We performed a comparison between Fortinet FortiSIEM and Zabbix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Log aggregation and data connectors are the most valuable features."
"Free ingestion for Azure logs (with E5 licence)"
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The pricing of the product is excellent."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"AccelOps can handle a lot of data and it's just so important to true monitoring. Also, I can create a lot of rules to detect anything I like."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"Analytics is the most valuable feature. The business service summaries in the dashboards and the correlations for the SIEM are also valuable features."
"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely."
"The integration with third-party tools and the alerts are most valuable."
"The integration capabilities and APIs are the best part."
"Zabbix helps to save time."
"The most valuable feature is the support for monitoring Cisco switches."
"The solution allows you to configure and customize how you want to collect information from servers or other systems."
"It is a great product. The SNMP protocol tracking feature is good. I really like how it tracks SNMP. The alerts are also great."
"We have found that Zabbix is more easy to use than other applications."
"The most valuable feature is monitoring."
"The reporting could be more structured."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"The playbook is a bit difficult and could be improved."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"Not very good on non-API features, lacks that functionality."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"The log collection and configuration management are not great."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"Patching is not great - we're not getting the support we'd expect."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information."
"Zabbix claims that there is an auto-discovery process but my team member was facing difficulty and was told that it's not really automatic, and there are some manual steps."
"We would like to monitor other touchpoints such as ATM machines. It would be great if it can provide monitoring of ATM machines. Compatibility with other products would also be great."
"The documentation gets a bit messy between versions and is not too detailed, which is a bit painful for first-timers, especially when they run into issues."
"The user interface could be better."
"My company wanted to do an exercise command to access IT from Cameroon. They wanted to access an FSS to a second host with second equipment that was on another coast but it is not possible on Zabbix to do it. They want to directly access from the front-end of Zabbix to access a prompt in Zabbix to an access terminal. In the front-end, there is no way to do that. That would be an important improvement."
"Implementing Zabbix is difficult. I've deployed many solutions over the years, and Zabbix is the hardest to implement. You have to do some development to get it to work with IBM, Micro Focus, or HP products."
"The event correlation could be better."
"Zabbix technical support is sold separately."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while Zabbix is ranked 1st in Network Monitoring Software with 100 reviews. Fortinet FortiSIEM is rated 7.6, while Zabbix is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and AlienVault OSSIM, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI. See our Fortinet FortiSIEM vs. Zabbix report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
