We performed a comparison between Fortinet FortiSIEM and NETSCOUT InfiniStreamNG based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The analytic rule is the most valuable feature."
"The connectivity and analytics are great."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Fortinet FortiSIEM needs to provide better API integrations to users."
"The Threat Hunting feature provides complete traffic analysis."
"Analytics is the most valuable feature. The business service summaries in the dashboards and the correlations for the SIEM are also valuable features."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"It gives us the opportunity to generate notifications based upon rules that get triggered, and the rules could be specific to PCI, HIPAA, GIBA, NIST, and so forth."
"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely."
"We find the solution to be stable."
"We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us."
"When we have mobile operators who are signal partners, where one is the roaming host and another is the roamer, we are able to see their traffic. Their packets are able to detect if any faults to develop, and at what point they fail."
"The product is stable. I have never had any issue where we have lost an InfiniStream, or visibility from that particular InfiniStream, throughout the bank."
"The real-time troubleshooting and application segregation that you can do within it."
"It's an easy product to set up."
"We use it for monitoring whenever we update a new circuit or site."
"It helps us to assist our customers to isolate problems. If it is us who is having the problem, then we can use it to streamline the process."
"It has cut our troubleshooting down by days. Once we have a product in place, we show people examples of how it can streamline their troubleshooting process."
"It helps us get to root cause quickly. With utilization and consumption of bandwidth, we can usually see what application is taking as much as they should (or shouldn't), then account for it accordingly."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"We'd like also a better ticketing system, which is older."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"The solution should allow for a streamlined CI/CD procedure."
"They could use some kind of workbook. There is some limitation doing the editing and creating the workbook."
"Customer support service could be better."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"There could be more AI features included in the product."
"It's not able to communicate with our probes."
"There is a timeout feature that we have been asking for awhile."
"The stability depends on who is using the tool, because you only can get as much out of the tool as you put into it. There are a lot of patches for this particular environment, so you have to keep on them. If you lose track of them, then the product is not useful anymore."
"The NetFlow Collectors could handle more flows per minute."
"We don't use the single pane of glass view, even though we own it."
"The single pane of glass feed still needs work."
"The monitoring and reporting tool needs improvement. Users want more information, such as the level of detail when doing a packet analysis. They want more detail to be able to isolate down to a specific point."
"I'd like them to make the product more user-friendly."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while NETSCOUT InfiniStreamNG is ranked 63rd in Network Monitoring Software with 13 reviews. Fortinet FortiSIEM is rated 7.6, while NETSCOUT InfiniStreamNG is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of NETSCOUT InfiniStreamNG writes "Once you know how to use the product, it's easy and simple ". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas NETSCOUT InfiniStreamNG is most compared with Cisco Secure Network Analytics, NETSCOUT nGeniusONE and NETSCOUT vSTREAM. See our Fortinet FortiSIEM vs. NETSCOUT InfiniStreamNG report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
