We performed a comparison between Fortinet FortiSIEM and SolarWinds NPM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"The pricing of the product is excellent."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"Log aggregation and data connectors are the most valuable features."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"The seamless integration with FortiGate is the solution's most valuable aspect."
"The solution’s IP database is awesome."
"Easy alert setup which enables different alerts in different categories."
"Technical support is helpful."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"The benefit of this solution is the reporting. We're able to report on and see our network in a graphical form. We are able to detect when a device is added to a network."
"We can proactively fix historical issues, so we won't face those problems in future."
"The solution is easy to install and it takes a couple of hours."
"The people in technical support are very good."
"The solution is extremely stable. We haven't had any issues in that regard. We haven't had issues with bugs, glitches, or crashes."
"The product covers our needs for the basic care and feeding of servers, whether they are physical or virtual."
"The most valuable features are language support and technical support."
"I like SolarWinds support because it's 24/7. You describe your issues, your situation and maybe two or three hours later you can discuss a solution with a technical engineer."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The reporting could be more structured."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"The policy editing should be easier. Right now, it's too hard."
"The solution's interface could be modernized and improved."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"The reporting module that got integrated into the system itself, used to be a standalone solution and I preferred that."
"Being able to detect devices that are trying to connect wirelessly would make using this solution much easier."
"My team has had a lot of issues with support."
"In terms of scalability, there is room for improvement. When you start monitoring, if you have so many interfaces and you're trying to monitor them at a faster interval, or a shorter interval, you get to a point where you need to request another node."
"It is not that stable. As a Windows software, I have seen issues with SolarWinds. The performance is slow."
"The product is scalable, but at a cost. Extra modules have to be purchased for each extra server. The initial set up isn't complex, but will require someone who is experienced with the network monitoring system"
"If they’re going for a “cover everything” approach, then they need to do so and enable a bit more of the "cover everything approach" within every one of the tools."
"We also had to be attentive to vulnerabilities, because SolarWinds NPM have some issues in that area. We had to work with our security team, so that they could help us check and backup the data, and check what they needed to secure."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while SolarWinds NPM is ranked 4th in Network Monitoring Software with 147 reviews. Fortinet FortiSIEM is rated 7.6, while SolarWinds NPM is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of SolarWinds NPM writes "High-level, comprehensive, and proactive monitoring in a user-friendly interface". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas SolarWinds NPM is most compared with Zabbix, PRTG Network Monitor, ManageEngine OpManager, ThousandEyes and LogicMonitor. See our Fortinet FortiSIEM vs. SolarWinds NPM report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.