Fortinet FortiSIEM (AccelOps) Review

We like the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation.


Improvements to My Organization

There are several examples, but the flexibility in reporting and alerting has given us the ability to have numerous teams be alerted for various security situations affecting each team's responsibilities.

Valuable Features

The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation. The logs and search engine are also valuable features.

Room for Improvement

Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome.

Additionally, lately there have been releases which have broken existing functions. This directly relates to support being an area that also needs improvement.

Stability Issues

In general, the system is stable.

Scalability Issues

We had to deploy several workers to keep up with event collection. This was one reason that the AO agent was developed and released -- to reduce the load on the managers and workers.

Customer Service and Technical Support

Customer Service:

Customer service is mediocre, but the relationship is improving with focused attention on customers.

Technical Support:

Technical support is good.

Previous Solutions

We were a a Cisco MARS customer and needed to replace the solution once Cisco ceased support.

Initial Setup

The initial setup is straightforward. There is a learning curve for the software, but overall it was up and running and collecting information in a matter of an hour post setup.

Implementation Team

We implemented it with out in-house team.

Other Solutions Considered

We didn't evaluate other options as this was a direct, suggested replacement to MARS.

Other Advice

Watch the sizing requirements for the virtual machines and quantities needed to support the environment. Make sure you get sign-off from Accelops on proposed the configuration and load for what’s being planned on the deployment.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Guest

Sign Up with Email