We performed a comparison between Fortinet FortiSIEM and ManageEngine OpManager based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The product can integrate with any device."
"The analytic rule is the most valuable feature."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"The CMDB and the device discovery features are most valuable."
"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"The seamless integration with FortiGate is the solution's most valuable aspect."
"The most valuable feature of ManageEngine OpManager makes it easy to monitor all the network alerts on the application."
"The application monitoring is the solution's most valuable feature."
"It is easy to use and deploy."
"The most valuable feature of ManageEngine OpManager is the management of the virtual machine and the host machine."
"Defining thresholds and other alerting criteria is fairly simple and would not require a lot of training. This is very useful if you are managing a large environment."
"The most valuable feature is the monitoring alerts. The administrators are immediately notified and can do the required action immediately. This is the feature we value and use the most."
"The solution gives pretty good network visibility. I am also impressed with it's monitoring."
"Some of the useful features are NetFlow and analytics."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"The solution could be more user-friendly; some query languages are required to operate it."
"There is a wider thing called Jupyter Notebooks, which is around the automation side of things. It would be good if there are playbooks that you can utilize without having to have the developer experience to do it in-house. Microsoft could provide more playbooks or more Jupyter Notebooks around MITRE ATT&CK Framework."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"The solution should allow for a streamlined CI/CD procedure."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"I would like to see easier implementation in the future."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"The backup and recovery process for this solution needs improvement."
"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."
"Real user and UI monitoring are not practical."
"The solution is a bit difficult to configure. There are quite a number of configurations and plugins that you must handle early in the process."
"We had some stability issues at the outset that have since been resolved."
"The solution's reports need to include the number of applications consumed."
"I would like to see more enhancements made to the product."
"The initial setup is a bit complicated. It needs a technician who is very aware of the flow and how to officially set up the flow chart, etc."
"The licensing model is confusing."
"We would like link monitoring included. At times we need to monitor those specific links closely."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while ManageEngine OpManager is ranked 15th in Network Monitoring Software with 44 reviews. Fortinet FortiSIEM is rated 7.6, while ManageEngine OpManager is rated 8.0. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of ManageEngine OpManager writes "Helps us monitor all the infrastructure in our company but UI monitoring is not practical". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas ManageEngine OpManager is most compared with SolarWinds NPM, Zabbix, PRTG Network Monitor, SCOM and Centreon. See our Fortinet FortiSIEM vs. ManageEngine OpManager report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
