Fortinet FortiSIEM Archived Reviews (More than two years old)
- Highest Rating
- Lowest Rating
- Review Length
Showingreviews based on the current filters.
Apr 29 2018
What is most valuable?AccelOps can handle a lot of data and it's just so important to true monitoring. That is the strong point of AccelOps. The second one is detecting. I can create a lot of rules to detect anything I like, and this is another strong point. It's also the only SIEM platform on the market that has health… more »
How has it helped my organization?The platform is nice. It is not easy to implement, but once you do so, there is a lot of value from the platform.
Which solution did I use previously and why did I switch?I used a solution previously. I switched because I needed evolving technology. I needed to evolve to smart features. The most important criteria when selecting a vendor is price. After that it's detection.
What other advice do I have?I advise that you should plan your financial resources and plan the platform. Also, be sure to test the performance ability, as well as scalability.
Aug 20 2017
Configuration in initial setup is complex. Product's analytics provide log info letting you see threats.
What is most valuable?Analytics. It can provide log information from the device. With log information, I can see if there is a threat
How has it helped my organization?From CMDB configuration monitoring, it can provide information changes.
What needs improvement?In the CMDB configuration monitoring. Example, if there is a configuration on the wrong side of the network or there are changes that result in harm to our IT… more »
What's my experience with pricing, setup cost, and licensing?Please be cheaper and more simplified.
Which solution did I use previously and why did I switch?FortiSIEM is better than previous products.
What other advice do I have?Please do a PoC.
Which other solutions did I evaluate?Yes, but I cannot mention it because of privacy issues.
Learn what your peers think about Fortinet FortiSIEM. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
438,246 professionals have used our research since 2012.
Jun 22 2017
The product is a well rounded performer when it comes to combined Infrastructure and Security monitoring, however in traditional SIEM bake-offs, they need a lot more flavour to make it exciting.
What do you think of Fortinet FortiSIEM?Introduction: How many of you remember Cisco MARS? Well, if you don’t, let me remind you that they were one of the earliest SIEM products around that stemmed from the infrastructure monitoring space. MARS was geared more towards monitoring and reviewing network infrastructure including their utilization, performance availability and logs. After a brief run in enterprises that were Cisco heavy, the product died a natural death. People who were involved in the product left Cisco and started AccelOps (Accelerate Operations). As a product, they took the fundamentals of data collection and integrated infrastructure log, event monitoring to the data analytics platform. The result is a promising product called AccelOps. They have since been acquired by Fortinet, marking their foray into the…
May 25 2017
I can write my own parsers for the devices that are not supported. I am unable to perform complex/nested queries.
What is most valuable?The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature. It’s impossible to find an application that supports every device/manufacturer that… more »
How has it helped my organization?It is provides extremely fast and flexible query of logs/events on the network. For example, it’s easy to write a quick query for all the “authentication” requests on the network, regardless of where… more »
What needs improvement?The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries. However, it does function well for our day-to-day operations.
What's my experience with pricing, setup cost, and licensing?I haven’t looked at the latest offerings or licensing models since Fortinet bought this product. Previously, AccelOps was looking to add other Tableau reporting modules for more complex reporting… more »
What other advice do I have?Make sure you size the solution to the number of devices and servers on the network. Don’t be afraid to add additional workers. Try to avoid using WMA formats for log retrieval of the busy servers… more »
Which other solutions did I evaluate?We only evaluated this solution and loved the capabilities that it offers. We decided to take a chance and I’m not sorry that we did. Overall, the experience has been very positive.
Mar 21 2016
It provides me with operational oversight on our environment using configured dashboards and reports.
What is most valuable?I’ve used Accelops in multiple different capacities and at several organizations. As far as my current role, I am an operations manager, and it gives me operational oversight. There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way… more »
How has it helped my organization?In large-sized medium-sized and a small-sized organizations, it improves the ability to quickly drill down into events that occur, perform analysis, and find root cause. The most value I’ve found in it, quicker time-to-resolution.
What needs improvement?The biggest thing that could be better is a quicker response to support cases.
What other advice do I have?My advice would be to come up with a game plan to figure out exactly what devices or what system to focus on. Then (once you become familiar with reporting, alerting and tuning) integrate more devices/systems into Accelops.
Mar 16 2016
We like its visibility and flexibility. It allows us to get real-time, accurate, situational awareness of what's going on.
What is most valuable?* Visibility * Flexibility
How has it helped my organization?We're able to get real-timec as well as our customer networks that we're monitoring at all times.
What needs improvement?The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much. I need to be able to understand what my situational awareness is by looking at a simple graph. I've… more »
Which solution did I use previously and why did I switch?We used LogRhythm, and Accelops replaced it.
What other advice do I have?You always have to do your due diligence. I'm pretty sure a lot of the other competition is just as capable, however we deal with aircrafts, which is a different, unique beast. It enables us to understand an aircraft or sat-com network… more »
Mar 16 2016
It can take logs from all my devices agentlessly and correlate data. I'd like to see a more streamlined dashboard.
What is most valuable?The primary valuable feature is that it has replaced a whole lot of other products with one platform. That's a huge win right there. It can take logs from all my devices agentlessly and correlate data. It already has a lot of the advanced… more »
How has it helped my organization?Although we're still in training, we can expect to see and address issues in our network, such as configuration errors that caused latency between disc, storage and server that we weren't aware of before.
What needs improvement?It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there. I'd like to see a better dashboard that pretty. I want to be able to… more »
What other advice do I have?Any of the top SIEM tools like this is going to give you a lot of information and that in itself is the challenge. There's so much information that you need to have at least one person who's dedicated almost full-time to it.
Which other solutions did I evaluate?We knew we needed an SIEM tool, and actually looked at Accelops a year ago. At the time, it just wasn't stable enough and we didn't quite have the funding. Now, we did another review and Accelops came out on top with some improvements and… more »
Feb 18 2016
We like the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation.
What is most valuable?The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation. The logs and search engine are also valuable features.
How has it helped my organization?There are several examples, but the flexibility in reporting and alerting has given us the ability to have numerous teams be alerted for various security situations affecting each team's… more »
What needs improvement?Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome. Additionally, lately there have been releases which have broken… more »
Which solution did I use previously and why did I switch?We were a a Cisco MARS customer and needed to replace the solution once Cisco ceased support.
What other advice do I have?Watch the sizing requirements for the virtual machines and quantities needed to support the environment. Make sure you get sign-off from Accelops on proposed the configuration and load for what’s… more »
Which other solutions did I evaluate?We didn't evaluate other options as this was a direct, suggested replacement to MARS.
Aug 20 2015
It provides intelligent alerting and the out-of-the-box rules don't require much tuning or management overhead.
What is most valuable?* The automation piece -- its ability to dynamically discover which services need to be monitored and to automatically setup the appropriate monitoring. * We also like the intelligence behind the… more »
How has it helped my organization?We outsource a lot of our IT. We are able to monitor performance and security and to perofrm audits to ensure our outsourcing partners are doing what we are pay them for.
What needs improvement?The way that upgrades are handled could be a bit cleaner. That might have been improved in the new version, but where we are, the upgrade process takes the system down for the period of the upgrade… more »
What's my experience with pricing, setup cost, and licensing?The pricing is very, very affordable. For the value you get, I think it’s about the cheapest solution on the market.
Which solution did I use previously and why did I switch?No, this is the first solution like this that we’ve had.
What other advice do I have?I think the biggest thing to understand is that it’s like a Swiss Army knife. You get a lot of tools for a lot of things, but don’t expect it to be a killer app in any one area.
Aug 20 2015
It gives us a greater visibility into potential data/network breach attempts with the monitoring and alerting capabilities.
What is most valuable?* Log correlation * Alerting
How has it helped my organization?AccelOps gives us a greater visibility into potential data/network breach attempts with the monitoring and alerting capabilities.
What needs improvement?Ease-of-use for end users that do not spend every day in the product. Also, the presentation of historical and trending data in dashboards needs to be improved immensely. Something as simple as an RRDtool graphing mechanism on a dashboard would be a huge improvement to the product.
Which solution did I use previously and why did I switch?Solarwinds, we assumed that AccelOps would be an easier product to manage moving forward and it was less expensive.
Aug 03 2015
It helps us identify the origin of a DoS attack, where it came from, how long it lasted, how intense it was, etc. and take the appropriate action.
What is most valuable?The primary thing I use it for is monitoring IPS because we have 12 or 14 Cisco IPS devices, and the Cisco solution for monitoring that many IPS devices is hokey at best… more »
How has it helped my organization?We’ve had some situations where we’ve either gotten hit with a DOS attack or we’ve gotten notification that we’ve been blacklisted because some IP that belongs to us is… more »
What needs improvement?One of the things that actually opened a ticket about (and they couldn’t help me) is when traffic is leaving our network, it’ll only report the source. I would think that… more »
What's my experience with pricing, setup cost, and licensing?The pricing seems fairly standard in terms of the pricing model, so how it compares to other similar products I don’t know. The people I took this to about replacing the… more »
Which solution did I use previously and why did I switch?I inherited a solution that was discontinued by the vendor, and I was charged with finding a replacement.
What other advice do I have?It would be to get as good an estimate as you can of what EPS's you’ll need before you get pricing and so forth. We underestimated what we would need, which is what… more »
Which other solutions did I evaluate?We ran a PoC for Accelops for a trial period, so we didn’t look as much into other products.
Jul 27 2015
Dashboards provide us with the real-time status of our network, including specific alerts and granular monitoring.
What is most valuable?The granular monitoring capabilities. Also, it's very configurable.
How has it helped my organization?It gives greater visibility via the dashboards into the real-time status of the network. Additionally, it also provides specific alerts and performance monitoring.
What needs improvement?Some of the out-of-box dashboards could be more useful, as they’re not configured out-of-box. Some other products we’ve used give a lot more information right out of the box. With Accelops, we didn’t get quite enough useful information at the beginning. Ping monitors (STMs) are highly configurable… more »
What other advice do I have?Just do your research – the product does a lot, but it may be more than you’re looking for. Also, be aware that it requires a lot of time to maintain, set up, and configure.
Jul 22 2015
We've been able to monitor our account-hacking issues internally, including attempted attacks on our network and logins to accounts.
What is most valuable?The security notifications and monitoring features.
How has it helped my organization?With the online-based monitoring we've set up, we've been able to watch trends of attempted attacks on our network. We're also able to monitor our account issues… more »
What needs improvement?As we're an SMB, I would like to see different licensing options and the solution is priced out of the reach of some small businesses. It was a priority for us, though… more »
What's my experience with pricing, setup cost, and licensing?As mentioned above, they need to improve their licensing, but it depends on what industry segment they're going after. Maybe introduce some kind more attractive bundle for… more »
Which solution did I use previously and why did I switch?We used freeware or third party apps (two or three of them), but we liked the consolidation of this product -- one interface, one screen -- to capture what the other… more »
What other advice do I have?Everyone's implementation will be different, so be very focused and deliberate in what you want to monitor, because you can inundate the system.
Which other solutions did I evaluate?We did, but I don't recall which ones.
What is Fortinet FortiSIEM?
FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.
Companies around the world use FortiSIEM for the following use cases:
- Threat management and intelligence that provide situational awareness and anomaly detection
- Alleviating compliance mandate concerns for PCI, HIPAA and SOX
- Managing “alert overload”
- Handling the “too many tools” reporting issue
- Addressing the MSPs/MSSPs pain of meeting service level agreements
Also known asFortiSIEM, AccelOps
Fortinet FortiSIEM customers
FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.