We performed a comparison between Fortinet FortiSIEM and Nagios XI based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Free ingestion for Azure logs (with E5 licence)"
"The UI-based analytics are excellent."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The UI of Sentinel is very good and easy to use, even for beginners."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."
"Though I downplayed the administrative NCC GUI, this is by far the strongest aspect of the Nagios XI product."
"I can monitor a software made in-house to software of bigger companies."
"It is an open-source platform with valuable features for performance and stability."
"The most valuable feature is its support for different types of devices, where it can use all of the equipment that you need."
"The most useful aspect of this solution is the ability to customize it for the client agent."
"The most valuable feature is the dashboard, where I can have a single screen that provides a summary for hundreds of servers."
"The installation is no problem. I've installed Nagios several times."
"BPI: It allows defining peripherals to map business criticality for efficient monitoring, as required."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The on-prem log sources still require a lot of development."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"Not very good on non-API features, lacks that functionality."
"Network detection and response is a separate product."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"Our customers are noticing configuration available in the GUI interface and I think that they should be equal."
"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."
"FortiSIEM is not a market leader in the SIEM space."
"The reporting part should be made simpler. While we can obtain all the reports we need, we always have to create work-arounds to get them."
"The PNP4Nagios plugin not working easily with XI is an issue for me, because some open source monitoring plugins do not work out of the box. But in the end, you learn to live with it."
"The Configuration Wizard needs improvement, because not all vendors are present."
"They need more documentation for the plugins."
"I would like a much easier GUI so that I can delete events and logs, which will free up a lot of space."
"The technical support is variable - sometimes I get answers, but most of my tickets go unanswered."
"The product's stability could be even better."
"The way Nagios displays information isn't easy for a new user to understand. It's not intuitive enough. You need to read some tutorials or be trained to understand what it's displaying. Also, I think it needs more features to improve network visibility because there are some things you can't detect."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Nagios XI is ranked 8th in IT Infrastructure Monitoring with 54 reviews. Fortinet FortiSIEM is rated 7.6, while Nagios XI is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Nagios XI writes "Great for monitoring IT services infrastructure with nice tools and helpful notifications". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas Nagios XI is most compared with Zabbix, Nagios Core, PRTG Network Monitor, Wireshark and Icinga. See our Fortinet FortiSIEM vs. Nagios XI report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.