We performed a comparison between Fortinet FortiSIEM and SolarWinds NPM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"The seamless integration with FortiGate is the solution's most valuable aspect."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us."
"Fortinet FortiSIEM provides good detection against advanced threats."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"Analytics is the most valuable feature. The business service summaries in the dashboards and the correlations for the SIEM are also valuable features."
"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."
"As we look to add more servers to our virtual environment and to understand the impact, the solution allows us to dig into the historical charts related to capacity planning."
"It's a very good tool and a very stable tool."
"The most valuable features are language support and technical support."
"The most valuable feature is the graphical user interface."
"Technical support has always been great. They are very responsive. We've been satisfied with their level of support."
"The product covers our needs for the basic care and feeding of servers, whether they are physical or virtual."
"It combines and presents information from many different sources, giving a corporate-wide vision on a single pane of glass."
"The ability to quickly identify downtime is the most valuable."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The product can be improved by reducing the cost to use AI machine learning."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
"They should enhance the solution's AI capabilities, including XDR and EDR."
"There is no proper guide for integration or configuration."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"Time: A worldwide deployment can be confusing for dispersed users with non-local times. Each node should have a local time (with summer offset if appropriate) & each user should view & report in their local time."
"The root cause analysis and installation faults are not clear."
"The SolarWinds notification and alerting configuration could be simplified as it would be easier to find if it was within the NPM web application instead of in a separate client application."
"Application Performance Monitoring should be included in this solution."
"It has covered everything, so no improvement is required at their end. The only thing is the price."
"SolarWinds NPM needs to increase its elements. One polling engine can only support 10,000 elements then it becomes slow. There are limitations even if you have the full SLX version license."
"It is difficult for stakeholders to translate technical requirements, which results in difficulties selecting a platform or implementing a solution."
"GUI needs improvement with a more graphical dashboard."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while SolarWinds NPM is ranked 4th in Network Monitoring Software with 147 reviews. Fortinet FortiSIEM is rated 7.6, while SolarWinds NPM is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of SolarWinds NPM writes "High-level, comprehensive, and proactive monitoring in a user-friendly interface". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas SolarWinds NPM is most compared with Zabbix, PRTG Network Monitor, ManageEngine OpManager, ThousandEyes and Entuity. See our Fortinet FortiSIEM vs. SolarWinds NPM report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.