We performed a comparison between Devo and Fortinet FortiAnalyzer based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."
"It's very, very versatile."
"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."
"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"Scalability is one of Devo's strengths."
"FortiAnalyzer has a robust ability to find a compromised host on your network, and when you identify a compromised host, you can address it."
"The initial setup is pretty straightforward."
"The solution is easy to use and easy to integrate."
"The scalability is good. It is also good in the cluster nodes. You can make multiple FortiAnalyzer clusters groups, and you can distribute the logs between these FortiAnalyzer nodes. In other words, you can expand the scale."
"It is a simple and solution."
"The most valuable feature of Fortinet FortiAnalyzer is the capturing of traffic for reports."
"The features that our customers have found most valuable are their different type of reports including the drill down report, as well as the flexibility to connect to any number of appliances which can be connected to it centrally."
"The feature I find most useful is the handy dashboard."
"Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs."
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."
"I would like to have the ability to create more complex dashboards."
"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."
"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."
"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."
"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."
"There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space."
"The FortiAnalyzer is not good at managing multi-version environments. If all your FortiGate are at different versions in the field, that's difficult. The one thing we didn't like is the fact you have to have 100% of your environment at the same release, which is not pleasant, to have it fully functional. You can have a different release, but to have it fully functional 100% of your environment has to be the same release."
"In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short."
"FortiAnalyzer only integrates with Fortinet solutions. That is a limitation because many organizations use multiple vendors. It's often a mixture of Cisco network hardware and equipment from other vendors, such as switches, access points, etc."
"In terms of what could be improved, sometimes it's lagging and it also has some graphical issues with the GUI."
"It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot."
"The solution should be more price competitive."
"It is very important that FAZ can support FortiController as the architecture designed for the network. FortiController should be registered in FAZ at least for event logs."
"The deployment is complex and has room for improvement."
Devo is ranked 16th in Log Management with 21 reviews while Fortinet FortiAnalyzer is ranked 8th in Log Management with 81 reviews. Devo is rated 8.4, while Fortinet FortiAnalyzer is rated 8.0. The top reviewer of Devo writes "Keeps 400 days of hot data, covers our cloud products, and has a high ingestion rate and super easy log integrations". On the other hand, the top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". Devo is most compared with Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar, Wazuh and LogRhythm SIEM, whereas Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Graylog, Grafana Loki and LogRhythm SIEM. See our Devo vs. Fortinet FortiAnalyzer report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.