We performed a comparison between Fortinet FortiSIEM and Zabbix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The machine learning and artificial intelligence on offer are great."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"It's a very nice solution to work with."
"It is used as an alerting platform."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"The Threat Hunting feature provides complete traffic analysis."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely."
"The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation."
"Its overall flexibility is most valuable. When our customers have some custom applications that are not necessarily covered by the community or a standard monitoring tool, we use Zabbix to build our own modules with our own templates. This feature has been useful in using Zabbix for infrastructure and IT monitoring. It has also been useful for industrial equipment monitoring. Zabbix is very lightweight. It is efficient in terms of performance because it doesn't use a lot of resources."
"Like other common Linux distributions, some of the most valuable features of this solution are the ease of use and deployment. It's simple and has a lot of packages and a lot of software."
"The solution allows for good integration with other products."
"There is less computing power needed for scaling."
"Zabbix is very easy to implement."
"The initial setup was very quick. The first time it was long because I didn't know it yet. I was only using Windows. The first time was very difficult because of the operating system."
"The most valuable feature is that it provides network segregation for server monitoring."
"Zabbix can use old data to current data to set the threshold. We can use previous data to set the threshold."
"The AI capabilities must be improved."
"We'd like to see more connectors."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"Not very good on non-API features, lacks that functionality."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"The biggest thing that could be better is a quicker response to support cases."
"The log collection and configuration management are not great."
"They need to integrate better with Cisco and Palo Alto."
"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."
"Its training can be improved. Its price also needs to be improved."
"Even though it’s such a powerful monitoring system, it would be more helpful if it had a flexible UI."
"The user web interface is a little bit too basic, we need to link Zabbix to Grafana to have more options, such as graphs and charts. The interface needs to be improved. Additionally, there could be better integration with Grafana API."
"It would be helpful if they translated the documentation to Cyrillic languages."
"Having a more customizable interface and dashboard would be an improvement."
"For us, the initial setup was complex"
"The product could be more secure and more stable."
"The networking monitor is not too easy to work with."
"One of the things we don't like is that Zabbix has a license structure with a price that is high compared to the competition. It's very high, for example, compared to something like Microsoft Teams."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 63 reviews while Zabbix is ranked 1st in Network Monitoring Software with 96 reviews. Fortinet FortiSIEM is rated 7.6, while Zabbix is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and Rapid7 InsightIDR, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios XI and Nagios Core. See our Fortinet FortiSIEM vs. Zabbix report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.