We performed a comparison between Fortinet FortiSIEM and Zenoss Cloud based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The initial setup is very simple and straightforward."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"FortiSIEM's log correlation is good."
"Fortinet FortiSIEM provides good detection against advanced threats."
"The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation."
"It works well with medium to large-scale enterprises."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"The most valuable feature is the anomaly-reporting alarms."
"Technical support is helpful."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"They have also accommodated many state-of-the-art technologies like Docker and ZooKeeper."
"The product offers good documentation that helps with initial training."
"It's easy to use."
"Its Docker Container concept is mind blowing. It is the first monitoring tool which comes with Docker features."
"The custom built integration is one of the most valuable features because you can see all the especially critical items."
"What I like most about Zenoss Service Dynamics is that it monitors the devices and gives close to real-time alerts. For example, in case the device is not available, Zenoss Service Dynamics generates an alert so my team can resolve the issue."
"The most valuable feature is the flexible discovery mechanism."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"The solution should allow for a streamlined CI/CD procedure."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"The biggest thing that could be better is a quicker response to support cases."
"The backup and recovery process for this solution needs improvement."
"Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information."
"They need to integrate better with Cisco and Palo Alto."
"The solution's interface could be modernized and improved."
"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."
"The stability of the product is an area of concern where improvements are required."
"There is room for improvement with the administrative part. They introduced Control Center to manage things in Zenoss 5. The services that Zenoss provides remained the same, but the administrative part, since they introduced Docker, etc., has become a little complex"
"As Zenoss Service Dynamics is more for network-centric devices and you want to monitor, for example, a server, its services, IP addresses, and interfaces, if it's a network and you're going to monitor multiple items, you'll be charged multiple times. This is what Zenoss Service Dynamics needs to improve to make sure that customers pay just one fee to monitor the entire server. What I'd like to see in Zenoss Service Dynamics in the future is a public cloud monitoring feature, particularly for the Azure public cloud. Another additional feature I'd like to see in the next release of the solution is integration with the Azure public cloud because I know that there are some services from Azure that Zenoss Service Dynamics is currently unable to monitor."
"Now it is stable, but they should design threshold parameters in percentage instead of raw values."
"The inclusion of a feature to show a graphical view of the network would be a helpful improvement."
"The AI aspect needs to improve."
"It would be ideal if the product offered sound alerts."
"There was a problem with Zenoss and storage monitoring."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Zenoss Cloud is ranked 20th in Application Infrastructure with 8 reviews. Fortinet FortiSIEM is rated 7.6, while Zenoss Cloud is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Zenoss Cloud writes "Generates close to real-time alerts so users can resolve issues, but needs more integration and public cloud monitoring features". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas Zenoss Cloud is most compared with Zabbix, Nagios XI, ServiceNow IT Operations Management, Splunk Enterprise Security and ScienceLogic. See our Fortinet FortiSIEM vs. Zenoss Cloud report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.