We compared Fortinet FortiAnalyzer and LogRhythm SIEM based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real time. Users praised LogRhythm SIEM for its user-friendly centralized dashboard, strong integration capabilities, and event-filtering capabilities. LogRhythm SIEM has the potential to improve its SOAR and NDR features, platform stability, and MDI integration. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. LogRhythm users requested expanded log storage, better load balancing, and streamlined search capabilities.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. LogRhythm SIEM was generally praised for its helpful and knowledgeable support, although there have been occasional delays and knowledge problems.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. LogRhythm SIEM's setup is considered to be straightforward. However, it is more time-consuming and complex for enterprise deployments involving multiple components or vendors, and users often require assistance from professional services or LogRhythm-certified engineers.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. LogRhythm SIEM’s license typically includes all elements. However, enterprise customers may encounter complexities related to additional features and add-ons.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. LogRhythm SIEM has proven to be highly valuable, delivering a significant ROI by reducing the mean time to detect and respond.
"The program is stable and it gives me great visibility."
"It has a simplified and user-friendly interface."
"I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the issues with the network traffic such as any security issues to be valuable. I also like the compliance reports."
"Many of my clients are financial institutions that transmit files from around the country across a VPN. In a setup like this, it's helpful to have a centralized dashboard to manage firewalls and other security solutions across a distributed environment. You can do all sorts of analysis and configure it to trigger alarms."
"Technical reports clearly identify system checks, locations and areas, how many times things escape, which firewall is affected, and source IDs."
"The product works well with other products."
"Its robust security and performance are the two main features. We also use the log reporting feature."
"There are a lot of monitoring features available."
"In terms of security, LogRhythm NextGen SIEM is great."
"Currently, we are in the implementation phase. LogRhythm is better than QRadar from the point of view of collecting Windows events. It has a much higher view. You can enable monitoring by default."
"The correlation engine is extremely valuable because it uses machine learning to process information from the central manager and identifies issues in the network."
"Alarms are the most valuable feature. We also like the dashboard and how things are at your fingertips. The fact that we can now edit the report templates is going to be a great thing."
"We have to be able to show the evidence, and LogRhythm does a great job of putting it forward and making it easy to create reports with nice looking dashboards, which show off what we are doing as a security program."
"Automations are very valuable. It provides the ability to automate some of our small use cases. The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools."
"It seems like it will scale easily with the way our environment is set up."
"LogRhythm has shown to us, to this point in time, that it has the capabilities of being able to deliver actionable intelligence to the security engineers and analysts."
"I would like to see an improvement in the technical support. Stronger authentication will also be a plus."
"The solution should include the ability to customize reports so that customers receive greater value and high level reporting."
"It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot."
"FortiAnalyzer only integrates with Fortinet solutions. That is a limitation because many organizations use multiple vendors. It's often a mixture of Cisco network hardware and equipment from other vendors, such as switches, access points, etc."
"There are a lot of solutions on the market and Fortinet FortiAnalyzer is limited. It cannot be used across multiple vendors. They can improve by advancing their technology."
"The FortiAnalyzer is not good at managing multi-version environments. If all your FortiGate are at different versions in the field, that's difficult. The one thing we didn't like is the fact you have to have 100% of your environment at the same release, which is not pleasant, to have it fully functional. You can have a different release, but to have it fully functional 100% of your environment has to be the same release."
"Fortinet FortiAnalyzer cannot receive any queries. They should add this feature in the future to help manage solutions."
"Fortinet FortiAnalyzer should come bundled with other Fortinet solutions. Additionally, the performance and updates could improve. They need to test their updates better so there are not as many bugs."
"It's not easy for someone new to the solution."
"The product's stability needs improvement."
"We had a little bit of difficulty implementing a disaster recovery situation because it was leveraging only Microsoft native DNS and it wouldn't work with our Infoblox DNS deployment that we use in our environment. They've been working on that behind the scenes."
"Right now there is the concern about being able to gather all of the data into the system."
"When we had version 7.2.6, there were a lot of issues deploying that version and with the indexing. The indexer was unstable. So, we were not able to use the platform when we were on that version until we were able to upgrade to 7.3.4."
"NextGen SIEM has separate rules for AI, advanced intelligence, and MP rules - it would be better to have a centralized way to write the rules and create alarms."
"I have Windows administrators who will remove the agent when they think that that's what's fouling up their upgrade or their install or their reconfiguration, etc. The first thing they do is to turn off the antivirus, turn down the firewall, and take off anything else. They don't realize that the LogRhythm agent is just sitting there monitoring. Most antivirus products have application protection features built-in where, if I'm an admin on a box, I can't uninstall antivirus. I need to have to the antivirus admin password to do that."
"One thing we have mentioned to them before is that we'd like to be able to do searches, or drill-downs, directly from an alarm. When you click it and the Inspector tab slides out, that might be a good place to be able to click the host to search for the last 24 hours. I know the search is right there but it would be even nicer to just click that and then have an option to search something there."
Fortinet FortiAnalyzer is ranked 7th in Log Management with 44 reviews while LogRhythm SIEM is ranked 8th in Log Management with 27 reviews. Fortinet FortiAnalyzer is rated 8.0, while LogRhythm SIEM is rated 8.4. The top reviewer of Fortinet FortiAnalyzer writes "It creates a central point of management and control, giving you real-time insight into what is going on. ". On the other hand, the top reviewer of LogRhythm SIEM writes "Helps with productivity, reduces administrative overhead, and offers useful dashboards". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Graylog, ManageEngine EventLog Analyzer and IBM Security QRadar, whereas LogRhythm SIEM is most compared with Splunk Enterprise Security, IBM Security QRadar, Microsoft Sentinel, Wazuh and VMware Aria Operations for Logs. See our Fortinet FortiAnalyzer vs. LogRhythm SIEM report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.