We performed a comparison between Fortinet FortiSIEM and NETSCOUT nGeniusPULSE based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The main benefit is the ease of integration."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"It's very easy for anyone to work with."
"The most valuable feature of Fortinet FortiSIEM is the correlation of many events."
"Both the collecting logs and duo correlation are valuable features for us."
"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"It works well with medium to large-scale enterprises."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"The most valuable feature of NETSCOUT nGeniusPULSE is the network troubleshooting analysis. You can pinpoint an issue before it could shut down the network."
"I like the single pane of glass view. I like being able to go to one place instead of having to hunt around for everything."
"This is a very reliable and complete solution for troubleshooting and monitoring environments."
"The most valuable features of this solution are monitoring and maintaining traffic queuing, as well as seeing who is using the bandwidth."
"I like the single pane of glass view because it presents everything in one window, obviously. You can see it all. With a quick glance, you get a pretty good snapshot of what's going on in a particular situation."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The AI capabilities must be improved."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"The reporting could be more structured."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"The solution could be more user-friendly; some query languages are required to operate it."
"FortiSIEM could be better integrated with other vendors."
"The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate."
"The dashboard needs to improve."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"Not very good on non-API features, lacks that functionality."
"The solution's interface could be modernized and improved."
"They require a lot of manual effort as traffic flows, networks, and formal times change."
"Usability is the area with the biggest room for improvement. We've found that with NETSCOUT, while it's a fantastic product, the usability is a major factor because there are just way too many clicks. It's obvious, from our experience, that the people who are developing the product aren't using it."
"The price of the solution could be reduced."
"In terms of additional features, I would like to see better event notification. Right now, we put in an email address to receive an alert and it receives every event and every alert that comes out. We need something a little more granular."
"The GUI interface and dashboards could be more attractive to the customer."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while NETSCOUT nGeniusPULSE is ranked 62nd in Network Monitoring Software with 5 reviews. Fortinet FortiSIEM is rated 7.6, while NETSCOUT nGeniusPULSE is rated 8.0. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of NETSCOUT nGeniusPULSE writes "Good visibility, simple installation, and helpful technical support". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas NETSCOUT nGeniusPULSE is most compared with ThousandEyes, NETSCOUT nGeniusONE, Flowmon and DX Spectrum. See our Fortinet FortiSIEM vs. NETSCOUT nGeniusPULSE report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
