We performed a comparison between Fortinet FortiSIEM and vRealize Network Insight based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet FortiSIEM needs to provide better API integrations to users."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."
"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."
"It is used as an alerting platform."
"The event correlation is pretty robust. The GUI is pretty good."
"The most valuable feature is the profiling of the applications for micro-segmentation... It has made the migration to NSX much easier. Most of the sys admins within the smaller silos, they have no idea what ports are needed to run their stuff at all. I am pretty sure the micro-segmentation would never, ever have occurred without it."
"As a troubleshooting tool, it's a level-3 troubleshooting-skills tool and it's very easy to use and very easy to find the information that you need."
"vRNI can trace the flow of each and every packet and it is easy for us to troubleshoot all the issues that we do have with the networking. We can trace down the packet to a point where it has been dropped."
"It's very user-friendly in the sense that the querying is just regular language like you and I speak or write. You don't need to know any SQL-query type of language to be able to get what you want out of it."
"It has enabled us to set up and do application discovery, as far as network traffic is concerned, and set up the appropriate rules that we need to make sure we're compliant with our security frameworks."
"It has really tightened down the security. That was something that we were lacking. It has also given us deep visibility into our network. We can really get down and see all of the traffic within the data center, between the VMs, between the applications, database servers, other application servers, web servers. We can identify everything that is communicating, and we can see it all on one product."
"It allows you to see traffic that you couldn't otherwise see, which is traffic within your Layer 3-bounded network, meaning east-west traffic. It's hard to get that any other way."
"It is user-friendly. It's pretty simple to deploy and to run. It gives you pretty easy-to-understand reports, very graphically intense, so you can visualize what's going on in your network."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."
"Areas for improvement would be the ease of use and the integration with Fortinet's own products."
"Our customers are noticing configuration available in the GUI interface and I think that they should be equal."
"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"The biggest thing that could be better is a quicker response to support cases."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"When we talk about those micro-segmentation rules, there's an Export function. It is very macro-segmentation oriented instead. So if you choose an application, it will find the tiers within that application and say that it's communicating on, say, port 80 to a separate VLAN. There might be 200 machines in that other VLAN. You don't want to open port 80 at all of them. So we need a lot more granularity in those suggested firewall rules."
"I want to be able to monitor a network flow that is approximately two weeks back, but I haven't found an easy way to do this."
"If it were more application-aware, more descriptive; if it were able to determine the application that is actually doing the communication, that would be easier. More application information: which user or account it's accessing, is it accessing this application, doing these calls, if it is accessing a script, what script is it accessing. Things like that would provide deeper analytics so I can track what's going on. It would not just be, "These people shouldn't be talking," but who is actually doing these calls."
"It needs to be a little easier to use and to understand the information it's putting out. That would make it more helpful. If you're not a network person you need to understand things like network policies and concepts. If you gave it to a regular admin, it would be nice if it were easier for them to pick up what is going on, understand the flows and whether or not stuff should be talking to each other, as opposed to just port groups and IP addresses."
"The only reason I would not give it a nine or a 10 is for cost reasons. It seems to be one of those things that really belongs as part of the product inherently and not as an add-on. That would be my only concern."
"vRNI needs more remediation where it hooks into NSX."
"The product is slightly complex use, while still being user-friendly. It could use more training modules, as it is not a straightforward product."
"There's enough information there, especially in the visualizations, but I would love to see this in a kiosk mode, where I could have a dashboard for interested stakeholders to see and appreciate what's going on. Then, moving on to a more practical level for our Help Desk, our operations team could benefit by seeing, in real-time, a visual view of the network."
Fortinet FortiSIEM is ranked 10th in Security Information and Event Management (SIEM) with 65 reviews while vRealize Network Insight is ranked 23rd in IT Infrastructure Monitoring with 44 reviews. Fortinet FortiSIEM is rated 7.6, while vRealize Network Insight is rated 8.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of vRealize Network Insight writes "Provides deep analytical insights and makes migrations efficient with dependency mapping". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, Microsoft Sentinel and LogRhythm SIEM, whereas vRealize Network Insight is most compared with ThousandEyes, NETSCOUT vSTREAM, AppNeta by Broadcom, Zabbix and SolarWinds NPM. See our Fortinet FortiSIEM vs. vRealize Network Insight report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.