We performed a comparison between Fortinet FortiSIEM and Zabbix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The UI-based analytics are excellent."
"We have no complaints about the features or functionality."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The machine learning and artificial intelligence on offer are great."
"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"The product's initial setup phase was easy."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"FortiSIEM is a great tool for making security processes transparent."
"AccelOps can handle a lot of data and it's just so important to true monitoring. Also, I can create a lot of rules to detect anything I like."
"The most valuable feature is network traffic monitoring."
"The most valuable feature is monitoring."
"The level of discovery-based configuration that lets us auto-configure the monitoring for various systems is a valuable feature."
"The initial setup was very quick. The first time it was long because I didn't know it yet. I was only using Windows. The first time was very difficult because of the operating system."
"Zabbix can use old data to current data to set the threshold. We can use previous data to set the threshold."
"It has an intuitive UI with beautiful graphs and customizable maps."
"Zabbix is quite stable once it is set up. We haven't had any post-setup issues."
"During my testing, the features that I like the most are that it can be integrated with my system, and it provides me with reports of all of my servers."
"The product can be improved by reducing the cost to use AI machine learning."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"The stability of the product is an area of concern where improvements are required."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"Zabbix is not easy to configure, and upgrading is also an issue."
"There are not too much documentation or manuals. We found the tutorials very easy to understand but do not go deep enough in the use of Zabbix. We need more manuals, proper use, documentation, etc."
"Sometimes, the documentation is a little bit written in Estonia – a country in Europe. The language barrier and translation to English can sometimes make it difficult to understand what they're trying to get at. It's just a language thing."
"Even though it’s such a powerful monitoring system, it would be more helpful if it had a flexible UI."
"Implementing Zabbix is difficult. I've deployed many solutions over the years, and Zabbix is the hardest to implement. You have to do some development to get it to work with IBM, Micro Focus, or HP products."
"The solution needs to add features for finding loopholes or problems and their root causes."
"When using this solution in enterprise monitoring, you are able to see that there are some issues with equipment that could be causing a problem. Sometimes you want to make a root command that you do not want to be executed automatically. What we have tried to do is open an SSH session directly from the solution's interface but it is not possible."
"The networking monitor is not too easy to work with."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Zabbix is ranked 1st in Network Monitoring Software with 98 reviews. Fortinet FortiSIEM is rated 7.6, while Zabbix is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and Rapid7 InsightIDR, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios XI and Nagios Core. See our Fortinet FortiSIEM vs. Zabbix report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
