We performed a comparison between Fortinet FortiSIEM and Google Chronicle Suite based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"Sentinel pricing is good"
"The initial setup is very simple and straightforward."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The connectivity and analytics are great."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"Fortinet FortiSIEM is easy to use."
"The solution’s IP database is awesome."
"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely."
"Real-time monitoring makes life quite easy for me."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"Technical support is helpful."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same."
"What sets Chronicle apart from other solutions is its emphasis on threat hunting rather than solely serving as a monitoring tool."
"Google Chronicle Suite is a highly scalable solution with good search capabilities."
"The support team is responsive."
"The platform's most valuable features are multiple connectors and data output flexibility regarding dashboards and user experience."
"The product's most valuable feature is threat hunting. We can detect the threats directly from the console from the past data as well."
"Google Chronicle Suite provides useful APIs."
"The tool's most valuable feature is the search option, allowing easy navigation."
"The log folder is fairly simple."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The only thing is sometimes you can have a false positive."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"The solution could be more user-friendly; some query languages are required to operate it."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"The stability of the product is an area of concern where improvements are required."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"I would like to see more integration with other platforms."
"The log collection and configuration management are not great."
"They need to integrate better with Cisco and Palo Alto."
"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"The product's default dashboard feature has a few limitations regarding availability."
"The tool is complicated for a first-time user. It should also include newer APIs."
"In terms of improvement, the UI can be a bit challenging for beginners."
"A few areas are difficult to understand for someone who has less experience using the product."
"The configuration is not optimal."
"The solution's graphical user interface (GUI) should be more user-friendly."
"The tool needs to improve tasking packages. Its GUI needs to be improved. The product needs to include time-based filtration. We can only see the alert detection timeline now."
"The tool is a little bit difficult to use compared to Microsoft Sentinel."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while Google Chronicle Suite is ranked 28th in Security Information and Event Management (SIEM) with 8 reviews. Fortinet FortiSIEM is rated 7.6, while Google Chronicle Suite is rated 7.8. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Google Chronicle Suite writes "Swiftly navigates and analyzes extensive datasets without significant delays ". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas Google Chronicle Suite is most compared with Splunk Enterprise Security, AWS Security Hub, Sentinel and IBM Security QRadar. See our Fortinet FortiSIEM vs. Google Chronicle Suite report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
