We performed a comparison between ManageEngine Log360 and Trellix ESM based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product can integrate with any device."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The UI-based analytics are excellent."
"Free ingestion for Azure logs (with E5 licence)"
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"It is nice to be able to monitor and to have notifications."
"We haven't had any stability issues."
"The reporting is great. Everything you need is in the report for you already."
"It basically helps us. We have to stay in compliance with certain issues with some of our customers. We have to have these types of tools in place for protecting our network and our data. We're in the aerospace industry, so we have a lot of defense contracts. So, all those guys will make sure that we're protecting their information, and it does a good job in that aspect."
"The most valuable features for us are the application logs monitoring and the dashboard, which provides a single-pane view of all the ongoing activities."
"The most valuable feature is that this solution is more secure than others, and there are more applications and features as well."
"The deployment is quite simple and pretty straightforward."
"The product is very user-friendly."
"McAfee as a whole is a good solution."
"Compared to other solutions, the user interface is good."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"The most valuable feature in ESM is its search and reporting feature. It's really nice."
"The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it."
"The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."
"It can be easily deployed with the other solutions."
"This solution integrates easily and very well with other technologies."
"We'd like also a better ticketing system, which is older."
"Sentinel's reporting is complex and can be more user-friendly."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"We'd like to see more connectors."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Their technical support should be improved."
"The matter of the data retention needs to be addressed."
"There is room for improvement, especially in the reporting aspect. The reports are not as good as those in Splunk."
"Most times log sheets are not assigned well."
"The integration with SharePoint and Teams should be improved."
"It takes a little bit of time for Log360 to actually learn your environment."
"The graphical interface could be made easier to use when you are connecting to different network equipment."
"We can log in as a local user, and it's fine, but when we login with an Active Directory user, we cannot."
"Product currently requires Flash."
"I would like to see improvements to the user interface."
"We cannot add new data sources to the most recent version."
"Product-wise, adding accounts on a single data source by batch would be a really great help."
"The only issue I have with McAfee is the amount of computer resources that it takes... it's definitely impacting some of the other applications that are running on a computer at the same time."
"The product's stability is an area of concern where improvements are required."
"The user interface could be more user-friendly."
"There are always multiple bugs in the product. For example, the console page was hanging multiple times. Afterwards, they released multiple upgrades for the same, multiple patches from McAfee."
ManageEngine Log360 is ranked 19th in Security Information and Event Management (SIEM) with 15 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. ManageEngine Log360 is rated 7.2, while Trellix ESM is rated 7.4. The top reviewer of ManageEngine Log360 writes "Facilitates incident backtracking and identifying the cause of incidents but insufficient intelligence-driven analysis to suppress unnecessary alerts". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". ManageEngine Log360 is most compared with ManageEngine EventLog Analyzer, Wazuh, Splunk Enterprise Security, Fortinet FortiSIEM and LogRhythm SIEM, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Cybereason Endpoint Detection & Response. See our ManageEngine Log360 vs. Trellix ESM report.
See our list of best Security Information and Event Management (SIEM) vendors.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.