We performed a comparison between Fortinet FortiSIEM and USM Anywhere based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. USM Anywhere is highly regarded for its extensive reporting capabilities, thorough vulnerability assessment, seamless file integration, and user-friendly management features. Fortinet FortiSIEM could benefit from better integration guides, more flexible reporting, and reduced resource consumption. Users also suggest adding more AI capabilities and improving database monitoring. USM Anywhere users have suggested improvements in self-service plugin management, database optimization, and third-party threat intelligence integration.
Service and Support: Some FortiSIEM customers consider Fortinet support to be satisfactory and efficient, while others were unhappy and thought the engineers could be more knowledgeable. Some users say that USM Anywhere's customer service is knowledgeable and responsive, while others have faced delays and incomplete answers.
Ease of Deployment: Some FortiSIEM users found it effortless to install within a day or two. Nonetheless, others encountered difficulties regarding CPU and memory requirements, as well as a lengthier deployment time. The initial setup for USM Anywhere is generally considered to be straightforward if the user has technical knowledge. Vendor assistance is also available during the deployment phase.
Pricing: FortiSIEM is generally regarded as reasonably priced and competitive. However, FortiSIEM may still be deemed costly in developing markets. USM Anywhere is seen as more cost-effective than premium solutions like IBM QRadar and Splunk, with pricing considered reasonable and relatively low.
ROI: Fortinet FortiSIEM has consistently delivered a positive return on investment for businesses. USM Anywhere has garnered favorable feedback regarding its ROI.
"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"The most valuable feature of Fortinet FortiSIEM is the correlation of many events."
"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"Both the collecting logs and duo correlation are valuable features for us."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"Every activity on the firewall is recorded, and notifications are sent with this solution."
"There are multiple tools for information security. The solution includes all the latest advances on the network and host intrusion detection systems."
"It has streamlined log aggregation and analysis to meet organizational and regulatory needs."
"The most valuable features of AT&T AlienVault USM are the ease of management and knowledge of what is on the network of my customers. It's easy to understand the problems, and management our alarms and events."
"As we have to service several servers, we can manage them in a economical way, which is beneficial to our team and business."
"The feature that I liked the most is that they have a vulnerability assessment package that comes along with the SIEM solution. So, whenever I find any threat or alert for any of the devices or servers, I could immediately initiate a vulnerability assessment scan on that machine. That is one of a kind. The price at which AlienVault operates is also valuable."
"Using the communication within the security device, it is easier to create plugins."
"AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable."
"Customer support service could be better."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"The log collection and configuration management are not great."
"Network detection and response is a separate product."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"The stability of the product is an area of concern where improvements are required."
"The challenge I face with Fortinet FortiSIEM is the lack of support."
"The price of AT&T AlienVault USM could be reduced."
"I've been using it just for my own personal upskilling in terms of how the product works. At the moment, it is pretty straightforward and simple, and it is working how it is supposed to. The feedback would come once it is deployed to customer sites. They'll be using it on a more frequent basis, and that's when the feedback would come in terms of the areas in which they're facing issues or are looking for simplicity."
"USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it."
"The solution already has quite good tools, however, they need better integration tools for linking with Office 365, Google Suite, and so on."
"AlienVault needs to continue to integrate with other third-party technologies that clients want to have monitored."
"For creating new rules, you have to be familiar with regular expressions. I feel there could be something built-in to make sure that process is easier."
"Sometimes the log is unclear, and the report is a bit ambiguous."
"Pay attention to false-positive event automatic correlations."
Fortinet FortiSIEM is ranked 10th in Security Information and Event Management (SIEM) with 65 reviews while USM Anywhere is ranked 13th in Security Information and Event Management (SIEM) with 113 reviews. Fortinet FortiSIEM is rated 7.6, while USM Anywhere is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of USM Anywhere writes "Easy to use and affordable". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Microsoft Sentinel and LogRhythm SIEM, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, IBM Security QRadar, Splunk Enterprise Security and Elastic Security. See our Fortinet FortiSIEM vs. USM Anywhere report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.