Fortinet FortiSIEM vs LogRhythm SIEM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 20, 2023
 

Categories and Ranking

Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
10th
Average Rating
7.6
Number of Reviews
65
Ranking in other categories
No ranking in other categories
LogRhythm SIEM
Ranking in Security Information and Event Management (SIEM)
6th
Average Rating
8.4
Number of Reviews
167
Ranking in other categories
Log Management (8th)
 

Mindshare comparison

As of June 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 4.0%, up from 3.6% compared to the previous year. The mindshare of LogRhythm SIEM is 5.0%, down from 6.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
Unique Categories:
No other categories found
Log Management
5.4%
 

Featured Reviews

SY
Jul 4, 2022
Simple implementation, good performance, but scalability lacking
I am using Fortinet FortiSIEM to correlate events in our enterprise Fortinet FortiSIEM has helped our organization by providing us with business monitoring. The most valuable feature of Fortinet FortiSIEM is the correlation of many events. Fortinet FortiSIEM could improve to extend to several…
SR
Feb 13, 2024
The product prioritizes alerts and provides good log analysis and rule management features
The initial setup is not easy. It requires technical skills. I rate the ease of setup a six or seven out of ten. The solution is cloud-based. Our environment is very complex. The deployment takes three to four months. We have to install agents. We have multiple locations with multiple data centers and a multi-cloud presence. The setup must be done with a lot of variations. We use Puppet for Windows deployment. The Linux deployment needs forwarders. We have multiple tiers, endpoints, and collectors. We must set up multiple things. Each aspect has its own set of rules and limitations. We cannot do everything in one go. We must scale it up gradually.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"To add workers and even collectors is pretty easy."
"I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports."
"The CMDB and the device discovery features are most valuable."
"The stability is very reliable. It offers very good performance."
"The Threat Hunting feature provides complete traffic analysis."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."
"Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same."
"The artificial intelligence engine."
"What I found most valuable in LogRhythm NextGen SIEM is that it's user-friendly. I also like its dashboard, which shows all the logs and information I want to see."
"It's positively affected our overall rate of efficiency."
"Technical support is very helpful and responsive."
"Automations are very valuable. It provides the ability to automate some of our small use cases. The ability to integrate with other products that use an API is also very useful. LogRhythm has a plugin for it that we can connect and start to move down towards the path of a single pane of glass instead of having multiple or different tools."
"The AI Engine can take an event and correlate it into something else giving us meaningful context regarding what is going on. We integrated it in with our ticketing system, so if an alarm fires, it raises a ticket in our system."
"Technical support has always been helpful."
"LogRhythm's GUI is easy to explore. We also like other features, such as its integration with other security solutions, log correlation, and the deployment of use cases."
 

Cons

"Its training can be improved. Its price also needs to be improved."
"The log collection and configuration management are not great."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"The graphs on the user interface could be improved as we often experience glitches."
"Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information."
"Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire."
"The dashboard needs to improve."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"One thing we have mentioned to them before is that we'd like to be able to do searches, or drill-downs, directly from an alarm. When you click it and the Inspector tab slides out, that might be a good place to be able to click the host to search for the last 24 hours. I know the search is right there but it would be even nicer to just click that and then have an option to search something there."
"I would like a more fuller implementation of STIX/TAXII so I can pull in some of the government lists without having to go implement a whole new STIX/TAXII platform."
"The log storage capacity should be increased."
"I would like it to do a lot of the automation (which I still need to learn more about), because I am essentially a one man shop doing all the jobs. I'd like for it to be able to do more for me."
"It's not easy for someone new to the solution."
"Sometimes the Platform Manager crashes because it's built around Windows."
"I have Windows administrators who will remove the agent when they think that that's what's fouling up their upgrade or their install or their reconfiguration, etc. The first thing they do is to turn off the antivirus, turn down the firewall, and take off anything else. They don't realize that the LogRhythm agent is just sitting there monitoring. Most antivirus products have application protection features built-in where, if I'm an admin on a box, I can't uninstall antivirus. I need to have to the antivirus admin password to do that."
"My big thing is the easability. I don't like to go to two different systems. The fat client that you have to install to configure it, then the web console which is just for reporting and analysis. These features need to collapse, and it needs to be in a single solution. Going through the web solution in the future is the way to do it, because right now, it is a bit cumbersome."
 

Pricing and Cost Advice

"Fortinet FortiSIEM is very cost-efficient compared to other SIEM solutions."
"The price of the solution is expensive. The license is scalable. If there are 10 devices it is simple to license."
"The price is competitive."
"Fortinet's products are not expensive, it is less than the competition."
"There is a need to make yearly payments towards the licensing charges attached to the product. The free version license of the product is available for two months."
"The solution is available for both, perpetual and subscription licenses."
"We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that."
"Please be cheaper and more simplified."
"The solution has provided us with consistency and increased staff productivity through orchestrated automated work flows by at least 20 percent."
"I would recommend talking to the rep. That's the biggest thing because they will know what questions to ask."
"I would rate the tool's pricing around eight out of ten."
"It is a very cost-effective solution."
"The support which allows more customized to the environment when we are deploying new systems is called Professional Service and is very expensive. The technical annual support and there is an annual fee."
"LogRhythm's licensing is based on MPS. There are some add-on features like advanced UEBA, the cloud component for advanced UEBA, and SIEM."
"The pricing is very reasonable and accessible compared to other products in the market but I am not very sure about the exact licensing cost per year for our company."
"I give the price a six out of ten."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
789,442 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Government
9%
Comms Service Provider
8%
Financial Services Firm
7%
Educational Organization
38%
Computer Software Company
9%
Government
6%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
I don't have the price list of any of the competitors of Fortinet FortiSIEM. I work with the technical part of the tool. There is a need to make yearly payments towards the licensing charges attach...
What needs improvement with Fortinet FortiSIEM?
Fortinet FortiSIEM is a better solution than other products. As a SIEM solution, it can meet all the requirements of customers. The product already offers good integration capabilities with multipl...
What is the difference between log management and SIEM?
Rony, Daniel's answer is right on the money. There are many solutions for each in the market, a lot depends upon your ability to manage such tools and your budget. A small operation may be best s...
What do you like most about LogRhythm NextGen SIEM?
LogRhythm does a very good job of helping SOCs manage their workflows.
What is your experience regarding pricing and costs for LogRhythm NextGen SIEM?
LogRhythm's pricing and licensing are extremely competitive and it's one of the top three reasons we continue to invest in the platform.
 

Also Known As

FortiSIEM, AccelOps
LogRhythm NextGen SIEM, LogRhythm, LogRhythm Threat Lifecycle Management, LogRhythm TLM
 

Overview

 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Macy's, NASA, Fujitsu, US Air Force, EY, Abbott, HD Supply, SAB Miller, UCLA, Raytheon, Amtrak, Cargill
Find out what your peers are saying about Fortinet FortiSIEM vs. LogRhythm SIEM and other solutions. Updated: May 2024.
789,442 professionals have used our research since 2012.