We performed a comparison between Fortinet FortiSIEM and Nagios Core based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Another area where it is helping us is in creating a single dashboard for our environment. We can collect all the logs into a log analytics workset and run queries on top of it. We get all the results in the dashboard. Even a layman can understand this stuff. The way Microsoft presents it is really incredible."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"It has basic out-of-the-box integrations with multiple log sources."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same."
"The product is quite well-organized. The GUI makes it easy to navigate."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"It's a very nice solution to work with."
"Fortinet FortiSIEM provides good detection against advanced threats."
"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."
"FortiSIEM's best features are the dashboards and customization."
"FortiSIEM provides a single PIN to monitor SOC and NOC. It's a nice tool for integration and monitoring. It provides multiple categories for monitoring based on security designations like low, medium, and high."
"Nagios Core is stable."
"The solution is quite efficient."
"Provides timely notifications."
"Nagios Core is very configurable. Whatever you want, you can do it."
"We use the product to monitor server applications."
"Our customers like that Nagios Core is an open source solution. It can be customized to our customers' specific needs."
"The notifications are definitely one of the most valuable features of Nagios Core. We know what to look for and what to expect when things are down."
"The most valuable features are the reports and the way it generates the report in a graphical manner."
"The reporting could be more structured."
"The solution could improve the playbooks."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"I would like to see easier implementation in the future."
"Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market."
"They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution."
"The process of installing Fortinet FortiSIEM and the customization of the alerts take too long."
"The policy editing should be easier. Right now, it's too hard."
"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"Customer support service could be better."
"Cloud monitoring is an area for improvement because there aren't too many plugins available."
"The UI is a little outdated and graphics could be displayed in a better way."
"The tool needs to improve the integrations."
"Nagios Core could improve by adding a user interface. If you want the user interface you have to use Nagios XI."
"The core version is no match for the XI version."
"The user interface could be more interactive because it is pretty basic."
"It would be nice if the company offered a sales or contract manager that was dedicated to our company so that we would have some sort of link to Nagios, and if we had issues or questions, we'd be able to contact them directly."
"The initial setup process could be easier."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while Nagios Core is ranked 7th in Network Monitoring Software with 46 reviews. Fortinet FortiSIEM is rated 7.6, while Nagios Core is rated 8.0. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Nagios Core writes "An Open Source Fully Featured Data Centre Monitoring Tool". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas Nagios Core is most compared with Zabbix, Nagios XI, Centreon, Icinga and OP5 Monitor. See our Fortinet FortiSIEM vs. Nagios Core report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.