We performed a comparison between Fortinet FortiSIEM and Zabbix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The machine learning and artificial intelligence on offer are great."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The features that stand out are the detection engine and its integration with multiple data sources."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"It's a very nice solution to work with."
"The solution’s IP database is awesome."
"The seamless integration with FortiGate is the solution's most valuable aspect."
"It's very easy for anyone to work with."
"The solution is easy to use and user-friendly."
"Easy alert setup which enables different alerts in different categories."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."
"The flexibility of this solution is amazing."
"The most valuable feature is the alert and alarm monitoring."
"Health and communication links availability."
"The solution is quite mature and very stable."
"Templates are good. We download them from the official Zabbix site or the community. If the information we need isn't available, we create custom templates based on client requirements."
"The performance and bandwidth are valuable features."
"There is less computing power needed for scaling."
"Every new asset placed in the environment can be automatically detected, predicting human failures."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Sentinel could improve its ticketing and management. A few customers I have worked with liked to take the data created in Sentinel. You can make some basic efforts around that, but the customers wanted to push it to a third-party system so they could set up a proper ticketing management system, like ServiceNow, Jira, etc."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."
"The stability of the product is an area of concern where improvements are required."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate."
"The log collection and configuration management are not great."
"I would like to see easier implementation in the future."
"The process of installing Fortinet FortiSIEM and the customization of the alerts take too long."
"In terms of user-friendliness, large maps could be more interactive. We should be able to click on some areas and move some objects. It would make it simpler to see things while analyzing some dedicated parameters."
"There are areas of improvement. The database grows really fast. So, when you install Zabbix, you have to deal with some issues, like the database. We become pretty big very fast."
"The reports are not great and should be improved."
"When we have a problem, we have to do a lot of research to solve it."
"Zabbix does not draw automatic mapping of the network, this is something they should add in the future. There is a lot of effort that is involved in tailoring some of the settings which could be made easier."
"An area for improvement would be the ease of doing aggregation from the value or different devices."
"The user web interface is a little bit too basic, we need to link Zabbix to Grafana to have more options, such as graphs and charts. The interface needs to be improved. Additionally, there could be better integration with Grafana API."
"The main problem with Zabbix is that you have to spend time writing templates for all of the products that you have."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while Zabbix is ranked 1st in Network Monitoring Software with 101 reviews. Fortinet FortiSIEM is rated 7.6, while Zabbix is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and AlienVault OSSIM, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios Core and Nagios XI. See our Fortinet FortiSIEM vs. Zabbix report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.