We performed a comparison between Fortinet FortiSIEM and OmniPeek based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The UI-based analytics are excellent."
"The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The main benefit is the ease of integration."
"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely."
"AccelOps can handle a lot of data and it's just so important to true monitoring. Also, I can create a lot of rules to detect anything I like."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"Real-time monitoring makes life quite easy for me."
"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."
"We find the solution to be stable."
"Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"The most valuable feature of OmniPeek was the ability it gave us to see the connection procedure."
"The most valuable feature of OmniPeek is the ability to assign custom color codes to the different packets easily."
"It's a solid piece of software. It's stable."
"The most valuable features are the voice bot, which checks the quality of service for voice, and the expert view that gives me insight on what and where to troubleshoot."
"The most valuable feature is OmniPeek is user-friendly."
"I believe the most crucial feature of OmniPeek search is the ability to sniff packets based on channel switching."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"The playbook is a bit difficult and could be improved."
"The policy editing should be easier. Right now, it's too hard."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"There is no proper guide for integration or configuration."
"Not very good on non-API features, lacks that functionality."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"Fortinet FortiSIEM could improve by having a signature update."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"Making it more clear on how to configure the filters, or really automating them, would be an improvement."
"The solution's automation has room for improvement."
"I am not using OmniPeek for automation, we only do manual testing. Automation testing is tedious to do. The automation should be more user-friendly. I have exposed some APIs but the usage is not user-friendly."
"I don't see a clear roadmap in the future for improving this software."
"I would like to see the saving feature improved. We have had issues if you do not save your progress then you have to start from the beginning."
"I would like to see the tool work in an open environment the same as how it does in a closed environment."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while OmniPeek is ranked 29th in Application Performance Monitoring (APM) and Observability with 6 reviews. Fortinet FortiSIEM is rated 7.6, while OmniPeek is rated 7.8. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of OmniPeek writes "Easy to identify packets, beneficial color assigning, and responsive support". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas OmniPeek is most compared with LiveAction LiveNX, Colasoft Capsa, LogicMonitor, SolarWinds NPM and NETSCOUT nGeniusONE.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.