We performed a comparison between Fortinet FortiSIEM and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The log analysis is excellent; it can predict what can or will happen regarding use patterns and vulnerabilities."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The product can integrate with any device."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."
"We find the solution to be stable."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"The solution is easy to use and user-friendly."
"The seamless integration with FortiGate is the solution's most valuable aspect."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"It's very easy for anyone to work with."
"It is easy to use."
"I rate the tool's deployment an eight out of ten. The deployment is completed in two days."
"It can be easily deployed with the other solutions."
"The most valuable feature in ESM is its search and reporting feature. It's really nice."
"The product’s most valuable feature is log monitoring."
"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."
"Compared to other solutions, the user interface is good."
"It is easy to use and deploy. It comes with user-friendly manuals."
"We'd like to see more connectors."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"The playbook is a bit difficult and could be improved."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"The solution should allow for a streamlined CI/CD procedure."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
"FortiSIEM is not a market leader in the SIEM space."
"There could be more AI features included in the product."
"The biggest thing that could be better is a quicker response to support cases."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs."
"I would like to see good analytics in future releases."
"I would like to see improvements to the user interface."
"Customized reports and alerting functionality could be included in the dashboard."
"There's no software support from McAfee."
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."
"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."
"The disk space needed for events is not clear. In all clients, we had at least more than 100GB free that we could not use."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. Fortinet FortiSIEM is rated 7.6, while Trellix ESM is rated 7.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Cybereason Endpoint Detection & Response. See our Fortinet FortiSIEM vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
