We performed a comparison between Fortinet FortiSIEM and Icinga based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"It's pretty powerful and its performance is pretty good."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."
"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."
"The solution’s IP database is awesome."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"FortiSIEM's log correlation is good."
"To add workers and even collectors is pretty easy."
"The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation."
"It is really easy in Icinga to create your own plugin and integrate it without any fuss. And it works just perfectly fine."
"An affordable solution for small organizations to do basic network monitoring."
"There's a module called Icinga Director, which helps us configure the product using an intuitive interface through clicks instead of creating a text configuration. It's very helpful for us."
"Icinga does the job and is fairly stable."
"Icinga has multiple automation and integration features. There is an API for everything and a web UI for configurations. The APIs enable you to automate tasks in Icinga. We can also use plugins to talk to the API. The Icinga Director talks to a database in the background, and you can import settings from the CMDB to all systems in Icinga."
"The drafts are easy but what I like about Icinga is that there are many add-ons that you can download."
"Macros and the ability to connect it to Google Maps are valuable features."
"This solution has a self-healing handler where if the service is down, it is automatically restarted."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"The only thing is sometimes you can have a false positive."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"The stability of the product is an area of concern where improvements are required."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"There is no proper guide for integration or configuration."
"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"The backup and recovery process for this solution needs improvement."
"The dashboard needs to improve."
"In general, the product does not look good. However, it does what it is supposed to do. So, the improvements should focus on usability and UI."
"The solution lacks many features important to higher-level IT management and network support."
"One thing that Icinga lacks is the capability to create advanced and customized dashboards within the tool itself."
"It needs Trap SNMP. I saw the documentation for Zabbix, that it has its own built-in product which handles SNMP traps, and there's nothing similar in Icinga or Nagios. I think this feature is most important for me."
"We have found some problems with Nagios, and support isn't very responsive."
"The tool currently fails to provide notifications to users."
"The user interface should be improved."
"Icinga is a complex solution that's hard to learn. It's a powerful product for monitoring, but new users will have a hard time figuring out what to do."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while Icinga is ranked 22nd in Network Monitoring Software with 16 reviews. Fortinet FortiSIEM is rated 7.6, while Icinga is rated 7.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Icinga writes "A stable, scalable and cost-effective solution that helps with inbuilt scripts for easy modification". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas Icinga is most compared with Zabbix, Checkmk, Nagios Core, Nagios XI and Centreon. See our Fortinet FortiSIEM vs. Icinga report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
