We compared Fortinet FortiAnalyzer and IBM Security QRadar based on our users' reviews in five categories. We reviewed all of the data, and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real time. QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. QRadar can be costly because users need to buy new hardware to upgrade.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. QRadar delivers a high return on investment, improving security through its advanced user behavior analytics.
"I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the issues with the network traffic such as any security issues to be valuable. I also like the compliance reports."
"The IBS (Intent Based Segmentation) and application web filtering are the most valuable aspects of the solution."
"The user interface is good and it is quite easy to use."
"Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine."
"The most important feature is to be able to get reports or information about the state of all firewalls."
"We use this functionality every day, and obtain reports on things like how many people are using the VPN, which websites are being accessed, and whether hackers are trying to penetrate into our network."
"It has a simplified and user-friendly interface."
"Storage in SSD helps in generating customized reports."
"IBM QRadar has improved my organization by introducing many functions. It collects logs from all of our systems in the organization and has functioned very well. It alerts and correlates the aggregate events or offenses we receive through all the applications we use."
"We've found the solution to be scalable."
"IBM QRadar is great help from its security event monitoring to data center and NOC troubleshooting of issues hard for other departments to spot."
"It's hard for me to pinpoint any one feature that's most valuable because it is all about consuming logs and analyzing them. We started using QRadar UBA because we needed something that could analyze Linux authentication information. Other products take care of the Windows platform."
"It has a powerful GUI where you can put together your use cases, and don't have to write your own scripts."
"Blocks of predefined conditions can be used to configure detection rules without having to write complicated script."
"I have found the most important features to be the flexibility, tech framework, and disk manager."
"No doubt about it, the solution is extremely stable."
"The technical support is not very good."
"It would be good if the product could provide data about the websites users visit."
"Fortinet FortiAnalyzer needs to have more out-of-the-box connectors for integration with other solutions."
"The FortiAnalyzer is not good at managing multi-version environments. If all your FortiGate are at different versions in the field, that's difficult. The one thing we didn't like is the fact you have to have 100% of your environment at the same release, which is not pleasant, to have it fully functional. You can have a different release, but to have it fully functional 100% of your environment has to be the same release."
"One of the main disadvantages is not having a direct link to the security policy when you see something in the log."
"The pricing could be better."
"We would like to see some improvement on the upgrade process around this solution. There are sometimes communication issues when a new version of the firewall is implemented, and it fails to report back to this product."
"Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues."
"Maybe there should be more custom rules in the exchange. Basically, we are using a lot of threat rules, so maybe they'll develop something like that."
"IBM Security QRadar lacks automated response. With this feature, there's no need to visit VirusTotal or other sites for IP reputation. There should be a small plug-in where users can click to retrieve details about the reputation and organization of public IP."
"Dashboards and reports could provide better visualization of SIEM activity."
"The custom rules could be simplified more or it should be possible to use a different language, other than the ones that the solution is already using. They should add other languages into the mix."
"The AI engine could be smarter."
"QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month."
"I would like to see the update process simplified."
"The solution is difficult to understand in the beginning and has complex management configurations that can be improved."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 87 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Fortinet FortiAnalyzer is rated 8.0, while IBM Security QRadar is rated 8.0. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Graylog, Grafana Loki and SolarWinds Kiwi Syslog Server, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Splunk User Behavior Analytics. See our Fortinet FortiAnalyzer vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.