We performed a comparison between Fortinet FortiSIEM and IBM SevOne Network Performance Management (NPM) based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Free ingestion for Azure logs (with E5 licence)"
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"Analytics is the most valuable feature. The business service summaries in the dashboards and the correlations for the SIEM are also valuable features."
"Both the collecting logs and duo correlation are valuable features for us."
"The Threat Hunting feature provides complete traffic analysis."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"Real-time monitoring makes life quite easy for me."
"FortiSIEM's log correlation is good."
"The primary valuable feature is that it has replaced a whole lot of other products with one platform."
"Analytics. It can provide log information from the device. With log information, I can see if there is a threat"
"We've had great feedback from our customers about SevOne support. They're willing to set up a remote session upon request. You have to go through three tiers of support with most vendors, and they ask a lot of screening questions before they will do a remote session. You need to spend a lot of time before an engineer will host a remote session to look at your problematic system."
"The comprehensiveness of this solution's collection of network performance and flow data is one of the basics in the field for what it does. It meets all of our needs. So for all those areas, for the most straightforward collection capabilities, right up to NetFlow and even telemetry, it meets all those demands. Not only just basic or fundamental SNMP collection capability, but the product also supports what we need for the future with telemetry streaming. So it's very comprehensive."
"It's a great solution for highlighting and discovering useful information regarding our network's elements."
"The feature that I have found most valuable is the scale-up and scale-down. The scale-up is an operation where the CPU boosts-up and then the memory will boost-up. That works awesomely."
"The network data collection has been very flexible for us. It's been thorough in areas that were lacking. They have a team that I've worked with to add other pieces to it. So if it's missing something out of the box, they work with me to add it. I was able to collect that data. It's not perfect, but it's pretty thorough."
"The monitoring of the network is very customizable. That is its unique feature."
"We have benefited mainly from the use of the dashboard interface. It makes the network visually interesting for other people who are not in the network. A lot of people are not network techies who understand streams in the network. Based on location, we have streams coming in and out. They can see visually when there is some problem. They don't need to understand all the network technology behind it to be able to understand if everything is working well or if there is a problem."
"It also gives us the closest thing to real-time insight into network performance that we have, with just a 10-second delay. It's very important for us to know the health of the infrastructure very quickly."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"The playbook is a bit difficult and could be improved."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The product can be improved by reducing the cost to use AI machine learning."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"The log collection and configuration management are not great."
"The stability of the product is an area of concern where improvements are required."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"There is no proper guide for integration or configuration."
"There could be more AI features included in the product."
"The backup and recovery process for this solution needs improvement."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"The method of searching for SIP and the way to create the groups."
"Would benefit with the addition of AI modules for proactive data insights."
"When I started using it, I tried adding one of the BroadWorks application servers into SevOne... it created thousands and thousands of objects from that one application server and we immediately ran out of license... It would help, when new objects are discovered, if there were a way to categorize those objects and to pick the part of the object you need..."
"The customizations are very hard. The person doing it has to be very good at analytics and has to be very good in all languages"
"Software upgrades can be tricky is not easy."
"Some similar solutions offer end-to-end visibility."
"NMS has several areas for improvement. It should be more user-friendly inside of NMS for some of the functionality in there. It's been getting better the last version or two, but the there have been bugs in there whenever I've gone to new versions."
"I would like to see live maps as an added feature. Also, build modules on AI and EML to provide better data insights that would proactively tell us what we should be looking after."
More IBM SevOne Network Performance Management (NPM) Pricing and Cost Advice →
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while IBM SevOne Network Performance Management (NPM) is ranked 41st in Network Monitoring Software with 52 reviews. Fortinet FortiSIEM is rated 7.6, while IBM SevOne Network Performance Management (NPM) is rated 8.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of IBM SevOne Network Performance Management (NPM) writes "We can get a new vendor certified and monitored in our system significantly faster than before". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas IBM SevOne Network Performance Management (NPM) is most compared with LogicMonitor, Instana Infrastructure Monitoring, SolarWinds NPM, Splunk Enterprise Security and SolarWinds Network Device Monitor.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.