Fortinet FortiSIEM vs Zabbix comparison

"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."

"Some of our customers who use this solution have seen improvement in their connection with load balancing on both connections."

"One of the most valuable features is that we can combine SOC and NOC operations in the same tool. We can provide NOC and SOC services in the same tool for two separate teams. There are plenty of third-party solutions that integrate with FortiSIEM. All these solutions already have a ready integration, and we have the possibility to create a custom connector for these solutions. Its reports are also very good."

"FortiSIEM allows you to match IPs with threat intelligence feeds from sources like Kaspersky or Anomali, adding valuable context."

"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."

"The most valuable feature is the anomaly-reporting alarms."

"The Threat Hunting feature provides complete traffic analysis."

"It works well with medium to large-scale enterprises."

"The features I found most valuable are the user interface and a wide range of network devices that are easy to configure."

"The solution is open-source, easy to manage, and user-friendly making it easy for anyone to use."

"Zabbix is scalable."

"The flexible licensing model is one of the solution's most valuable aspects. It really allows for great flexibility for companies."

"We use it to monitor and manage our servers."

"We detect problems before the customer does and before it actually happens using the predictive functions in Zabbix."

"It not only provides the preconfigured item monitoring feature, but it is also easy to configure custom items."

"Every new asset placed in the environment can be automatically detected, predicting human failures."

"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."

"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."

"The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products."

"Improvements include making it easier for users to create their normalizers. Fortinet FortiSIEM uses XML for normalizing and parsing, which can be tedious and time-consuming. A simpler way of using regex could be helpful."

"The stability of the product is an area of concern where improvements are required."

"The policy editing should be easier. Right now, it's too hard."

"We expect the latest patch from Fortinet FortiSIEM to give the ability to work with signature files."

"FortiSIEM is a bit resource-hungry, so work should be done on hardware resource utilization to consume less hardware."

"The reports are not great and should be improved."

"The graphical user interface could be customized a little bit more, and also the dashboard could be more friendly."

"The product could be more secure and more stable."

"The server monitoring could be better."

"The solution needs to add features for finding loopholes or problems and their root causes."

"Its UI needs to be improved a little bit more so that an end-user is also able to handle it. I can handle it, but others should also be able to handle it in a better way. It becomes complex when we are growing and need to add proxies. We need more scalability features and documentation for different use cases. A lot of articles are available, but they need to be in proper documentation. For example, when you have thousands of servers that have to be monitored in different regions of the world, there should be some kind of documentation to describe how you can create proxies and add them. Sometimes, when you are using the database, it can get overloaded. When the network is growing, the number of transactions becomes very high, and the database gets overloaded. There should be information about how to reduce the load on the MySQL database, which is what Zabbix is using. The market is growing a lot, and it should be enhanced for a lot more things. We are currently bringing enhancements at our end for different use cases. For example, when dockerization is going on, how can we check the logs inside the Dockers. We should also be able to monitor and check the number of logins and add features such as SSO login and two-factor authentication as a protocol. These are the security features and concerns that we have to deal with. Currently, we are developing modules to add features to Zabbix, but they should also work on these features."

"Zabbix technical support is sold separately."

"It could be more stable."

"FortiSIEM's licensing is based on EPS, and its pricing is competitive in the market."

"The price of Fortinet FortiSIEM is a lot less when compared to other solutions."

"They have a yearly subscription."

"The tool is really expensive. For what the tool does for our team, the price is fair."

"Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."

"The price of the solution is expensive. The license is scalable. If there are 10 devices it is simple to license."

"There are additional features that cost more than the standard licensing fees."

"The solution is available for both, perpetual and subscription licenses."

"We purchased Zabbix for a good price, including support"

"The product is an open source and free solution."

"I use the tool's free version."

"We’re using the free version, which covers all our current needs."

"We were searching for an open source solution and Zabbix fit the bill because it is free and open source under the GPL license."

"It is a true open-source solution, so there are no licensing costs."

"I was using the free, Community Edition."

"Zabbix is open-source so if one wishes to implement it in-house, they must have qualified professionals to set up and optimize databases, Linux/Unix OS, PHP, Apache, and depending on what is monitored, a full-stack network and systems administrator may be needed."