Fortinet FortiAnalyzer and Wazuh compete in the network security and analytics category. FortiAnalyzer appears to have the upper hand due to its detailed integration with Fortinet environments and comprehensive reporting features.
Features: Fortinet FortiAnalyzer excels with detailed network analytics, comprehensive reporting, and real-time logs for FortiGate management. It provides centralized visibility into user activity and security threats. Wazuh offers open-source integrations for SIEM, compliance monitoring, and vulnerability assessment, appealing to diverse environments but lacking Fortinet's proprietary integration depth.
Room for Improvement: Fortinet FortiAnalyzer could improve in user experience for new users, online analysis, and multi-vendor log processing. There are also concerns about interoperability and cloud integration costs. Wazuh faces scalability challenges, documentation for custom integrations, and reporting mechanisms. Enhancements in native threat intelligence and AI capabilities are noted as needed.
Ease of Deployment and Customer Service: Fortinet FortiAnalyzer is straightforward to deploy across various environments, though customer service feedback is mixed, with slow technical support mentioned. Wazuh is praised for its flexibility in deployment, accommodating on-premises and cloud models, but relies on community support, which varies in responsiveness.
Pricing and ROI: Fortinet FortiAnalyzer is potentially high-cost but offers significant value for Fortinet-heavy environments through deep integration and threat handling capabilities. Wazuh provides substantial cost benefits with no licensing fees, making it attractive for budget-sensitive organizations, though infrastructure and support costs are considerations.
The impact of the tool is low when the functionalities are inaccessible due to resource consumption.
Fortinet is highly efficient for moderate deployments and provides a secure platform for medium-sized networks and data centers.
I have seen a return on investment with Fortinet FortiAnalyzer due to its competitive pricing and straightforward licensing model based on the amount of log data processed per day.
Customer service and support for Fortinet FortiAnalyzer are quite helpful and responsive.
Technical support is good, and I rate it ten out of ten.
The support service is very slow and incompetent.
We use the open-source version of Wazuh, which does not provide paid support.
The documentation is good and provides clear instructions, though it's targeted at those with technical backgrounds.
There is no dedicated technical support for Wazuh as it is open source.
Fortinet FortiAnalyzer is scalable, especially for the VM versions, as additional space can be provisioned from the servers as needed.
FortiAnalyzer is a scalable product.
It typically handles three to five years of expansion effectively.
It can accommodate thousands of endpoints on one instance, and multiple instances can run for different clients.
Scalability depends on the configuration and the infrastructure resources like compute and memory we allocate.
We faced some CPU consumption issues, which caused the machine to slow down and required a restart of FortiAnalyzer.
It remains stable during implementation for one or two years.
It provides a reliable solution for managing network-wide data.
The stability of Wazuh is strong, with no issues stemming from the solution itself.
The stability of Wazuh is largely dependent on maintenance.
When licensing, each device is licensed separately, such as the firewall, which can become expensive.
This would help in analyzing various security incidents and events more effectively by delivering a handful of relevant logs instead of thousands.
Enhanced deep inspection features would make troubleshooting easier.
The integration modules are insufficiently developed, necessitating the creation of custom integration solutions using tools like Logstash and PubSub.
An issue I noticed is with tag values in certain rules not functioning properly.
There is room for improvement by integrating more AI into Wazuh.
Its licensing model is based on the amount of log data processed per day, making it more cost-effective compared to QRadar, which is EPS and device-based.
In terms of pricing, FortiAnalyzer is not expensive.
In the Indian market, Fortinet's pricing is very competitive, allowing us to win most of our deals.
Totaling around two lakh Indian rupees per month.
Since Wazuh is open source, the pricing for support could be applicable to medium-sized companies without much issue.
The advanced analytics capabilities aid in threat detection by providing visibility into indicators of compromise.
The most valuable feature of Fortinet FortiAnalyzer is its ability to simplify and display logs clearly, providing details like which IPs are accessing the system, the destination, and the policies applied.
The log management is useful as we have connected around two hundred eighty-five walls and around fifteen to twenty plus firewalls with Fortinet FortiAnalyzer, making it highly beneficial compared to logging into each individual firewall.
Wazuh is a SIEM tool that is highly customizable and versatile.
We found the MITRE framework mapping and the agent enrollment service to be the most valuable features of Wazuh.
Wazuh's most valuable features include file monitoring and compliance reporting, which do not require excessive costs.
Fortinet FortiAnalyzer is a powerful platform used for log management, analytics, and reporting. The solution is designed to provide organizations with automation, single-pane orchestration, and response for simplified security operations, as well as proactive identification and remediation of risks and complete visibility of the entire attack surface.
Fortinet FortiAnalyzer Features
Fortinet FortiAnalyzer has many valuable key features. Some of the most useful ones include:
Fortinet FortiAnalyzer Benefits
There are many l benefits to implementing Fortinet FortiAnalyzer. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Below are some reviews and helpful feedback written by PeerSpot users currently using the Fortinet FortiAnalyzer solution.
PeerSpot user Imad A., Group IT Manager at a manufacturing company, says, “You can monitor all appliances from a centralized location. You have a front dashboard for all our operations and all the logs. If you need to search for anything you can just dig deep into the logs. The solution offers excellent customizable reports. In our case, we needed a monthly report of all internet consumption, and we were able to easily create this.” He goes on to add, “There are pre-defined templates. The logs cover any question or need that we populate within these templates. However, you can also build your own template. There is great analytics that can be used in different departments. For example, our marketing department can go more into media patterns and not just into browsing patterns. Everything is easily visible and can be tracked and studied.”
Luis G., Systems Architect at Zentius, mentions, “Log collection is the most valuable [feature]. The UI looks great. It has a very good look and feel. We don't have the need to use solid state drives. We use mechanic drives, and we don't see any performance issues, so basically, it is doing fine.”
Rupsan S., Technical Presales Engineer at Dristi Tech Pvt.ltd., comments, "The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."
Dilip S., Regional Head at Mass Infonet (P) Ltd., explains, “With FortiAnalyzer, you can see what the user is doing and what sites he goes to. You can also see how much quota there is and how much (size-wise) you want to hit, as well as what the incoming or outbound traffic is, and if it is through the ISP or not. Basically, you can see absolutely all activity using FortiAnalyzer. The solution is very complete. The product is very simple to use. It's regularly updated with many versions constantly adding more content and information. The solution has sandboxing, IPS, and DPS as well. The solution allows for a lot of customization.”
Wazuh is an enterprise-ready platform used for security monitoring. It is a free and open-source platform that is used for threat detection, incident response and compliance, and integrity monitoring. Wazuh is capable of protecting workloads across virtualized, on-premises, containerized, and cloud-based environments.
It consists of an endpoint security agent and a management server. Additionally, Wazuh is fully integrated with the Elastic Stack, allowing users the ability to navigate through security alerts via a data visualization tool.
Wazuh Capabilities
Some of Wazuh’s most notable capabilities include:
Wazuh Benefits
Some of the most valued benefits of Wazuh include:
Wazuh Offers
Reviews From Real Users
"It's very easy to integrate Wazuh with other environments, cloud applications, and on-prem applications. So, the advantage is that it's easy to implement and integrate with other solutions." - Robert C., IT Security Consultant at Microlan Kenya Limited
“The MITRE ATT&CK correlation is most valuable.” - Chief Information Security Officer at a financial services firm
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
