My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.
My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and government departments to agencies.
Fortinet FortiSIEM is valuable mainly for its features around firewall monitoring, intrusion detection, and authentication. It provides extensive logging and record-keeping for internal networks, cloud applications, and services as well as perimeter physical network security. Compliance management capabilities, although limited, are utilized by mature customers for reporting.
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products. Improving software stability and reducing bugs will make it a better tool for future use. Enhancing the completeness of its APIs could aid in better external integrations.
I have used Fortinet FortiSIEM for three and a half years to nearly four years.
The product has some instability and bugs, which are not service-stopping but may cause unusual errors and user interface issues. I regularly work with Fortinet support to address these issues.
Fortinet FortiSIEM is highly scalable. I would rate its scalability nine out of ten.
The customer support from Fortinet is good. There is a knowledgeable, though small, team of support engineers around the world. I have come to know them all by name.
Positive
From a new user's perspective, setting up Fortinet FortiSIEM could be rated as a five or six out of ten. However, with my four years of experience, I would rate the setup an eight out of ten.
Many of my customers are happy and have provided positive reviews about their experiences. They continue to pay for services and see value in the investment.
As a service, the cost is reasonable and affordable with scalable pricing based on the number of monitored devices. However, setting it up for oneself as an enterprise-licensed product can be quite expensive.
If you want to set it up yourself, seek expert support before starting. If considering a service, contact Fortinet for a recommended service provider in the FortiSIEM space.
I'd rate the solution eight out of ten.
