We compared Fortinet FortiAnalyzer and IBM Security QRadar based on our users' reviews in five categories. We reviewed all of the data, and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. FortiAnalyzer enables users to centrally manage and analyze logs in real time. QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. QRadar can be costly because users need to buy new hardware to upgrade.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. QRadar delivers a high return on investment, improving security through its advanced user behavior analytics.
"This solution offers one view of incident management which has been the most valuable feature."
"It gives you live logs, which can be really helpful during troubleshooting."
"I have found incident management and also identifying new threats, analyzing the network traffic, and finding out the issues with the network traffic such as any security issues to be valuable. I also like the compliance reports."
"The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."
"The most valuable is its robust and comprehensive reporting functionality, providing a thorough overview of various metrics."
"The ability to gather all gateway information and logs in a single location is the most valuable feature."
"The event handling solution in the platform is very good and useful."
"FortiAnalyzer has a robust ability to find a compromised host on your network, and when you identify a compromised host, you can address it."
"We can easily monitor many things using this tool."
"Technical support is good overall."
"The best feature of IBM QRadar is visualization which shows you when there's a spike in the system, and this makes you realize that there's something wrong with the log."
"What we like about QRadar and the models that IBM has, is it can go from a small-to-medium enterprise to a larger organization, and it gives you the same value."
"The rule engine is very easy to use — very flexible."
"The timeline and machine learning features are great."
"We've found the technical support to be very good."
"Blocks of predefined conditions can be used to configure detection rules without having to write complicated script."
"The cost of FortiAnalyzer could be cheaper, especially when you are installing to a VM. For 90 percent of customers, the VM solution is enough."
"Pricing-wise, it not affordable for the normal customer. Most of the people want to see different types of reporting, but FortiAnalyzer's fee is a little bit difficult."
"The solution lacks business intelligence features. It's much too basic."
"The following could be better: operation and maintenance, high-availability architecture, and management link embedded in the transmission link."
"The solution costs too much."
"The setup of the solution can be improved because it is currently complex."
"If Fortinet could introduce some firewalling or maybe FortiAnalyzer on the cloud, that would be interesting because I've never seen it on a cloud."
"We would like to see some improvement on the upgrade process around this solution. There are sometimes communication issues when a new version of the firewall is implemented, and it fails to report back to this product."
"Do your research before implementing it, because it is tough to implement."
"Their technical support is not good. We opened a lot of cases and from my experience, they are not complicated issues but it takes forever to get an answer."
"The whole process for support is something that needs to be improved."
"IBM QRadar User Behavior Analytics could improve machine learning use cases because they are limited and most of the use cases are rule-based. They should develop more use cases, such as in Securonix or Exabeam because they will detect a threat. Using machine learning is mainly on the correlation rules, but if you think about Exabeam or Securonix, they detect using machine learning or machine learning-based algorithms."
"There could be better integration with the solution."
"QRadar needs a lot of fine tuning"
"The weak signal detection with QRadar needs improvement. You can detect what you know, but what is unknown to the rule engine can't be detected."
"In a future release, the solution could provide malware analysis."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 81 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Fortinet FortiAnalyzer is rated 8.0, while IBM Security QRadar is rated 8.0. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Graylog, Grafana Loki and Check Point Security Management, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Exabeam Fusion SIEM. See our Fortinet FortiAnalyzer vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.