Fortinet FortiSIEM vs Zabbix comparison

"It's a very nice solution to work with."

"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."

"Fortinet FortiSIEM provides good detection against advanced threats."

"Both the collecting logs and duo correlation are valuable features for us."

"Fortinet FortiSIEM is less costly than other products and is available 24/7."

"The most valuable features of the solution is its integration with other technologies, especially its ability to collect logs from Cisco and Aruba devices along with Fortinet products."

"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."

"We find the solution to be stable."

"The integration capabilities and APIs are the best part."

"The solution's design has recently changed and it is visually pleasing with more color, for example, there is blue, black, and white."

"The most valuable feature is network traffic monitoring."

"Like other common Linux distributions, some of the most valuable features of this solution are the ease of use and deployment. It's simple and has a lot of packages and a lot of software."

"The product is very stable."

"Its overall flexibility is most valuable. When our customers have some custom applications that are not necessarily covered by the community or a standard monitoring tool, we use Zabbix to build our own modules with our own templates. This feature has been useful in using Zabbix for infrastructure and IT monitoring. It has also been useful for industrial equipment monitoring. Zabbix is very lightweight. It is efficient in terms of performance because it doesn't use a lot of resources."

"Zabbix can use old data to current data to set the threshold. We can use previous data to set the threshold."

"It has good graphs of what is going on within the operating system.​"

"The solution's technical support didn't help our company a lot."

"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."

"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."

"The process of installing Fortinet FortiSIEM and the customization of the alerts take too long."

"There could be improvements like introducing some solutions directly into FortiSIEM to avoid the need for separately purchasing additional tools like FortiStore."

"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."

"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."

"The graphs on the user interface could be improved as we often experience glitches."

"Sometimes, the documentation is a little bit written in Estonia – a country in Europe. The language barrier and translation to English can sometimes make it difficult to understand what they're trying to get at. It's just a language thing."

"Having a more customizable interface and dashboard would be an improvement."

"In terms of user-friendliness, large maps could be more interactive. We should be able to click on some areas and move some objects. It would make it simpler to see things while analyzing some dedicated parameters."

"Its UI needs to be improved a little bit more so that an end-user is also able to handle it. I can handle it, but others should also be able to handle it in a better way. It becomes complex when we are growing and need to add proxies. We need more scalability features and documentation for different use cases. A lot of articles are available, but they need to be in proper documentation. For example, when you have thousands of servers that have to be monitored in different regions of the world, there should be some kind of documentation to describe how you can create proxies and add them. Sometimes, when you are using the database, it can get overloaded. When the network is growing, the number of transactions becomes very high, and the database gets overloaded. There should be information about how to reduce the load on the MySQL database, which is what Zabbix is using. The market is growing a lot, and it should be enhanced for a lot more things. We are currently bringing enhancements at our end for different use cases. For example, when dockerization is going on, how can we check the logs inside the Dockers. We should also be able to monitor and check the number of logins and add features such as SSO login and two-factor authentication as a protocol. These are the security features and concerns that we have to deal with. Currently, we are developing modules to add features to Zabbix, but they should also work on these features."

"The only improvement I would suggest, revolves around its AI and ML capabilities."

"The APM monitoring has room for improvement, although I hear that the new 5.2 version has some improvements in that area, and I'd like to give that a go. I would like to see a few more templates out there for different styles of monitoring. I use the Grafana interface for reporting. I would also like it to have an out-of-the-box ability to email reports. You can create reports, but to be able to email those reports would be really helpful. I've got users who are not interested in logging in and generating a report. They want it all pre-canned and sent to an email address. It would also be really handy if we could pin certain reports up onto platforms such as Teams or SharePoint. A GUI for the proxy server would be cool to have for debugging purposes and for the support teams to have a look at, but I don't know whether that's really feasible to do. I get enough from the log files themselves."

"There's a small module of APM, however, it is not an enhanced version. People usually ask for a full-fledged APM solution."

"Its UI should be improved. They did some improvements in version 5, but it could benefit from some more work. Its integrations should also be improved. They've been active for one year, and they seem to have noticed that. It has new integrations, but it could benefit from more integrations. As far as I know, there is no model to push statistics, metrics, or events towards Zabbix. This type of API isn't yet there, whereas some other tools provide an API for this."

"The tool is really expensive. For what the tool does for our team, the price is fair."

"Pricing is acceptable for more than 90% of our customers, as they normally get discounts."

"There are additional features that cost more than the standard licensing fees."

"The price of Fortinet FortiSIEM was reasonable compared to other solutions."

"Manageable, however would be better as pay as you go versus CapEX."

"We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that."

"Fortinet FortiSIEM is cheaper compared to other products."

"If one is cheap and ten is expensive. I rate the tool's price as an eight out of ten. Compared with Splunk or Oracle, Fortinet is cheap."

"I was using the free, Community Edition."

"The tool's licensing is good."

"We’re using the free version, which covers all our current needs."

"It is free, which allows us to reduce costs."

"We use the open-source version of Zabbix."

"We pay the subscription for support by year."

"It’s free of cost."

"My manager is very happy because it doesn't cost anything."