We performed a comparison between Fortinet FortiSIEM and Kentik based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"We have no complaints about the features or functionality."
"The SOAR playbooks are Sentinel's most valuable feature. It gives you a unified toolset for detecting, investigating, and responding to incidents. That's what clearly differentiates Sentinels from its competitors. It's cloud-native, offering end-to-end coverage with more than 120 connectors. All types of data logs can be poured into the system so analysis can happen. That end-to-end visibility gives it the advantage."
"The Log analytics are useful."
"The automation feature is valuable."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"The most valuable feature is the anomaly-reporting alarms."
"We're able to get real-timec as well as our customer networks that we're monitoring at all times."
"Analytics. It can provide log information from the device. With log information, I can see if there is a threat"
"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."
"Fortinet FortiSIEM provides good detection against advanced threats."
"It is used as an alerting platform."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"We're also using Kentik to ingest metrics. It's a useful feature, and its response time, whenever we're pulling back the data, is higher than our on-prem solution."
"In terms of the solution’s real-time visibility across our network infrastructure, I have not been able to find any other monitoring or netflow visualization tool that gives me the kind of information I get from Kentik. If I need to take a deep-dive into something that I see, it's really easy for me to do that. Whereas with most other things, I have to use five or six other tools to get that kind of data, with Kentik, I have it all in one place."
"We're pretty happy with the API functionality. It's web, and it's very simple to set up queries. It has served us well and you don't need to be an expert on the API or the product to set these things up."
"I really love the Data Explorer. I use it all the time to go in and craft exactly what I need to see. I'm able to then take that story and explain it to the executives. I've done that a couple of times and it is helpful."
"The most valuable feature is being able to pull traffic patterns; to and from destinations. We're able to understand where our traffic is going, our top talkers from an AS set, as well as where our traffic's coming from."
"Having the API access allows us to do a great deal of automation around a lot of our reporting and management tools."
"The drill-down into detailed views of network activity helps to quickly pinpoint locations and causes. All the information is there."
"I am able to do a lot of work on the visualization end to create different visualizations and different ways to get information out of it."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"Customer support service could be better."
"Our customers are noticing configuration available in the GUI interface and I think that they should be equal."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"The biggest thing that could be better is a quicker response to support cases."
"The only downside to Kentik, something that I don't like, is that it's great that it shows you where these anomalies lie, but it's not actionable. Kentik is valuable, don't get me wrong, but if it had an actionable piece to it..."
"There is room for improvement around the usability of the API. It's a hugely complex task to call it and you need a lot of backing to be able to do it. I should say, as someone who's not in networking, maybe it's easier for people who are in networking, but for me that one part is not very user-friendly."
"They're moving more in a direction where they are saying, "Hey, here's information that you may be interested in or may a need," before the question has to explicitly be asked. Continuing to move in that direction would be a good thing."
"I consider the pricing model as an area for improvement."
"I've checked out the V4 version of the interface and it's still a little bit clunky for me to use. I still go back to the old interface. That's definitely one that they still need to work on. It doesn't seem like everything that you get in the V3, the older interface, is there. For instance, I was trying to add a user or do the administrative tasks in V4, and I couldn't figure out where I was supposed to do that."
"I believe they're already working on this, but I would love for them to create better integrations from network flow data to application performance — tracing — so that we could overlay that data more readily. With more companies going hybrid, flow logs and flow data, whether it be VPC or on-prem, matched with application performance and trace data, is pretty important."
"We asked for a way, regarding the potential networks that exist, to hook Kentik up with external tools like peering DBs to correlate things together and see what we can do... This is all in the [next] beta now."
"I would like to see them explore the area of cost analysis."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 63 reviews while Kentik is ranked 47th in Network Monitoring Software with 12 reviews. Fortinet FortiSIEM is rated 7.6, while Kentik is rated 9.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Kentik writes " Flexibility for creating reports and gaining more visibility is a definite strength". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas Kentik is most compared with ThousandEyes, Arbor DDoS, NETSCOUT nGeniusONE, SolarWinds NPM and Datadog. See our Fortinet FortiSIEM vs. Kentik report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
