Fortinet FortiSIEM Review

Has good business service summaries in the dashboards but it should have better integration abilities

What is our primary use case?

We use the on-prem deployment model of this solution. Our primary use case of this solution is for all of our infrastructure monitoring, applications, performance monitoring, and for security, incident, and event analysis. 

What is most valuable?

Analytics is the most valuable feature. The business service summaries in the dashboards and the correlations for the SIEM are also valuable features. 

What needs improvement?

Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.

It should also have better integration.

For how long have I used the solution?

I have been using FortiSIEM for four years.

What do I think about the stability of the solution?

It's a good product. It does what it is supposed to do. 

What do I think about the scalability of the solution?

Scalability required a lot of training. If the training isn't adequate you cannot enjoy the end results.

There are currently around ten users using this solution. They are mostly system and network administrators using this solution. We don't have plans to increase the usage. We are going to switch to another product. 

We require two staff members for the deployment and maintenance. 

How are customer service and technical support?

When you log a call, you don't get instant replies or if there is a bug they take ages to fix it and they ask you to hold.

Which solution did I use previously and why did I switch?

We didn't previously use another SIEM solution. 

How was the initial setup?

The installation is straightforward but the configuration is complex because it compromises of several aspects of the network infrastructure, servers, and the databases. You have to know what you want to gain out of this product. 

The deployment took around three months. There are a lot of dashboards to configure. It's not about just the installation. The planning phase and understanding what you want to get out of it, setting up the logs, and working on the correlations take time. 

What about the implementation team?

We used a local integrator for the deployment. They were good. When you consider the other SIEM products, this isn't a popular solution. When we implemented it, we were with the solution before it was acquired by Fortinet. It was a hassle. 

What's my experience with pricing, setup cost, and licensing?

Licensing is a one time cost. If you want to enable different modules then there will be additional costs. 

What other advice do I have?

Properly review this solution and your requirements. See how it will scale up to cloud requirements. Cloud technologies are becoming more prominent and you should see how you will be able to manage it with this tool.

It's a good product but you need to be well trained. If you don't have good training then you won't maximize the benefits of this product. 

I would rate it a seven out of ten. 

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Fortinet FortiSIEM reviews from users
...who work at a Comms Service Provider
...who compared it with Splunk
Add a Comment