We performed a comparison between Fortinet FortiSIEM and ThousandEyes based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The product can integrate with any device."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"It works well with medium to large-scale enterprises."
"Easy alert setup which enables different alerts in different categories."
"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."
"The most valuable feature of Fortinet FortiSIEM is the correlation of many events."
"We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"The most valuable feature is the anomaly-reporting alarms."
"The solution's initial setup process was straightforward...In terms of ROI, the solution is worth the money."
"The installation process is not hard at all."
"From our perspective, ThousandEyes stands out as an invaluable tool because of its deep and extensive capabilities."
"The most valuable features are integration and ease of use."
"The most valuable aspect of the solution was the ability to see how the connection quality is between the sites and get an alert if it was turning bad."
"The solution is very easy to use."
"The authentication overall - including to the VPN and LAN - is excellent."
"The company provides excellent service."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"We are invoiced according to the amount of data generated within each log."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"The only thing is sometimes you can have a false positive."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"I would like to see easier implementation in the future."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"Its training can be improved. Its price also needs to be improved."
"There could be more AI features included in the product."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"Presently, it lacks the ability to integrate with other Cisco products."
"The tool does not provide features for application-level monitoring."
"It might be practical to extend monitoring capabilities to include network devices"
"ThousandEyes could improve the dashboards by adding more features."
"It would be nice if the solution covered other areas like server monitoring."
"It's an expensive solution."
"I would like the product to offer more agility."
"The guest portal is hard to use."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while ThousandEyes is ranked 12th in Network Monitoring Software with 11 reviews. Fortinet FortiSIEM is rated 7.6, while ThousandEyes is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of ThousandEyes writes "Reliable. simple to set up, and offers fast monitoring capabilities". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and PRTG Network Monitor, whereas ThousandEyes is most compared with Cisco Secure Network Analytics, Accedian Skylight, Dynatrace, SolarWinds NPM and Meraki Dashboard.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
