We performed a comparison between Fortinet FortiSOAR and McAfee ePolicy Orchestrator based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI-based analytics are excellent."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"The solution is easy to implement and includes 450 built-in connectors."
"It's great that the solution is integrated with FortiAnalyzer."
"It is a scalable solution...The implementation phase of the product was not tough or difficult."
"The product can be automated for network security purposes. The solution offers a great security automation response."
"It has a quick detection and response time."
"We use the product for security."
"The good news is that FortiSOAR is not hard to maintain. If you prepared well and deployed strong initially, then maintenance will take half an hour every other week, not more than that. A single person can do it."
"The most valuable feature of Fortinet FortiSOAR is the number of available connectors and the simplicity to start to automate."
"Their support is really good. I would rate it a nine out of ten. I have never any issues with their support. They always reply and follow our queries on time."
"The central management console is the solution's most valuable aspect."
"We get fewer false positives than with other solutions."
"The general endpoint protection is valuable, and it is easy to manage."
"It is a scalable solution...I rate its scalability a nine out of ten."
"Technical support is very helpful."
"What I like the most is the ability to manage centrally, to manage the various devices, the platform, and the endpoint, all from one console."
"The most valuable features of McAfee ePolicy Orchestrator are the easy-to-use console, and lots of reports, such as customized reports and inventory reports. Additionally, overall the centralized management is very good where you can see the compliance levels and inventory."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"I would like to be able to monitor applications outside of the Azure Cloud."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"One key area that can be improved is by building a strong integration with our XDR platform."
"I think the number one area of improvement for Sentinel would be the cost."
"The technology and integrations are important so should continue to be enhanced."
"The UI design of the solution needs to be changed since it can get difficult for a newbie to operate."
"Fortinet FortiSOAR should improve its analysis."
"Fortinet FortiSOAR's dashboard is not easy to understand."
"Fortinet's tech support overall is not great when they are at their best."
"I have found that Fortinet FortiSOAR needs a lot of improvement. The Orchestration needs to be improved."
"I don't currently see where the solution is lacking features. For us and for our clients it works very well and we're pleased with it."
"Fortinet FortiSOAR should add more documentation for some use cases."
"The impact of the agent on the endpoint's performance - the resources it takes. Additionally, the difficulties we experience with inheriting and breaking inheritance on the organization's structure breakdown for policy inheritance and then for rules inheritance. We are actually struggling with this."
"Features such as full drive encryption are lacking in the cloud version."
"We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform."
"There is a problem when it comes to agent communication and duplicate records, where the rebooting of a machine leads to the installation of a new agent and you get a lot of duplicate records that ultimately affect your compliance monitoring."
"McAfee ePolicy Orchestrator could improve by supporting container microservices, such as Docker and Kubernetes."
"One thing that I don't like is that McAfee products change very often and upgrade very often."
"McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors."
"Sometimes agents hang. We have to reinstall the agents."
Fortinet FortiSOAR is ranked 10th in Security Orchestration Automation and Response (SOAR) with 11 reviews while McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 39 reviews. Fortinet FortiSOAR is rated 7.4, while McAfee ePolicy Orchestrator is rated 8.0. The top reviewer of Fortinet FortiSOAR writes "A stable solution that has a number of available connectors and is simple to automate". On the other hand, the top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". Fortinet FortiSOAR is most compared with Palo Alto Networks Cortex XSOAR, Splunk SOAR, Swimlane, Cisco SecureX and SECDO Platform, whereas McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Symantec Data Loss Prevention, Zscaler DLP, Forcepoint Data Loss Prevention and Trend Micro Integrated Data Loss Prevention. See our Fortinet FortiSOAR vs. McAfee ePolicy Orchestrator report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.