzing some dedicated parameters."
"The graphical user interface could be customized a little bit more, and also the dashboard could be more friendly."
"The solution needs to add remote features."
"The product could be more secure and more stable."
"It could be more stable."
"The user interface could be better."
"When using this solution in enterprise monitoring, you are able to see that there are some issues with equipment that could be causing a problem. Sometimes you want to make a root command that you do not want to be executed automatically. What we have tried to do is open an SSH session directly from the solution's interface but it is not possible."
"We had some scalability issues with a large number of nodes."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while Zabbix is ranked 1st in Network Monitoring Software with 101 reviews. Fortinet FortiSIEM is rated 7.6, while Zabbix is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and AlienVault OSSIM, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI. See our Fortinet FortiSIEM vs. Zabbix report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
