We performed a comparison between Fortinet FortiSIEM and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the anomaly-reporting alarms."
"To add workers and even collectors is pretty easy."
"It is used as an alerting platform."
"Analytics. It can provide log information from the device. With log information, I can see if there is a threat"
"It's very easy for anyone to work with."
"It's a very nice solution to work with."
"FortiSIEM provides a single PIN to monitor SOC and NOC. It's a nice tool for integration and monitoring. It provides multiple categories for monitoring based on security designations like low, medium, and high."
"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."
"Compared to other solutions, the user interface is good."
"The product’s most valuable feature is log monitoring."
"The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure."
"It enables us to detect malicious threats, issues, or vulnerabilities in our network."
"The most valuable feature is the correlation rules."
"The support I have received from the vendor has been great."
"It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints."
"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."
"Patching is not great - we're not getting the support we'd expect."
"The backup and recovery process for this solution needs improvement."
"There is no proper guide for integration or configuration."
"Not very good on non-API features, lacks that functionality."
"I would like to see easier implementation in the future."
"The process of installing Fortinet FortiSIEM and the customization of the alerts take too long."
"The stability of the product is an area of concern where improvements are required."
"The log collection and configuration management are not great."
"We acquired the IBM product because McAfee is slightly confusing to use, and it's broader."
"I would like to see fingerprint recognition included in the next release of this solution."
"The product’s alert response feature needs improvement. It could be more flexible and secure."
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."
"There should be support for multitenancy in the product."
"McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made."
"The only drawback is that they don't have any packet capturing or network behavior analysis."
"Product-wise, adding accounts on a single data source by batch would be a really great help."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while Trellix ESM is ranked 19th in Security Information and Event Management (SIEM) with 34 reviews. Fortinet FortiSIEM is rated 7.6, while Trellix ESM is rated 7.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Microsoft Sentinel and LogRhythm SIEM, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Microsoft Sentinel. See our Fortinet FortiSIEM vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.