We performed a comparison between Fortinet FortiSIEM and PRTG Network Monitor based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Log aggregation and data connectors are the most valuable features."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"The automation feature is valuable."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely."
"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."
"FortiSIEM's log correlation is good."
"Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same."
"The CMDB and the device discovery features are most valuable."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"The most valuable feature is the notifications. As long as you spend time and think about what and when you want to be notified, it's always accurate. It is always there. I find things out before my Internet provider."
"The real-time monitoring and alerting are its most valuable features."
"The solution provides us with needed feedback on our IT infrastructure. It gives us really good quality of service when it comes to monitoring of available space and available resources. It allows us to preempt issues before they become a problem for the business."
"It is a very stable solution. There are no bugs, glitches and we have not experienced any crashing."
"Ability to create a dashboard inside software monitoring."
"The solution provides us response times to issues."
"The authentication links into our standard Active Directory authentication, which is very good."
"It is easy when it comes to dependencies of devices, so if your router goes down, the three or four switches behind it will automatically be paused so that you don't get multiple alerts."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The solution should allow for a streamlined CI/CD procedure."
"It could have a better API to be able to automate many things more extensively and get more extensive data and more expensive deployment possibilities. It can gain some points on the automation part and the integration part. The API is very limited, and I would like to see it extended a bit more."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire."
"They need to integrate better with Cisco and Palo Alto."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"I would like to see more integration with other platforms."
"Customer support service could be better."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"If PRTG could help me see the bandwidth for each host I have on my network, either for a wireless or a wired network, that would be very helpful."
"The free version only gives us 100 free sensors to use. It would be nice if there was double that."
"It would be good if there were better graphical interfaces when you have it on multiple monitors... Because we have so many servers, things can get lost in the fog a little bit. Maybe having a better way of showing different geographies, Flash, etc., would help."
"PRTG's application monitoring sensor is not strong."
"PRTG Network Monitor could improve the price."
"Performance-wise, PRTG Network Monitor still needs improvement because a large number of SNMPv3 queries reduces tool performance."
"They could improve the process of updating the license."
"Sometimes, it is difficult to drill down further to get information, e.g., if we saw spike in traffic, then we would want to drill down and find out what is causing that spike in traffic."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while PRTG Network Monitor is ranked 5th in Network Monitoring Software with 96 reviews. Fortinet FortiSIEM is rated 7.6, while PRTG Network Monitor is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of PRTG Network Monitor writes "It's an all-in-one solution, and net flow is included in the licensing ". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ManageEngine Log360, whereas PRTG Network Monitor is most compared with Zabbix, Centreon, Nagios XI, SolarWinds NPM and Auvik Network Management (ANM). See our Fortinet FortiSIEM vs. PRTG Network Monitor report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
