We performed a comparison between Fortinet FortiSIEM and NetCrunch based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The connectivity and analytics are great."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same."
"The most valuable feature is the anomaly-reporting alarms."
"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"It's a very nice solution to work with."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"The stability is very reliable. It offers very good performance."
"FortiSIEM is a great tool for making security processes transparent."
"The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation."
"Reporting on NetCrunch is pretty good. It's very similar to SolarWinds. It's just a different interface. The majority of everything there was beneficial."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The only thing is sometimes you can have a false positive."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"We are invoiced according to the amount of data generated within each log."
"The reporting could be more structured."
"There is room for improvement in entity behavior and the integration site."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The troubleshooting has room for improvement."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"The policy editing should be easier. Right now, it's too hard."
"The biggest thing that could be better is a quicker response to support cases."
"There is no proper guide for integration or configuration."
"Network detection and response is a separate product."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"I didn't care for the role-based, permission-based options, which were not the best."
Earn 20 points
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while NetCrunch is ranked 76th in Network Monitoring Software. Fortinet FortiSIEM is rated 7.6, while NetCrunch is rated 8.0. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of NetCrunch writes "A network monitoring platform with a useful reporting feature, but permission-based options could be better". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas NetCrunch is most compared with Zabbix and PRTG Network Monitor.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.