We performed a comparison between Fortinet FortiSIEM and Zabbix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The automation feature is valuable."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"The product is quite well-organized. The GUI makes it easy to navigate."
"FortiSIEM's log correlation is good."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"The CMDB and the device discovery features are most valuable."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"FortiSIEM's best features are the dashboards and customization."
"FortiSIEM is a great tool for making security processes transparent."
"The solution’s IP database is awesome."
"The level of discovery-based configuration that lets us auto-configure the monitoring for various systems is a valuable feature."
"Every new asset placed in the environment can be automatically detected, predicting human failures."
"The flexibility of this solution is amazing."
"We value the auto-host discovery, template import, bulk import/export features. Newer versions also add nice features, such as multi-IP per host."
"The template system in Zabbix is very beneficial as it saves time in configuration."
"It has improved our server performance monitoring overall. We know right away when there are problems. It has built-in statistics, so we can go back and see if there's spiking. We can check what's happening every day around the same time and check the configuration to see if there's something that's running and needs to be fixed."
"It's a flexible solution."
"Zabbix is a cost-effective solution. We're a small organization with a few dozen devices to monitor, and it was available for free. We can see what we need. We haven't done an in-depth analysis on it, but we're currently okay with the product."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"I think the number one area of improvement for Sentinel would be the cost."
"The AI capabilities must be improved."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"I would like to be able to monitor applications outside of the Azure Cloud."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."
"Our customers are noticing configuration available in the GUI interface and I think that they should be equal."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"When our team tried configuring logs for Microsoft SQL, it did not work."
"The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"They need to integrate better with Cisco and Palo Alto."
"The user interface could be a bit better. They could update it a bit."
"I would like to remotely connect to the computer, and Zabbix doesn't have this capability."
"The user interface could be better."
"The event correlation could be better."
"The dashboard and the graph section could be a little bit more professional."
"The product could be more secure and more stable."
"It could be more stable."
"There are some features of Zabbix that are not good for reporting. The DX Spectrum solution has better reporting."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while Zabbix is ranked 1st in Network Monitoring Software with 101 reviews. Fortinet FortiSIEM is rated 7.6, while Zabbix is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and AlienVault OSSIM, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI. See our Fortinet FortiSIEM vs. Zabbix report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.