We performed a comparison between Logpoint and Fortinet FortiSIEM based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Logpoint is noted for its advanced technology and extensive log-collection, parsing, and analysis mechanisms. Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. Logpoint can improve its dashboard customization, resource efficiency, network hierarchy diagrams, and agent deployment. Fortinet FortiSIEM is praised for its advanced agents and effective correlation capabilities. Reviews say FortiSIEM excels at anomaly reporting and threat hunting. Fortinet FortiSIEM could benefit from better integration guides, more flexible reporting, and reduced resource consumption. Users also suggest adding more AI capabilities and improving database monitoring.
Service and Support: Logpoint's customer service receives high marks for its exceptional technical support and responsive engineers, but some users reported delays in receiving help from higher-level support. Some FortiSIEM customers consider Fortinet support to be satisfactory and efficient, while others were unhappy and thought the engineers could be more knowledgeable.
Ease of Deployment: Logpoint's initial setup can be complex and time-consuming or fast and easy, depending on the user's experience and the organization’s size. Some FortiSIEM users found it effortless to install within a day or two. Nonetheless, others encountered difficulties regarding CPU and memory requirements, as well as a lengthier deployment time.
Pricing: Logpoint's fixed pricing model is seen as cost-effective and competitive. FortiSIEM is generally regarded as reasonably priced and competitive. However, FortiSIEM may still be deemed costly in developing markets.
ROI: Logpoint makes costs more predictable and enables companies to generate revenue through security operation services. Fortinet FortiSIEM has consistently delivered a positive return on investment for businesses.
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"It's pretty powerful and its performance is pretty good."
"FortiSIEM's log correlation is good."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"The seamless integration with FortiGate is the solution's most valuable aspect."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"Easy alert setup which enables different alerts in different categories."
"The product is quite well-organized. The GUI makes it easy to navigate."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution."
"The solution's user interface is quite simple, and the integration is better than other products."
"Log collection, dashboards and reporting are good."
"What I like best about LogPoint is its cost-effectiveness compared to other solutions. LogPoint also has better dashboards which I find valuable. I also like that you can create use cases based on your assets."
"The solution's most valuable aspect is the combination of the software and the support that they have."
"The integration is very user-friendly. There are not many CLI commands. Everything is directly accessible from the web interface."
"Technical support is responsive and very friendly."
"We like the user and entity behaviour analytics (UEBA) and find it valuable."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The solution could improve the playbooks."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"I would like to see easier implementation in the future."
"Customer support service could be better."
"They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution."
"Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"The stability of the product is an area of concern where improvements are required."
"The biggest thing that could be better is a quicker response to support cases."
"Not very good on non-API features, lacks that functionality."
"One of the downsides is it is not a SaaS solution. It must be on-premises."
"Sometimes, the product is not stable."
"The general public wasn't looking for that type of product unless you had a company that was medical or financial and needed 24-hour responsiveness."
"We were missing visuals and graphics. Recently, a new version seems to have come out, and it has a new graphical user interface. When I was integrating it, it was usable, but the GUI needed improvement."
"Dashboards could be developed further."
"Logpoint is not flexible. Its documentation is not user-friendly."
"The thing that makes it a little bit challenging is when you run into a situation where you have logs that are not easily parsable. If a log has a very specific structure, it is very easy to parse and create a parser for it, but if a log has a free form, meaning that it is of any length or it can change at any time, handling such a log is very challenging, not just in LogPoint but also in everything else. Everybody struggles with that scenario, and LogPoint is also in the same boat. One-third of logs are of free form or not of a specific length, and you can run into situations where it is almost impossible to parse the log, even if they try to help you. It is just the nature of the beast."
"The interface needs things like wizards that will assist with creating complex correlation rules."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Logpoint is ranked 24th in Security Information and Event Management (SIEM) with 20 reviews. Fortinet FortiSIEM is rated 7.6, while Logpoint is rated 7.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Logpoint writes "Good technical support but it is complex to use and resource-heavy". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas Logpoint is most compared with IBM Security QRadar, Elastic Security, Rapid7 InsightIDR, LogRhythm SIEM and Splunk Enterprise Security. See our Fortinet FortiSIEM vs. Logpoint report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.