Fortinet FortiSIEM vs NetWitness Platform comparison

Fortinet and NetWitness are both solutions in the Security Information and Event Management (SIEM) category. Fortinet is ranked #8 with an average rating of 7.8, while NetWitness is ranked #24 with an average rating of 7.8. Fortinet holds a 3.2% mindshare in SIEM, compared to NetWitness’s 0.7% mindshare. Additionally, 82% of Fortinet users are willing to recommend the solution, compared to 74% of NetWitness users who would recommend it.

Fortinet FortiSIEM

Read 72 Fortinet FortiSIEM reviews

5,005 Views
3,335 Comparison Views

82% willing to recommend

NetWitness Platform

Read 36 NetWitness Platform reviews

1,290 Views
831 Comparison Views

74% willing to recommend

Fortinet FortiSIEM

NetWitness Platform

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and Fortinet FortiSIEM are two leading security information and event management solutions. Fortinet FortiSIEM edges out NetWitness Platform in features and consistent performance, while NetWitness is favored for its customer service and ease of deployment.

Features: NetWitness Platform users appreciate its comprehensive threat detection and network monitoring capabilities. It offers advanced analytics, network visibility, and real-time threat detection. Fortinet FortiSIEM users value its extensive device support, integration options, and threat intelligence features. FortiSIEM slightly edges out in features with its broader integration scope and flexible data collection.

Room for Improvement: Users suggest NetWitness Platform could benefit from more intuitive configuration options and enhanced documentation. They also point to the need for better reporting capabilities. For Fortinet FortiSIEM, users recommend improving its scalability and performance optimization. They also note a need for a more streamlined user interface and better customization options.

Ease of Deployment and Customer Service: NetWitness Platform is highlighted for its relatively straightforward deployment process and responsive customer support. Fortinet FortiSIEM users experience a more complex deployment but satisfactory customer service. NetWitness stands out with easier deployment.

Pricing and ROI: Users find NetWitness Platform’s pricing to be higher, but they feel it delivers good ROI with its robust security features. Fortinet FortiSIEM, although more cost-effective upfront, presents a comparable ROI over time due to its extensive feature set. Pricing is a notable differentiator, with FortiSIEM being more budget-friendly.

To learn more, read our detailed Fortinet FortiSIEM vs. NetWitness Platform Report (Updated: October 2024).

Buyer's Guide

Fortinet FortiSIEM vs. NetWitness Platform

October 2024

Download the complete report

Helped 817,354 peers since 2012

Categories and Ranking

Fortinet FortiSIEM

Ranking in Security Information and Event Management (SIEM)

8th

Average Rating

7.6

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

No ranking in other categories

NetWitness Platform

Ranking in Security Information and Event Management (SIEM)

24th

Average Rating

7.4

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

Log Management (23rd)

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.2%, up from 3.3% compared to the previous year. The mindshare of NetWitness Platform is 0.7%, down from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

HamedWasel

Senior Network Security Engineer at Orange

It's cheaper than other solutions with the same features but lacks integration with many third-party vendors

FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors. I would also like to see FortiSIEM add more of the features available in FortiSOAR. You need to buy two separate solutions to get these features, but they should all be available in one product.

Read full review

MdZaman

IT manager at a agriculture with 10,001+ employees

Really scalable for enterprise customers

The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."

"Fortinet FortiSIEM is easy to use."

"We find the solution to be stable."

"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."

"The most valuable features of the solution is its integration with other technologies, especially its ability to collect logs from Cisco and Aruba devices along with Fortinet products."

"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."

"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."

"It's a very nice solution to work with."

More Fortinet FortiSIEM pros

"Offers a good wireless feature."

"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."

"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"

"The solution is really scalable for the high-end power, enterprise customer."

"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."

"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."

"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."

"The product's initial setup phase was not at all difficult."

More NetWitness Platform pros

Cons

"An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS."

"There could be improvements like introducing some solutions directly into FortiSIEM to avoid the need for separately purchasing additional tools like FortiStore."

"The process of installing Fortinet FortiSIEM and the customization of the alerts take too long."

"Does not have load-sharing or high-availability, and these are important things to implement. I can do the same things in another way, but not naturally having these features makes it complicated."

"The solution's interface could be modernized and improved."

"Areas for improvement would be the ease of use and the integration with Fortinet's own products."

"We need to see incident reports about the event log, without events from the administrator or through human interaction."

"FortiSIEM could be better integrated with other vendors."

More Fortinet FortiSIEM cons

"Its technical support could be better."

"It is not so easy to customize this product."

"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."

"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."

"More customizability is required, which is something that they need to improve on."

"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."

"The solution should have more integration capabilities with different platforms."

"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."

More NetWitness Platform cons

Pricing and Cost Advice

"There is a need to make yearly payments towards the licensing charges attached to the product. The free version license of the product is available for two months."

"FortiSIEM's licensing is based on EPS, and its pricing is competitive in the market."

"Fortinet FortiSIEM is not an expensive solution."

"The price of the solution is expensive. The license is scalable. If there are 10 devices it is simple to license."

"Pricing is determined based on the customer's budget."

"The price of Fortinet FortiSIEM was reasonable compared to other solutions."

"This is probably more on the lower cost end of the spectrum compared to competing products. Fortinet's license model is based on events per second, which makes sense, but that's not typical. It makes it very hard to calculate what your costs are going to be as you scale the platform because some log sources, such as firewall logs, are very noisy, and there are lots and lots of events per second, but some of them are not. So, it becomes a bit of a science experiment trying to guess what your costs are going to be as you scale the solution. This is where other competing products perhaps have a more straightforward license model."

"We pay for a license for FortiSIEM. We pay for the license and renewal."

More Fortinet FortiSIEM pricing and cost advice

"It is cheap."

"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."

"The licenses are good but the cost is very expensive."

"Our license is for one year."

"It’s cheaper to run virtual machines in a VMware environment."

"The NetWitness Platform may be affordable only for enterprise-level customers, as it may not be within the budget of small and medium-sized businesses."

"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."

"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."

More NetWitness Platform pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

817,354 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

Government

Manufacturing Company

Financial Services Firm

19%

Computer Software Company

16%

Government

Insurance Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Fortinet FortiSIEM?

Fortinet FortiSIEM needs to provide better API integrations to users.

See all answers

What is your experience regarding pricing and costs for Fortinet FortiSIEM?

The pricing of FortiSIEM is moderate; it is neither very costly nor very cheap.

See all answers

What needs improvement with Fortinet FortiSIEM?

There could be improvements like introducing some solutions directly into FortiSIEM to avoid the need for separately purchasing additional tools like FortiStore.

See all answers

What do you like most about NetWitness Platform?

The product's initial setup phase was not at all difficult.

See all answers

What is your experience regarding pricing and costs for NetWitness Platform?

The product price was reasonable for my region and the market.

See all answers

What needs improvement with NetWitness Platform?

From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log correlation. The tool needs to have easier integrations with the cloud. Building...

See all answers

Comparisons

IBM Security QRadar vs Fortinet FortiSIEM

Compared 13% of the time

Wazuh vs Fortinet FortiSIEM

Compared 12% of the time

Splunk Enterprise Security vs Fortinet FortiSIEM

Compared 10% of the time

Microsoft Sentinel vs Fortinet FortiSIEM

Compared 8% of the time

ThousandEyes vs Fortinet FortiSIEM

Compared 7% of the time

More Fortinet FortiSIEM Competitors

Splunk Enterprise Security vs NetWitness Platform

Compared 37% of the time

IBM Security QRadar vs NetWitness Platform

Compared 14% of the time

RSA enVision vs NetWitness Platform

Compared 12% of the time

Cisco Secure Network Analytics vs NetWitness Platform

Compared 11% of the time

Microsoft Sentinel vs NetWitness Platform

Compared 11% of the time

More NetWitness Platform Competitors

Product Reports

Buyer's Guide

Fortinet FortiSIEM

November 2024

Download Fortinet FortiSIEM product report

Buyer's Guide

NetWitness Platform

November 2024

Download NetWitness Platform product report

Also Known As

FortiSIEM, AccelOps

RSA Security Analytics

Learn More

Fortinet

Video not available

NetWitness

Overview

FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

Companies around the world use FortiSIEM for the following use cases:

Threat management and intelligence that provide situational awareness and anomaly detection
Alleviating compliance mandate concerns for PCI, HIPAA and SOX
Managing “alert overload”
Handling the “too many tools” reporting issue
Addressing the MSPs/MSSPs pain of meeting service level agreements

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.

Los Angeles World Airports, Reply

Buyer's Guide

Fortinet FortiSIEM vs. NetWitness Platform

October 2024

Free Report: Fortinet FortiSIEM vs. NetWitness Platform

Find out what your peers are saying about Fortinet FortiSIEM vs. NetWitness Platform and other solutions. Updated: October 2024.

DOWNLOAD NOW

817,354 professionals have used our research since 2012.

See our Fortinet FortiSIEM vs. NetWitness Platform report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.