LogRhythm SIEM and Fortinet FortiAnalyzer both compete in the field of security information and event management. Although both have their strengths, LogRhythm's advanced intelligence engines for real-time threat detection and greater forensic tools give it an edge in the features section.
Features: LogRhythm SIEM excels with its real-time threat detection through advanced intelligence engines and AI analysis. It provides effective log aggregation for centralized threat management and compliance reporting, offering extensive customization and valuable dashboards. On the other hand, Fortinet FortiAnalyzer is renowned for customizable and detailed security and traffic reports. Its integration with Fortinet's suite provides visibility into network activities with searchable logs. However, it lacks the in-depth forensic tools available in LogRhythm SIEM.
Room for Improvement: Users feel LogRhythm SIEM could improve the user-friendliness of its reporting functionalities. Enhancements in real-time dashboard creation and integration with third-party platforms are necessary. There's also room to strengthen support for non-Windows platforms and introduce better automatic alerting systems. Fortinet FortiAnalyzer could improve interface design for intuitive navigation and enhance forensic and threat intelligence capabilities. Expanding support for non-Fortinet devices is also suggested.
Ease of Deployment and Customer Service: LogRhythm SIEM offers flexible deployment options across on-premises, public, and hybrid clouds. Its customer service is praised for promptness and knowledgeable support though some desire quicker resolutions and broader initial setup guidance. Fortinet FortiAnalyzer provides versatile deployment across diverse environments, focusing on seamless integration with Fortinet products. Customer service is deemed efficient, but users want more proactive support.
Pricing and ROI: LogRhythm SIEM generally has a higher price point, justified by its comprehensive feature set and capabilities, positively impacting ROI by improving incident response and threat detection. Fortinet FortiAnalyzer, while considered expensive by some, is seen as reasonably priced within the Fortinet ecosystem, offering quick returns due to its effectiveness in managing multiple FortiGate devices, especially for mid-sized businesses.
The impact of the tool is low when the functionalities are inaccessible due to resource consumption.
Fortinet is highly efficient for moderate deployments and provides a secure platform for medium-sized networks and data centers.
I have seen a return on investment with Fortinet FortiAnalyzer due to its competitive pricing and straightforward licensing model based on the amount of log data processed per day.
Customer service and support for Fortinet FortiAnalyzer are quite helpful and responsive.
Technical support is good, and I rate it ten out of ten.
The support service is very slow and incompetent.
The technical support is good; we have a separate portal for partners, and since we are paying for the service, they provide a response timeframe based on severity—critical issues are addressed within four hours, medium issues within one day, and non-urgent issues may take a couple of days.
LogRhythm SIEM is quite complex, but that complexity allows us to specifically tailor a solution to the customer while some others are not as flexible.
Customer support is very helpful and effectively solves my problems.
Fortinet FortiAnalyzer is scalable, especially for the VM versions, as additional space can be provisioned from the servers as needed.
FortiAnalyzer is a scalable product.
It typically handles three to five years of expansion effectively.
LogRhythm SIEM is highly scalable as it has modular components allowing me to expand storage, indexing, or other resources as needed.
LogRhythm SIEM is scalable; it can handle about 200 or 500 devices without much difference.
The scalability of LogRhythm SIEM is good enough, warranting an eight out of ten rating.
We faced some CPU consumption issues, which caused the machine to slow down and required a restart of FortiAnalyzer.
It remains stable during implementation for one or two years.
It provides a reliable solution for managing network-wide data.
The platform needs regular updates to fix problems encountered with each quarterly patch and version release.
LogRhythm SIEM still needs improvement regarding stability, particularly in environments with heavy data consumption.
When licensing, each device is licensed separately, such as the firewall, which can become expensive.
This would help in analyzing various security incidents and events more effectively by delivering a handful of relevant logs instead of thousands.
Enhanced deep inspection features would make troubleshooting easier.
I have noticed some problems with parsing errors, event mismatches, and data mismatching, so ensuring accurate parsing and continuous improvement according to device updates are my basic expectations as a detection engineer.
There is currently no way to determine how much data is being consumed in terms of gigabytes, terabytes, or petabytes from particular devices or environments.
If LogRhythm SIEM could make a lightweight version of their solution, that would be quite competitive because some of my customers have a very large need but refuse to go with LogRhythm SIEM due to its complexity and high resource intensity.
Its licensing model is based on the amount of log data processed per day, making it more cost-effective compared to QRadar, which is EPS and device-based.
In terms of pricing, FortiAnalyzer is not expensive.
In the Indian market, Fortinet's pricing is very competitive, allowing us to win most of our deals.
The license cost is around $10 per MPS.
I find LogRhythm SIEM affordable, as it is a bit less costly than QRadar.
The advanced analytics capabilities aid in threat detection by providing visibility into indicators of compromise.
The most valuable feature of Fortinet FortiAnalyzer is its ability to simplify and display logs clearly, providing details like which IPs are accessing the system, the destination, and the policies applied.
The log management is useful as we have connected around two hundred eighty-five walls and around fifteen to twenty plus firewalls with Fortinet FortiAnalyzer, making it highly beneficial compared to logging into each individual firewall.
The seamless integration for case management, along with a user-friendly dashboard user interface, makes tasks like threat hunting more efficient.
We have enough budget for cloud deployment, but we choose to keep it on-prem to ensure data privacy; cyberattacks are a concern, but data privacy is the foremost priority due to sensitive government information.
This helps SOC analysts significantly as they can monitor all log sources through a dashboard, quickly identifying which sources haven't reported within their specified timeframes.
| Product | Mindshare (%) |
|---|---|
| Fortinet FortiAnalyzer | 1.5% |
| LogRhythm SIEM | 2.8% |
| Other | 95.7% |
| Company Size | Count |
|---|---|
| Small Business | 57 |
| Midsize Enterprise | 22 |
| Large Enterprise | 31 |
| Company Size | Count |
|---|---|
| Small Business | 38 |
| Midsize Enterprise | 39 |
| Large Enterprise | 83 |
Fortinet FortiAnalyzer offers comprehensive report generation and log management to enhance threat analysis and user activity insights. It integrates with Fortinet products for centralized management, featuring robust security and real-time data capabilities.
FortiAnalyzer enables detailed threat analysis and in-depth insights into user activities, integrating seamlessly with Fortinet's suite for centralized network management. Its robust security features, real-time data processing, and customizable dashboards make it efficient for IT environments. Users benefit from predictive analytics, enhancing network visibility and cybersecurity operations. It is known for ease of deployment and a scalable, user-friendly interface. However, there are desires for better third-party integration, enhanced AI capabilities, and improved technical support. Users seek more intuitive documentation and improved cost-efficiency.
What are FortiAnalyzer's Most Important Features?FortiAnalyzer is utilized in diverse industries such as banking, medical organizations, and service providers. It is employed for security diagnostics, network traffic analysis, and incident management. Organizations utilize its capabilities for enhanced visibility, threat detection, and performance monitoring across cloud-based and on-premises setups.
LogRhythm SIEM offers advanced threat intelligence, scalable deployment, and streamlined log management. It enhances security posture with AI-driven threat detection and comprehensive monitoring.
LogRhythm SIEM stands out for its AI-driven threat correlation, ease of log aggregation, and robust reporting. Offering real-time visibility and analytics through consistent navigation and dashboards, it integrates with security components for enhanced monitoring and response. Advanced threat intelligence and customizable alerts streamline processes and bolster security. While it faces challenges with log parsing, reporting, and dashboard intuitiveness, plans to enhance cloud integration and transition to Linux are noted.
What are the standout features?In industries like banking and finance, organizations utilize LogRhythm SIEM for centralized log management, security monitoring, and compliance. It helps detect insider threats, analyze server logs, correlate events, and monitor user behaviors. Appreciated for log ingestion and anomaly identification, it ensures robust cybersecurity and incident response by integrating data from multiple sources.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
