We performed a comparison between IBM SevOne Network Performance Management (NPM) and Sumo Logic Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"The main benefit is the ease of integration."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The AI capability is one of the main features of the solution because I believe that in the market, there are few solutions that are providing security solutions based on AI and machine learning."
"The automation feature is valuable."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"Flexible architecture: You can extend the system and its capacity by attaching another cluster pair."
"It's given us the ability to create various real-time network performance reports and distribute them to any colleague who can access these reports immediately."
"One of the solution's biggest strengths is its capacity management performance, with out-of-the-box reports through NMS, as well as its ability to collect NetFlow-related data from devices. The collection of network performance and flow data is important because we have many critical business applications."
"The most valuable feature as of late has been the API integration with ServiceNow."
"The SMP and the xStats, which is for flat file integration, are both useful for integrating the various metrics that the device provides to monitor the performance of those systems."
"I like the tool’s scalability and real-time reports. Earlier, we struggled to give real-time reports to clients. I also like the tool’s deployment model where we can deploy it either on-premises or in-house. We don’t have to carry the data all over the globe. Also, I am impressed with the tool's flow reporting and Wi-Fi."
"Another useful feature is that SevOne gives you real-time insights into your network performance. It polls every five minutes. That is important for our customers because there are some network teams that are always monitoring their networks."
"The comprehensiveness of this solution's collection of network performance and flow data is one of the basics in the field for what it does. It meets all of our needs. So for all those areas, for the most straightforward collection capabilities, right up to NetFlow and even telemetry, it meets all those demands. Not only just basic or fundamental SNMP collection capability, but the product also supports what we need for the future with telemetry streaming. So it's very comprehensive."
"We are able to diagnose problems before our customers."
"It gives us a bird's eye view of what's happening from our connection's point of view."
"The most valuable features of Sumo Logic Security are the rules, use cases, and ease of use. Additionally, the integration is straightforward and good GUI."
"Technical support is always great."
"It helps a lot because we can troubleshoot issues pretty easily."
"I have no concerns about the stability of the product. I feel it handles the stress we put on it very well."
"The tool has key features like operability. It will alert the admins whenever a device is onboarded."
"Sumo Logic Security is a good solution for searching the logs and identifying the issues."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"We'd like to see more connectors."
"The product can be improved by reducing the cost to use AI machine learning."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"We previously have had discussions on some reporting enhancements. So, we raised a feature request, which was delivered from SevOne."
"The tool needs improvement in non-Cisco SD-WAN."
"Would benefit with the addition of AI modules for proactive data insights."
"There are a lot of pain points. My main problem is that we don't have a high availability system. There are 20 peers. We're going to lose the end-of-life appliances that are old. If we lose a peer and it doesn't come back, we lose all that data. The reason we don't have high availability is because it's double the charge."
"I would like to see live maps as an added feature. Also, build modules on AI and EML to provide better data insights that would proactively tell us what we should be looking after."
"The reporting of NMS is good, but it could be better."
"NMS has several areas for improvement. It should be more user-friendly inside of NMS for some of the functionality in there. It's been getting better the last version or two, but the there have been bugs in there whenever I've gone to new versions."
"With the administrative management of the appliance, if some object appears from SevOne because something changed in the network or whatever, then as an administrator you will not be aware. If you are using this object in a report, this object will disappear from the report and you will not be aware of it. So, if you have 1,000 reports, you cannot always check these reports everyday to see if objects are missing or information has disappeared. We don't have any information on alerts, saying that something is happening there and maybe we need to take action. If an object was replaced by another one, or if a link was replaced by another one, then the graph needs to be changed because it doesn't exist in the graph anymore. However, we don't have this information."
"From the network segmentation side, there is some discrepancy in log onboarding. The tool needs to improve direct API integrations, login integration, native login integration, etc."
"It took a bit of trial and error to get it set up correctly based on everything we had to do. In the end, we had to send everything over HTTP, which was sort of a stop-gap."
"It would be nice to have an improved ability to scroll through logs within a time frame. Right now, we can search for specific errors. However, if we want to look for "before and after" within a specific time frame, it's not easy using the tool. This would be an improvement."
"We would like to have some type of predefined setup for the logs, making the setup easier by default."
"There are some API gaps that are missing."
"The solution should improve its UI."
"I would like to see improvement in the user experience when configuring things, ingesting logs, and creating ports."
"The integration with multiple sources could be better."
More IBM SevOne Network Performance Management (NPM) Pricing and Cost Advice →
IBM SevOne Network Performance Management (NPM) is ranked 32nd in Log Management with 52 reviews while Sumo Logic Security is ranked 22nd in Log Management with 18 reviews. IBM SevOne Network Performance Management (NPM) is rated 8.6, while Sumo Logic Security is rated 8.6. The top reviewer of IBM SevOne Network Performance Management (NPM) writes "We can get a new vendor certified and monitored in our system significantly faster than before". On the other hand, the top reviewer of Sumo Logic Security writes "Used to store and monitor application logs and VPC flow logs". IBM SevOne Network Performance Management (NPM) is most compared with LogicMonitor, Instana Infrastructure Monitoring, SolarWinds NPM, Splunk Enterprise Security and SolarWinds Network Device Monitor, whereas Sumo Logic Security is most compared with Wazuh, Rapid7 InsightIDR, Splunk Enterprise Security, VMware Aria Operations for Logs and IBM Security QRadar. See our IBM SevOne Network Performance Management (NPM) vs. Sumo Logic Security report.
See our list of best Log Management vendors and best Security Information and Event Management (SIEM) vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.