We performed a comparison between Fortinet FortiSIEM and ITRS Geneos based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The UI of Sentinel is very good and easy to use, even for beginners."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The main benefit is the ease of integration."
"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."
"To add workers and even collectors is pretty easy."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"It is used as an alerting platform."
"The product's initial setup phase was easy."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"The solution’s IP database is awesome."
"FortiSIEM is a great tool for making security processes transparent."
"The Netprobe is so lightweight compared to the agents that most monitoring tools use. It's really superior to the competition. The agent that is used by almost every competitive tool takes a lot more system resources. It's slower and it requires a greater effort and more compromises in terms of security to install on the monitored servers. With Geneos, because it lives outside the code, it is far easier and far less taxing on the monitored systems."
"Custom script toolkits"
"The ability to completely tailor and customize what it's monitoring is one of its strongest points. A lot of other monitoring tools are good at certain things, but one of my colleagues described it as the “Swiss Army Knife” of monitoring tools. It can do anything you want."
"The solution's log monitoring and alerting mechanisms are very user-friendly and easy to plug and play."
"Real-time log monitoring with desktop alerts is valuable as it tells us immediately when there is an issue."
"This solution has helped provide relief to existing Level 2 teams, allowing them to focus efforts on in-depth problem analysis."
"It's a very powerful application monitoring tool across the industry. Many free, open-source tools are available. There are also paid tools, but ITRS Geneos is a real-time application monitoring tool where the user can monitor, self-configure, and manage alerts through their console."
"Geneos automatically sends email notifications when any batch job fails, the database is down or the website is down. It is automatically monitoring everything and reduces manual effort."
"We've seen delays in getting the logs from third-party solutions and sometimes Microsoft products as well. It would be helpful if Microsoft created a list of the delays. That would make things more transparent for customers."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Sentinel's reporting is complex and can be more user-friendly."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."
"FortiSIEM could be better integrated with other vendors."
"The stability of the product is an area of concern where improvements are required."
"They should enhance the solution's AI capabilities, including XDR and EDR."
"It would be good if the solution offered even more configuration options, especially in relation to the VPN so that it continues to be a very flexible option."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"The log collection and configuration management are not great."
"One thing that could be improved in terms of rapid scaling would be more ability to clone aspects of an implementation. It seems like there are opportunities in this area, where we have repetitive tasks to do when it comes to implementing things on new servers or on new gateways. It would be great if there was an easy way to clone something that had already been done."
"I would also like to see suggested guidelines to accomplish a monitoring task. The issue is that ITRS is so flexible that there is more than one way to complete a task, each with benefits and disadvantages."
"I would like ITRS Geneos to develop an app, where instead of going to specific login terminals or logging into laptops or desktops to check alerts, we can have visibility in the app itself."
"There is one drawback to using lightweight data collection: we lack the feature of observability based on time series, such as historical model data. This makes it difficult to view data in ITRS. ITRS needs to improve this feature."
"The deployment method for upgrading is a bit tricky. It takes a little bit of manual effort. If that could be a bit more automated, it would help us a lot."
"We all look at the same things - CPU, disk space, paging stats, service status with RAG status on each. That could be provided straight out, saving significant time."
"One area where there is room for improvement is the log file. I would like to be able to do a pre-run on the log files. When you are testing log files for regular expressions, it would be good to be able to do a quick check up front on that side of things before you release that into production."
"It needs to be easier to configure, especially with the JMX plugins."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 65 reviews while ITRS Geneos is ranked 11th in Application Performance Monitoring (APM) and Observability with 57 reviews. Fortinet FortiSIEM is rated 7.6, while ITRS Geneos is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of ITRS Geneos writes "The flexible dashboard sets it apart from competing tools, but it's costly and lacks scalability". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas ITRS Geneos is most compared with Dynatrace, AppDynamics, Grafana, Prometheus and Datadog. See our Fortinet FortiSIEM vs. ITRS Geneos report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
