Fortinet FortiSOAR Review

Accessible with good centralization and a straightforward initial setup

What is our primary use case?

Fortinet provides automation capabilities for event detection and remediation. It also provides a centralized QE where all the events are consolidated and correlated and it gives you visibility to the entire workflow of a specific threat event. It provides some remediation for the particular threats or alerts based on its profile of criticality.

What is most valuable?

The most valuable feature is its centralization as you don't want to be going to different locations to correlate items or to piece anything together to derive meaningful insights. We want to have a centralized QE for analytics, visibility, assessments, and decision-making and this solution allows for that.

The other feature that I personally appreciate is its accessibility. You can integrate it with other systems within the environment such as ticketing systems or something for sending alerts and then creating tickets for the operations or security operations team. They can get alerted when these events happen so they can be aware of events and even start troubleshooting for the investigation if it is warranted. It can be integrated seamlessly with other internal systems.

The initial setup is straightforward. 

What needs improvement?

The improvement would be to make it more user-friendly. They need to lower the learning curve. They should just make it more user-friendly, especially for non-technical people.

Technical support could be improved.

For how long have I used the solution?

I've been using the solution for around four years. It's been a while. 

How are customer service and technical support?

Fortinet is good, however, as they get into security analytics, while their support is okay, sometimes it requires some hand-holding and their response is probably not as good as Palo Alto. They've got to get there eventually to improve their support model.

Which solution did I use previously and why did I switch?

I also use Palo Alto. We have both products in our work environment. We're using Palo Alto also for firewall and sending those logs to another security monitoring tool to make decisions based on analytics that it provides us.

How was the initial setup?

The initial setup is very straightforward and simple. It's not overly complex or difficult. An organization shouldn't have any issues with the process.

What's my experience with pricing, setup cost, and licensing?

I cannot speak to the exact pricing of the solution.

What other advice do I have?

I'm not sure which version of the solution we're using currently.

I'd rate the solution at a nine out of ten. It compliments nicely with Palo Alto.

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Fortinet FortiSOAR reviews from users
...who compared it with Splunk Phantom
Find out what your peers are saying about Fortinet, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR). Updated: September 2021.
535,544 professionals have used our research since 2012.
Add a Comment
ITCS user