Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSIEM vs NetWitness Platform comparison

Fortinet and NetWitness are both solutions in the Security Information and Event Management (SIEM) category. Fortinet is ranked #7 with an average rating of 8.2, while NetWitness is ranked #31 with an average rating of 8.3. Fortinet holds a 2.8% mindshare in SIEM, compared to NetWitness’s 0.8% mindshare. Additionally, 83% of Fortinet users are willing to recommend the solution, compared to 75% of NetWitness users who would recommend it.
Fortinet FortiSIEM
Read 76 Fortinet FortiSIEM reviews
  • 5,718 Views
  • 4,231 Comparison Views
83% willing to recommend
NetWitness Platform
Read 36 NetWitness Platform reviews
  • 1,929 Views
  • 1,196 Comparison Views
75% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and Fortinet FortiSIEM are two leading security information and event management solutions. Fortinet FortiSIEM edges out NetWitness Platform in features and consistent performance, while NetWitness is favored for its customer service and ease of deployment.

Features: NetWitness Platform users appreciate its comprehensive threat detection and network monitoring capabilities. It offers advanced analytics, network visibility, and real-time threat detection. Fortinet FortiSIEM users value its extensive device support, integration options, and threat intelligence features. FortiSIEM slightly edges out in features with its broader integration scope and flexible data collection.

Room for Improvement: Users suggest NetWitness Platform could benefit from more intuitive configuration options and enhanced documentation. They also point to the need for better reporting capabilities. For Fortinet FortiSIEM, users recommend improving its scalability and performance optimization. They also note a need for a more streamlined user interface and better customization options.

Ease of Deployment and Customer Service: NetWitness Platform is highlighted for its relatively straightforward deployment process and responsive customer support. Fortinet FortiSIEM users experience a more complex deployment but satisfactory customer service. NetWitness stands out with easier deployment.

Pricing and ROI: Users find NetWitness Platform’s pricing to be higher, but they feel it delivers good ROI with its robust security features. Fortinet FortiSIEM, although more cost-effective upfront, presents a comparable ROI over time due to its extensive feature set. Pricing is a notable differentiator, with FortiSIEM being more budget-friendly.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Fortinet FortiSIEM vs. NetWitness Platform Report (Updated: December 2025).
Buyer's Guide
Fortinet FortiSIEM vs. NetWitness Platform
December 2025
Download the complete report
Helped 879,927 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
7.6
Reviews Sentiment
6.2
Number of Reviews
76
Ranking in other categories
AI Observability (5th)
NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
31st
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
Log Management (34th)
 

Mindshare comparison

As of January 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 2.8%, down from 3.0% compared to the previous year. The mindshare of NetWitness Platform is 0.8%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Market Share Distribution
ProductMarket Share (%)
Fortinet FortiSIEM2.8%
NetWitness Platform0.8%
Other96.4%
Security Information and Event Management (SIEM)
 

Featured Reviews

SY
SaurabhYadav5
Network Engineer at Ogma Consulting
Comprehensive monitoring boosts security, yet incident management features need expansion
Fortinet FortiSIEM should broaden its remediation part to include more features for incident management. Currently, to manage repetitive incidents or for remediation, I need to use a separate software called FortiSOAR. Additionally, the search functionality in FortiAI should be improved to provide more precise results, making it easier for me to understand what actions need to be taken.
Read full review
MOTASHIM Al Razi - PeerSpot reviewer
MOTASHIM Al Razi
CISO at One Bank Limited
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."
"FortiSIEM allows you to match IPs with threat intelligence feeds from sources like Kaspersky or Anomali, adding valuable context."
"Both the collecting logs and duo correlation are valuable features for us."
"We find the solution to be stable."
"We have many application systems, and I can set up Fortinet FortiSIEM for users to monitor their systems."
"AccelOps can handle a lot of data and it's just so important to true monitoring. Also, I can create a lot of rules to detect anything I like."
"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely."
More Fortinet FortiSIEM pros
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"Their technical support responds quickly and are knowledgable."
"NetWitness can be highly beneficial for incident detection and response."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The software is scalable to whatever is required, and you can also put a lot of resources in the cloud."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"It's quite economical compared to other solutions in the market."
More NetWitness Platform pros
 

Cons

"The tool's technical team's response time is too high, and they are not available even when they know that there are many pending issues."
"The log collection and configuration management are not great."
"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."
"FortiSIEM could be better integrated with other vendors."
"The backup and recovery process for this solution needs improvement."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"Not very good on non-API features, lacks that functionality."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
More Fortinet FortiSIEM cons
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"The implementation needs assistance."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"Technical support could be improved."
"More customizability is required, which is something that they need to improve on."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
More NetWitness Platform cons
 

Pricing and Cost Advice

"This is probably more on the lower cost end of the spectrum compared to competing products. Fortinet's license model is based on events per second, which makes sense, but that's not typical. It makes it very hard to calculate what your costs are going to be as you scale the platform because some log sources, such as firewall logs, are very noisy, and there are lots and lots of events per second, but some of them are not. So, it becomes a bit of a science experiment trying to guess what your costs are going to be as you scale the solution. This is where other competing products perhaps have a more straightforward license model."
"We pay for a license for FortiSIEM. We pay for the license and renewal."
"Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."
"If one is cheap and ten is expensive. I rate the tool's price as an eight out of ten. Compared with Splunk or Oracle, Fortinet is cheap."
"Pricing is acceptable for more than 90% of our customers, as they normally get discounts."
"Fortinet FortiSIEM is not an expensive solution."
"Manageable, however would be better as pay as you go versus CapEX."
"Pricing is determined based on the customer's budget."
More Fortinet FortiSIEM pricing and cost advice
"It’s cheaper to run virtual machines in a VMware environment."
"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."
"The product price was reasonable for my region and the market."
"We are on an annual license for the use of the solution."
"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"RSA NetWitness Logs and Packets do not have a subscription model, it's a one-time purchase. There is only a perpetual license."
"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."
More NetWitness Platform pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
879,927 professionals have used our research since 2012.
 

Comparison Review

VS
Vinod Shankar
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
9%
Comms Service Provider
8%
Government
7%
Financial Services Firm
12%
Computer Software Company
10%
Performing Arts
9%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business34
Midsize Enterprise22
Large Enterprise24
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise7
Large Enterprise20
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
See all answers
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
My experience with pricing, setup cost, and licensing for Fortinet FortiSIEM is wonderful, as it offers an excellent license compared to other vendors.
See all answers
What needs improvement with Fortinet FortiSIEM?
Fortinet FortiSIEM is great overall. Performance could be enhanced, but I do not wish to elaborate on needed improvements.
See all answers
What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
 

Comparisons

IBM Security QRadar vs Fortinet FortiSIEM Logo
IBM Security QRadar vs Fortinet FortiSIEM
Compared 9% of the time
Splunk Enterprise Security vs Fortinet FortiSIEM Logo
Splunk Enterprise Security vs Fortinet FortiSIEM
Compared 9% of the time
Wazuh vs Fortinet FortiSIEM Logo
Wazuh vs Fortinet FortiSIEM
Compared 7% of the time
ManageEngine Log360 vs Fortinet FortiSIEM Logo
ManageEngine Log360 vs Fortinet FortiSIEM
Compared 6% of the time
LogRhythm SIEM vs Fortinet FortiSIEM Logo
LogRhythm SIEM vs Fortinet FortiSIEM
Compared 5% of the time
More Fortinet FortiSIEM Competitors
IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 13% of the time
Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 10% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 7% of the time
Trellix Network Detection and Response vs NetWitness Platform Logo
Trellix Network Detection and Response vs NetWitness Platform
Compared 6% of the time
Securonix Next-Gen SIEM vs NetWitness Platform Logo
Securonix Next-Gen SIEM vs NetWitness Platform
Compared 4% of the time
More NetWitness Platform Competitors
 

Product Reports

Buyer's Guide
Fortinet FortiSIEM
January 2026
Fortinet FortiSIEM reportDownload Fortinet FortiSIEM product report
Buyer's Guide
NetWitness Platform
December 2025
NetWitness Platform reportDownload NetWitness Platform product report
 

Also Known As

FortiSIEM, AccelOps
RSA Security Analytics
 

Overview

FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

Companies around the world use FortiSIEM for the following use cases:

  • Threat management and intelligence that provide situational awareness and anomaly detection
  • Alleviating compliance mandate concerns for PCI, HIPAA and SOX
  • Managing “alert overload”
  • Handling the “too many tools” reporting issue
  • Addressing the MSPs/MSSPs pain of meeting service level agreements
Fortinet

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness
 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Los Angeles World Airports, Reply
Buyer's Guide
Fortinet FortiSIEM vs. NetWitness Platform
December 2025
Free Report: Fortinet FortiSIEM vs. NetWitness Platform
Find out what your peers are saying about Fortinet FortiSIEM vs. NetWitness Platform and other solutions. Updated: December 2025.
DOWNLOAD NOW
879,927 professionals have used our research since 2012.
See our Fortinet FortiSIEM vs. NetWitness Platform report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.