We performed a comparison between Fortinet FortiSIEM and vRealize Network Insight based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The UI-based analytics are excellent."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The machine learning and artificial intelligence on offer are great."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"The main benefit is the ease of integration."
"It's very easy for anyone to work with."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"Easy alert setup which enables different alerts in different categories."
"Analytics. It can provide log information from the device. With log information, I can see if there is a threat"
"It's a very nice solution to work with."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"It's a very powerful, very manageable product."
"The most valuable feature is the profiling of the applications for micro-segmentation... It has made the migration to NSX much easier. Most of the sys admins within the smaller silos, they have no idea what ports are needed to run their stuff at all. I am pretty sure the micro-segmentation would never, ever have occurred without it."
"The best feature of this application is its ability to capture everything within the same application, as well as capture all the traffic."
"It gives the visibility that was either broken or there in pieces only. This solution provides a unified view of the whole system, back and forth. It has helped to reduce time to value, increase performance, more easily manage networks, and provide deep visibility."
"The initial setup was straightforward."
"The most valuable feature is the visualization. It's really handy to be able to classify network objects as with applications and see the interaction between them."
"We're a smaller company so it automates a lot of the tasks and lets us focus in on building out our own solution. It's quicker, there is less building of manual solutions, and less downtime. It allows our developers to quickly develop, get provisioning done, de-provisioning, etc; the stuff that you would expect to be able to make it streamlined."
"It helps a lot because, until now, we didn't have the tools to figure out the micro level, VM-to-VM kind of traffic; that was not in the current environment. We could not figure out VM-to-VM communication from the other tools. This is the tool which gives us end-to-end transparency."
"The product can be improved by reducing the cost to use AI machine learning."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"The only thing is sometimes you can have a false positive."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"Sentinel's reporting is complex and can be more user-friendly."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information."
"They need to integrate better with Cisco and Palo Alto."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"The graphs on the user interface could be improved as we often experience glitches."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"FortiSIEM is not a market leader in the SIEM space."
"Our customers are noticing configuration available in the GUI interface and I think that they should be equal."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"The only reason I would not give it a nine or a 10 is for cost reasons. It seems to be one of those things that really belongs as part of the product inherently and not as an add-on. That would be my only concern."
"The only issue we have is that the solution does not always capture the host names."
"The product is slightly complex use, while still being user-friendly. It could use more training modules, as it is not a straightforward product."
"The solution can be improved by making it more compatible with other brands, allowing for better integration."
"While it's not exactly a feature, what normally happens when we are trying to look at the VM flow portion is - although Network Insight does have options to integrate a few physical switches into it - we can't really get an end-to-end flow of the network. We might be using a few switches that are not supported by Network Insight. That is where they can improve, in the support for more physical switches and network devices."
"If it had some kind of plugins with vSphere, more effective plugins with Horizon View or other VMWare products, if it had interconnectivity, I think it would be more effective than it is today."
"The only real improvement they can make is to add more third-party vendors into the environment, mostly switch manufacturers, because it's really limited to Cisco equipment and there are a lot of companies out there other than Cisco."
"After you use it for a little while you become accustomed to it but the layout doesn't feel very intuitive. You have to dig around and find the exact place where you can find the information, where you can actually see your east-west traffic, etc. I would like them to bring that information more to the forefront, instead of having to find it."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while vRealize Network Insight is ranked 24th in IT Infrastructure Monitoring with 44 reviews. Fortinet FortiSIEM is rated 7.6, while vRealize Network Insight is rated 8.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of vRealize Network Insight writes "Provides deep analytical insights and makes migrations efficient with dependency mapping". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas vRealize Network Insight is most compared with ThousandEyes, NETSCOUT vSTREAM, AppNeta by Broadcom, Zabbix and VMware Aria Operations for Applications. See our Fortinet FortiSIEM vs. vRealize Network Insight report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
