We performed a comparison between Fortinet FortiSIEM and Observer GigaStor based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The machine learning and artificial intelligence on offer are great."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The UI of Sentinel is very good and easy to use, even for beginners."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"FortiSIEM provides a single PIN to monitor SOC and NOC. It's a nice tool for integration and monitoring. It provides multiple categories for monitoring based on security designations like low, medium, and high."
"The solution’s IP database is awesome."
"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."
"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"It can help to write your rules, organize firewalls, your block, and also your protocols and IP address to come in or out of your network."
"I also have the ability to see an application's performance, to see what's going on, why a network is slow, why this program for this user is experiencing a delay or some network issue"
"It's able to capture packets and, after a long time, you can come and use that information; to check, to analyze - everything you would want to do. So it's very good and helpful if you want to protect your data. It is stored in a certain place where you can access it every time you want to analyze it."
"This solution allows us to see exactly what is going on in the network and we can very quickly solve issues with users."
"The ability to capture packets. It is not only for monitoring. That is very important for a company that wants to keep an eye on the packets, the transactions, the flows..."
"There are many valuable features, but understanding end-user response times stands out. It provides a score-based evaluation of user experience, helping customers quickly pinpoint whether issues originate from the network, server, client, or application. Additionally, it facilitates in-depth analysis of application dependencies."
"Multi-tenancy, in my opinion, needs to be improved. I believe it can do better as a managed service provider."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"The on-prem log sources still require a lot of development."
"The reporting could be more structured."
"The troubleshooting has room for improvement."
"Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire."
"It would be good if the solution offered even more configuration options, especially in relation to the VPN so that it continues to be a very flexible option."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"Areas for improvement would be the ease of use and the integration with Fortinet's own products."
"They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution."
"The process of installing Fortinet FortiSIEM and the customization of the alerts take too long."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"The graphs on the user interface could be improved as we often experience glitches."
"Graphics need improvement. Because a lot of the information there you have to input first in some case to have full potential. It could be more automated."
"Maybe the graphical user interface could be simplified to allow people to use it more easily. It's already good, but they can work more on it to make it even easier."
"GigaStor feeds into Apex. So, the area where there could be improvement would be in artificial intelligence. For example, the incorporation of more advanced machine learning or AI capabilities could enhance its functionality."
"I would like to have more than 4TB of storage available in the portable version of this solution."
Earn 20 points
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Observer GigaStor is ranked 91st in Network Monitoring Software with 7 reviews. Fortinet FortiSIEM is rated 7.6, while Observer GigaStor is rated 9.0. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Observer GigaStor writes "Aids significantly in the threat-hunting process and provides a score-based evaluation of user experience". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas Observer GigaStor is most compared with Gigamon Deep Observability Pipeline, Wireshark, Kentik and Cisco Nexus Dashboard Data Broker. See our Fortinet FortiSIEM vs. Observer GigaStor report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.