We performed a comparison between Fortinet FortiSIEM and NETSCOUT nGeniusONE based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"The scalability is great. You can put unlimited logs in, as long as you can pay for it. There are commitment tiers, up to six terabytes per day, which is nowhere close to what any one of our customers is running."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"I believe one of the main advantages is Microsoft Sentinel's seamless integration with other Microsoft products."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"The event correlation is pretty robust. The GUI is pretty good."
"Both the collecting logs and duo correlation are valuable features for us."
"FortiSIEM is a great tool for making security processes transparent."
"The most valuable feature is the dashboard. CMDB database collects data from a lot of pre-configured devices."
"The product is quite well-organized. The GUI makes it easy to navigate."
"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."
"It's a consolidated, single tool that talks to multiple platforms. It's not vendor-proprietary; it's independent. It provides interoperability with different products, whether they are routing products, switching products, wireless, wired, load balancing, or proxy. It works with anything you can name."
"The VoLTE model, call search and Media Monitor were essential when we launched VoLTE. We're relying heavily on them to troubleshoot our VoLTE calls."
"We've saved a lot of time in triaging. We have found root cause identities on packet captures and have been able to feed that information back to a specific vendor, because a lot of our technology is emerging. So, we're able to give that feedback to our vendors and have them solve the problems that they need to fix, and they have the evidence to do so."
"It is an easy-to-scale platform."
"The ability to be able to do detailed traffic analysis such as top-talkers, application-specific monitoring, and understanding them through patterns, is helpful. We're also able to gain an understanding of voice calls, voice traffic, whether we have packet loss in a certain part of the network or jitter or high latency that might be impacting the network. All of those are nice functionalities."
"We are using nGeniusONE to run our bandwidth capacity management reports. In the past, we used to be very reactive, we used to depend a lot on suppliers to tell us which sites are our hot sites, meaning, which have high bandwidth utilization. Now we do this in a much more proactive way and we are moving to a more predictive approach in that aspect, thanks to nGeniusONE."
"Among the valuable features, if it's TAP'ed well, are the density of the data that you can get and the relatively high veracity or accuracy rate that we see from it."
"The stability of this product is ok."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"We'd like also a better ticketing system, which is older."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The troubleshooting has room for improvement."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"Fortinet FortiSIEM could improve by having a signature update."
"There could be more AI features included in the product."
"They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution."
"The policy editing should be easier. Right now, it's too hard."
"Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire."
"The backup and recovery process for this solution needs improvement."
"Our customers are noticing configuration available in the GUI interface and I think that they should be equal."
"The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much."
"I'd like to see the nGeniusONE, the nGeniusPULSE, and the OptiView, their three separate products, work a little better together, a little more streamlined."
"Maybe the optics cost could be improved. It's not about the product itself, but the optics cost from other companies is very high, which affects the business. When you buy a $1 million product, you shouldn't be expected to pay $500,000 for support. So, support, operation, and professional services are very expensive. It's the main weakness."
"While it is good, the single pane of glass view is too high level. It is better for management or someone doing sanity checks. A lot of times, I need to go deeper into the additional screens to get what I want out of it."
"This is a typical thing, but every time they do a major code upgrade, we get hit with some nasty bugs. Some of them literally stop the whole platform from collecting traffic data. They should really do more Q&A on the software stability before release."
"There are so many features that it makes it hard to know it all. You end up paying for things that you don't use and probably don't even need. It might be better if Netscout came up with a modular way to pay for what you're going to use and not pay for all of this "white elephant" without being able to take advantage of all of it."
"I would love to have them reassemble fragmented packets. That would be a very big plus in my book."
"The dependency mapping is good, but I am hopeful that they will build some type of partnership and relationship with ServiceNow. I want to see NETSCOUT partner with ServiceNow so they can leverage Service Now Discovery and Service Mapping to automate the build of the service dependency mappings inside of nGeniusONE."
"We would like better end-to-end data flows. This is something that my users always complain about, as they don't know what the data flows are on the network. We would like to know every point along the line."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while NETSCOUT nGeniusONE is ranked 27th in Network Monitoring Software with 47 reviews. Fortinet FortiSIEM is rated 7.6, while NETSCOUT nGeniusONE is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of NETSCOUT nGeniusONE writes "We use it every day for the triaging of events, saving us a lot of time". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas NETSCOUT nGeniusONE is most compared with Gigamon Deep Observability Pipeline, Dynatrace, ThousandEyes, AppDynamics and SolarWinds NPM. See our Fortinet FortiSIEM vs. NETSCOUT nGeniusONE report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.