We performed a comparison between Fortinet FortiSOAR and McAfee ePolicy Orchestrator based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution offers a lot of data on events. It helps us create specific detection strategies."
"Log aggregation and data connectors are the most valuable features."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"While Microsoft Sentinel provides a log of security events, its true power lies in its integration with Microsoft Defender."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The main benefit is the ease of integration."
"The analytic rule is the most valuable feature."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The solution is easy to implement and includes 450 built-in connectors."
"The initial setup is straightforward."
"The good news is that FortiSOAR is not hard to maintain. If you prepared well and deployed strong initially, then maintenance will take half an hour every other week, not more than that. A single person can do it."
"We use the product for security."
"It has a quick detection and response time."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"It's great that the solution is integrated with FortiAnalyzer."
"We implemented data transfer protection, which allows transfer in one direction only. Users can copy from the PC to the USB but not from the USB to the PC. That way, if someone is carrying a virus on a USB, it will not be transferred to the PC."
"McAfee is helping us to clean all of the viruses from the machines, protecting our desktops from the latest threats."
"The security is a key feature and the console is very user friendly."
"The valuable feature of the McAfee ePolicy Orchestrator is the management of the policies."
"We get fewer false positives than with other solutions."
"The central manager policy means we have almost all client modules in one solution."
"It is a highly scalable solution. Scalability-wise, I rate the solution a ten out of ten."
"The best part is management in McAfee ePolicy Orchestrator."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"The area that needs improvement is integration with multiple third-party vendors."
"The solution doesn't connect well with the network devices."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"The technology and integrations are important so should continue to be enhanced."
"Fortinet's tech support overall is not great when they are at their best."
"Fortinet FortiSOAR should improve its analysis."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors."
"One thing that I don't like is that McAfee products change very often and upgrade very often."
"There are some issues we are having with updating our Windows server. So we need to contact support or access our support portal."
"There is a problem when it comes to agent communication and duplicate records, where the rebooting of a machine leads to the installation of a new agent and you get a lot of duplicate records that ultimately affect your compliance monitoring."
"Sometimes agents hang. We have to reinstall the agents."
"The issues with the integration capabilities of the product, specifically the ones that are deployed on an on-premises model, need to be improved."
"There should be more insights and completeness into the cyber kill chain, similar to CrowdStrike and SentinelOne. It just seems a little outdated in being 100% signature-based without all of the insights and protections that come with CrowdStrike and SentinelOne. Overall, they've got some catching up to do if they plan to compete in the comprehensive EDR space."
"The installation process is quite difficult and requires technical support."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 12 reviews while McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 39 reviews. Fortinet FortiSOAR is rated 7.4, while McAfee ePolicy Orchestrator is rated 8.0. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, ServiceNow Security Operations and Cisco SecureX, whereas McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Symantec Data Loss Prevention, Zscaler DLP, Elastic Security and Trend Micro Integrated Data Loss Prevention. See our Fortinet FortiSOAR vs. McAfee ePolicy Orchestrator report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.