We performed a comparison between Fortinet FortiSIEM and vRealize Network Insight based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"The machine learning and artificial intelligence on offer are great."
"Sentinel pricing is good"
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The Log analytics are useful."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"Fortinet FortiSIEM is easy to use."
"The most valuable feature is the anomaly-reporting alarms."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"Whenever we say "valuable" with respect to the network, it's more towards the security. The firewall rule issues it shows us and the recommendations that we get from vRNI are the most valuable features because they are actually making our network more secure."
"If we deploy NSX it shows us how the workflow will flow in the organization, what the roadblocks are, and what we need to do to overcome those hurdles. When we run this product, it gives us reports which describe problems with physical switches. We work with the network team to get them all resolved."
"The best feature of this application is its ability to capture everything within the same application, as well as capture all the traffic."
"The solution is extremely intuitive and user-friendly. When you log in to the application you are presented with a dashboard that is very reasonable for an initial user, and you can then customize it to your specific needs. But for all the data that we've found, we've only had to go through two or three drill-downs to get into that information."
"A lot of time is saved when you use this type of software solution for the network. We have moved systems into the new data center and the servers and systems are much faster because of the very low latency between virtual machines."
"The tool's ease of configuration and use and the availability of information and artifacts through professional services and the web are key factors that customers find valuable."
"The most valuable feature is the profiling of the applications for micro-segmentation... It has made the migration to NSX much easier. Most of the sys admins within the smaller silos, they have no idea what ports are needed to run their stuff at all. I am pretty sure the micro-segmentation would never, ever have occurred without it."
"As a troubleshooting tool, it's a level-3 troubleshooting-skills tool and it's very easy to use and very easy to find the information that you need."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"In terms of features I would like to see in future releases, I'm interested in a few more use cases around automation. I do believe a lot of automation is available, and more is in progress, but that would be my area of interest."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"Network detection and response is a separate product."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"Customer support service could be better."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"When our team tried configuring logs for Microsoft SQL, it did not work."
"I would like to see more interoperability on the firewall and low balancer sides."
"I would like to see them expand the capabilities to infrastructure types other than just VMware."
"Support could be much better."
"It just needs to be more reliable and more accurate. At some point, there are some things where it does not match properly."
"The solution is very much viewer centric and it would be nice if it would transcend just the virtual infrastructure."
"In a very general way, I would like to see an improvement in interoperability with third-party product, from other vendors."
"The virtual appliance has rebooted."
"The only issue we have is that the solution does not always capture the host names."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while vRealize Network Insight is ranked 24th in IT Infrastructure Monitoring with 44 reviews. Fortinet FortiSIEM is rated 7.6, while vRealize Network Insight is rated 8.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of vRealize Network Insight writes "Provides deep analytical insights and makes migrations efficient with dependency mapping". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas vRealize Network Insight is most compared with ThousandEyes, NETSCOUT vSTREAM, VMware Aria Operations for Applications, AppNeta by Broadcom and Zabbix. See our Fortinet FortiSIEM vs. vRealize Network Insight report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
