We performed a comparison between Fortinet FortiSIEM and ThousandEyes based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The features that stand out are the detection engine and its integration with multiple data sources."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The initial setup is very simple and straightforward."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The CMDB and the device discovery features are most valuable."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"FortiSIEM's log correlation is good."
"AccelOps can handle a lot of data and it's just so important to true monitoring. Also, I can create a lot of rules to detect anything I like."
"The most valuable feature is the anomaly-reporting alarms."
"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"It gives us the opportunity to generate notifications based upon rules that get triggered, and the rules could be specific to PCI, HIPAA, GIBA, NIST, and so forth."
"ThousandEyes gives companies better visibility."
"The most valuable feature of ThousandEyes is user-friendliness. It has been essential for us to have a solution that is easy to use."
"The solution's initial setup process was straightforward...In terms of ROI, the solution is worth the money."
"The most valuable features are integration and ease of use."
"From our perspective, ThousandEyes stands out as an invaluable tool because of its deep and extensive capabilities."
"The authentication overall - including to the VPN and LAN - is excellent."
"The company provides excellent service."
"The most valuable aspect of the solution was the ability to see how the connection quality is between the sites and get an alert if it was turning bad."
"I think the number one area of improvement for Sentinel would be the cost."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"I would like to be able to monitor applications outside of the Azure Cloud."
"The AI capabilities must be improved."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."
"Customer support service could be better."
"The biggest thing that could be better is a quicker response to support cases."
"They need to integrate better with Cisco and Palo Alto."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"Network detection and response is a separate product."
"ThousandEyes could improve the dashboards by adding more features."
"It's an expensive solution."
"It would be nice if the solution covered other areas like server monitoring."
"There is room for improvement in terms of customization and user-friendliness."
"It might be practical to extend monitoring capabilities to include network devices"
"They only offer synthetic requests."
"Presently, it lacks the ability to integrate with other Cisco products."
"The tool does not provide features for application-level monitoring."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while ThousandEyes is ranked 12th in Network Monitoring Software with 11 reviews. Fortinet FortiSIEM is rated 7.6, while ThousandEyes is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of ThousandEyes writes "Reliable. simple to set up, and offers fast monitoring capabilities". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and PRTG Network Monitor, whereas ThousandEyes is most compared with Cisco Secure Network Analytics, Accedian Skylight, Dynatrace, SolarWinds NPM and Meraki Dashboard.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
