• Home
  • Fortinet FortiAnalyzer vs. IBM Security QRadar

Fortinet FortiAnalyzer vs IBM Security QRadar comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo
Fortinet FortiAnalyzer
Read 87 Fortinet FortiAnalyzer reviews
9,888 views|5,537 comparisons
91% willing to recommend
IBM Logo
IBM Security QRadar
Read 198 IBM Security QRadar reviews
15,094 views|9,166 comparisons
91% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Fortinet FortiAnalyzer vs. IBM Security QRadar
April 2024
Executive Summary
Updated on Jul 23, 2023

We compared Fortinet FortiAnalyzer and IBM Security QRadar based on our users' reviews in five categories. We reviewed all of the data, and you can find the conclusion below.

  • Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real time. QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture.

  • Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses.

  • Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set.

  • Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. QRadar can be costly because users need to buy new hardware to upgrade.

  • ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. QRadar delivers a high return on investment, improving security through its advanced user behavior analytics.

Conclusion: QRadar provides a comprehensive view of the network, SIEM, network flows, and risk management. It is robust and highly available, making it suitable for large companies with critical infrastructure. Users appreciate its user-friendly interface with customizable and easy-to-use features. QRadar's ability to analyze event logs and offer security consults, along with its competitive pricing and pre-defined rules and use cases, make it a flexible and valuable product.
To learn more, read our detailed Fortinet FortiAnalyzer vs. IBM Security QRadar Report (Updated: April 2024).
Download the complete report
772,567 professionals have used our research since 2012.
Featured Review
Adriaan Boshoff
Provides detailed reporting, customizable dashboards, and an easy deployment
Fortinet FortiAnalyzer assists in showcasing the value of Fortinet and facilitates the upselling of additional Fortinet products to our customers.
Andris Soroka
Researched Fortinet FortiAnalyzer but chose IBM Security QRadar: Best price-performance ratio, good scalability, and easy to set up
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the issues with the network traffic such as any security issues to be valuable. I also like the compliance reports.""The IBS (Intent Based Segmentation) and application web filtering are the most valuable aspects of the solution.""The user interface is good and it is quite easy to use.""Log collection is the most valuable. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.""The most important feature is to be able to get reports or information about the state of all firewalls.""We use this functionality every day, and obtain reports on things like how many people are using the VPN, which websites are being accessed, and whether hackers are trying to penetrate into our network.""It has a simplified and user-friendly interface.""Storage in SSD helps in generating customized reports."

More Fortinet FortiAnalyzer Pros →

"IBM QRadar has improved my organization by introducing many functions. It collects logs from all of our systems in the organization and has functioned very well. It alerts and correlates the aggregate events or offenses we receive through all the applications we use.""We've found the solution to be scalable.""IBM QRadar is great help from its security event monitoring to data center and NOC troubleshooting of issues hard for other departments to spot.""It's hard for me to pinpoint any one feature that's most valuable because it is all about consuming logs and analyzing them. We started using QRadar UBA because we needed something that could analyze Linux authentication information. Other products take care of the Windows platform.""It has a powerful GUI where you can put together your use cases, and don't have to write your own scripts.""Blocks of predefined conditions can be used to configure detection rules without having to write complicated script.""I have found the most important features to be the flexibility, tech framework, and disk manager.""No doubt about it, the solution is extremely stable."

More IBM Security QRadar Pros →

Cons
"The technical support is not very good.""It would be good if the product could provide data about the websites users visit.""Fortinet FortiAnalyzer needs to have more out-of-the-box connectors for integration with other solutions.""The FortiAnalyzer is not good at managing multi-version environments. If all your FortiGate are at different versions in the field, that's difficult. The one thing we didn't like is the fact you have to have 100% of your environment at the same release, which is not pleasant, to have it fully functional. You can have a different release, but to have it fully functional 100% of your environment has to be the same release.""One of the main disadvantages is not having a direct link to the security policy when you see something in the log.""The pricing could be better.""We would like to see some improvement on the upgrade process around this solution. There are sometimes communication issues when a new version of the firewall is implemented, and it fails to report back to this product.""Their in-house technical support is extremely slow to respond. We have our own in-house team to manage issues so clients don't have to wait over two weeks for a response to issues."

More Fortinet FortiAnalyzer Cons →

"Maybe there should be more custom rules in the exchange. Basically, we are using a lot of threat rules, so maybe they'll develop something like that.""IBM Security QRadar lacks automated response. With this feature, there's no need to visit VirusTotal or other sites for IP reputation. There should be a small plug-in where users can click to retrieve details about the reputation and organization of public IP.""Dashboards and reports could provide better visualization of SIEM activity.""The custom rules could be simplified more or it should be possible to use a different language, other than the ones that the solution is already using. They should add other languages into the mix.""The AI engine could be smarter.""QRadar UBA only keeps the data for a short while (it's refreshed every five minutes) and would be improved if this were extended to a week or month.""I would like to see the update process simplified.""The solution is difficult to understand in the beginning and has complex management configurations that can be improved."

More IBM Security QRadar Cons →

Pricing and Cost Advice
  • "Its worth spending on FortiAnalyzer if you have multiple firewalls in your network."
  • "The hardware cost and services contract are fair."
  • "​It depends upon the company.​"
  • "The cost and pricing should be in accordance with the calculation of log storage capacity for a time period required for historical analysis."
  • "All Fortinet programs come at a good price."
  • "We have several products including Fortinet Wireless, FortiGate Firewalls, and FortiAnalyzer, which are bundled together and cost approximately $50,000 USD annually."
  • "We have around 12 devices and yearly we spend approximately $14,000."
  • "The price is quite expensive. Fortinet products are very expensive. That is something which they should also look at, because if you compare Fortinet product to, say, Sophos for example, Fortinet is really high and that's the only thing which is a drawback for most users."

    • More Fortinet FortiAnalyzer Pricing and Cost Advice →

  • "found other solutions, with more features at the same cost or less. You don’t have to leave the Gartner Magic Quadrant to beat their price."
  • "Most of the time, it is easier and cheaper to buy a new product or the QRadar box."
  • "IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much."
  • "IBM's Qradar is not for small companie. Unfortunately, it would be 'overkill' to place it plainly. The pricing would be too much."
  • "Go through a vulnerability assessment review for price breaks. A virtualized solution will also cut down on cost."
  • "It is expensive. It is not a product that I can provide for SMBs. It is a program that I can only provide for really large enterprises."
  • "The maintenance costs are high."
  • "Pricing (based on EPS) will be more accurate."

    • More IBM Security QRadar Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    772,567 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    Qradar vs. ArcSight
    Continuing with the SIEM posts we have done at Infosecnirvana, this post is a Head to head comparison of the two Industry leading SIEM products in the market – HP ArcSight and IBM QRadar Both the products have consistently been in the Gartner Leaders Quadrant. Both HP and IBM took over niche SIEM players and have made themselves relevant in the SIEM market. We have worked on both the products and feel that this comparison is a good way to start the discussion rolling on features of both the products and how they approach the problem of Security Information & Event Management. Okay, let’s get started!!! ArcSight vs QRadar Subject ArcSight QRadar Product Birth Year 2000, ArcSight SIEM came into the market and incidentally this was the only product they have worked on. In 2011 HP bought them Year 2004-2005, Q1 Labs entered into the SIEM market modifying their NBAD platform (QFLOW) and in 2012, IBM bought them. Logging Format CEF – Common Event Format LEEF – Log Event Extended Format Underlying DB Oracle till 2012, then combination of MySQL, PSQL etc. Proprietary based on Ariel Data store and probably Annotation Query Language (AQL) Vendor Support ArcSight supports more than 400 vendors with their CEF certification program QRadar supports more than 250 vendors with their LEEF certification program Portfolio Log Correlation – HP ArcSight ESM Log Management – HP ArcSight Logger Identity… Read more →
    Questions from the Community
    What do you like most about Fortinet FortiAnalyzer?
    Top Answer:The reporting features, which offer customization, real-time insights, and compliance support, are particularly noteworthy aspects.
    Read all 49 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiAna...
    Top Answer:I rate Fortinet FortiAnalyzer's pricing as five out of ten.
    Read all 40 answers   →
    What needs improvement with Fortinet FortiAnalyzer?
    Top Answer:Fortinet FortiAnalyzer needs to improve its pricing flexibility.
    Read all 52 answers   →
    What are the biggest differences between Securonix UEBA, Exabeam, and IBM...
    Top Answer:It mostly depends on your use-cases and environment. Exabeam and Securonix have a stronger UEBA feature set, friendlier GUI and are not licensed based on capacity (amount of logs and information… more »
    Read all 2 answers   →
    What SOC product do you recommend?
    Top Answer:For tools I’d recommend:  -SIEM- LogRhythm -SOAR- Palo Alto XSOAR Doing commercial w/o both (or at least an XDR) is asking to miss details that are critical, and ending up a statistic. Also,… more »
    Read all 12 answers   →
    What do you like most about IBM QRadar?
    Top Answer:The event collector, flow collector, PCAP and SOAR are valuable.
    Read all 88 answers   →
    Ranking
    8th
    out of 95 in Log Management
    Views
    9,888
    Comparisons
    5,537
    Reviews
    38
    Average Words per Review
    415
    Rating
    8.0
    6th
    out of 95 in Log Management
    Views
    15,094
    Comparisons
    9,166
    Reviews
    29
    Average Words per Review
    487
    Rating
    7.6
    Comparisons
    Also Known As
    IBM QRadar, QRadar SIEM, QRadar UBA, QRadar on Cloud, QRadar, IBM QRadar User Behavior Analytics, IBM QRadar Advisor with Watson
    Learn More
    Fortinet
    IBM
    Overview

    Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.

    Fortinet FortiAnalyzer Features

    Fortinet FortiAnalyzer has many valuable key features. Some of the most useful ones include:

    • Advanced threat detection capabilities
    • Centralized security analytics
    • End-to-end security posture awareness
    • Integration with FortiGate NGFWs, FortiClient, FortiSandbox, FortiWeb, and FortiMail
    • Incident detection and response
    • Playbook automation
    • Event management
    • Security services
    • Analytics and reporting

    Fortinet FortiAnalyzer Benefits

    There are many l benefits to implementing Fortinet FortiAnalyzer. Some of the biggest advantages the solution offers include:

    • Flexible deployment options
    • Enterprise-grade high availability
    • Security automation to reduce complexity, leveraging REST API, scripts, connectors, and automation stitches
    • Multi-tenancy solution with quota management, leveraging (ADOMs) to separate customer data and manage domains for operational effectiveness and compliance

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Fortinet FortiAnalyzer solution.

    PeerSpot user Imad A., Group IT Manager at a manufacturing company, says, “You can monitor all appliances from a centralized location. You have a front dashboard for all our operations and all the logs. If you need to search for anything you can just dig deep into the logs. The solution offers excellent customizable reports. In our case, we needed a monthly report of all internet consumption, and we were able to easily create this.” He goes on to add, “There are pre-defined templates. The logs cover any question or need that we populate within these templates. However, you can also build your own template. There is great analytics that can be used in different departments. For example, our marketing department can go more into media patterns and not just into browsing patterns. Everything is easily visible and can be tracked and studied.”

    Luis G., Systems Architect at Zentius, mentions, “Log collection is the most valuable [feature]. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.”

    Rupsan S., Technical Presales Engineer at Dristi Tech Pvt.ltd., comments, "The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."

    Dilip S., Regional Head at Mass Infonet (P) Ltd., explains, “With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer. The solution is very complete. The product is very simple to use. It's regularly updated with many versions constantly adding more content and information. The solution has sandboxing, IPS, and DPS as well. The solution allows for a lot of customization.”

    IBM Security QRadar is a security and analytics platform designed to defend against threats and scale security operations. This is done through integrated visibility, investigation, detection, and response. QRadar empowers security groups with actionable insights into high-priority threats by providing visibility into enterprise security data. Through centralized visibility, security teams and analysts can determine their security stance, which areas pose a potential threat, and which areas are critical. This will help streamline workflows by eliminating the need to pivot between tools.

    IBM Security QRadar is built to address a wide range of security issues and can be easily scaled with minimal customization effort required. As data is ingested, QRadar administers automated, real-time security intelligence to swiftly and precisely discover and prioritize threats. The platform will issue alerts with actionable, rich context into developing threats. Security teams and analysts can then rapidly respond to minimize the attackers' strike. The solution will provide a complete view of activity in both cloud-based and on-premise environments as a large amount of data is ingested throughout the enterprise. Additionally, QRadar’s anomaly detection intelligence enables security teams to identify any user behavior changes that could be indicators of potential threats. 

    IBM QRadar Log Manager

    To better help organizations protect themselves against potential security threats, attacks, and breaches, IBM QRadar Log Manager gathers, analyzes, preserves, and reports on security log events using QRadar Sense Analytics. All operating systems and applications, servers, devices, and applications are converted into searchable and actionable intelligent data. QRadar Log Manager then helps organizations meet compliance reporting and monitoring requirements, which can be further upgraded to QRadar SIEM for a more superior level of threat protection.

    Some of QRadar Log Manager’s key features include:

    • Data processing and capture on any security event
    • Disaster recovery options and high availability 
    • Scalability for large enterprises
    • SoftLayer cloud installation capability
    • Advanced threat protection

    Reviews from Real Users

    IBM Security QRadar is a solution of choice among users because it provides a complete solution for security teams by integrating network analysis, log management, user behavior analytics, threat intelligence, and AI-powered investigations into a single solution. Users particularly like having a single window into their network and its ability to be used for larger enterprises.

    Simon T., a cyber security services operations manager at an aerospace/defense firm, notes, "The most valuable thing about QRadar is that you have a single window into your network, SIEM, network flows, and risk management of your assets. If you use Splunk, for instance, then you still need a full packet capture solution, whereas the full packet capture solution is integrated within QRadar. Its application ecosystem makes it very powerful in terms of doing analysis."

    A management executive at a security firm says, "What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value."

    Sample Customers
    General Directorate of Information Technology
    Clients across multiple industries, such as energy, financial, retail, healthcare, government, communications, and education use QRadar.
    Top Industries
    REVIEWERS
    Comms Service Provider19%
    Computer Software Company15%
    Manufacturing Company15%
    Financial Services Firm13%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Government8%
    Comms Service Provider8%
    Manufacturing Company7%
    REVIEWERS
    Financial Services Firm23%
    Computer Software Company15%
    Comms Service Provider10%
    Security Firm6%
    VISITORS READING REVIEWS
    Educational Organization18%
    Computer Software Company15%
    Financial Services Firm10%
    Government6%
    Company Size
    REVIEWERS
    Small Business51%
    Midsize Enterprise22%
    Large Enterprise27%
    VISITORS READING REVIEWS
    Small Business28%
    Midsize Enterprise21%
    Large Enterprise51%
    REVIEWERS
    Small Business39%
    Midsize Enterprise15%
    Large Enterprise45%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise30%
    Large Enterprise49%
    Buyer's Guide
    Fortinet FortiAnalyzer vs. IBM Security QRadar
    April 2024
    Free Report: Fortinet FortiAnalyzer vs. IBM Security QRadar
    Find out what your peers are saying about Fortinet FortiAnalyzer vs. IBM Security QRadar and other solutions. Updated: April 2024.
    DOWNLOAD NOW
    772,567 professionals have used our research since 2012.

    Fortinet FortiAnalyzer is ranked 8th in Log Management with 87 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Fortinet FortiAnalyzer is rated 8.0, while IBM Security QRadar is rated 8.0. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Graylog, Grafana Loki and SolarWinds Kiwi Syslog Server, whereas IBM Security QRadar is most compared with Splunk Enterprise Security, Microsoft Sentinel, Wazuh, LogRhythm SIEM and Splunk User Behavior Analytics. See our Fortinet FortiAnalyzer vs. IBM Security QRadar report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.