We performed a comparison between Fortinet FortiSIEM and NETSCOUT nGeniusPULSE based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not."
"It gives us the opportunity to generate notifications based upon rules that get triggered, and the rules could be specific to PCI, HIPAA, GIBA, NIST, and so forth."
"FortiSIEM's log correlation is good."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"The most valuable features of Fortinet FortiSIEM are the SD-WAN, Global LAN, and application controls."
"I like the single pane of glass view because it presents everything in one window, obviously. You can see it all. With a quick glance, you get a pretty good snapshot of what's going on in a particular situation."
"I like the single pane of glass view. I like being able to go to one place instead of having to hunt around for everything."
"The most valuable feature of NETSCOUT nGeniusPULSE is the network troubleshooting analysis. You can pinpoint an issue before it could shut down the network."
"This is a very reliable and complete solution for troubleshooting and monitoring environments."
"The most valuable features of this solution are monitoring and maintaining traffic queuing, as well as seeing who is using the bandwidth."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"There is room for improvement in entity behavior and the integration site."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"The playbook is a bit difficult and could be improved."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"FortiSIEM could be better integrated with other vendors."
"The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"The graphs on the user interface could be improved as we often experience glitches."
"Our customers are noticing configuration available in the GUI interface and I think that they should be equal."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"Usability is the area with the biggest room for improvement. We've found that with NETSCOUT, while it's a fantastic product, the usability is a major factor because there are just way too many clicks. It's obvious, from our experience, that the people who are developing the product aren't using it."
"They require a lot of manual effort as traffic flows, networks, and formal times change."
"The GUI interface and dashboards could be more attractive to the customer."
"In terms of additional features, I would like to see better event notification. Right now, we put in an email address to receive an alert and it receives every event and every alert that comes out. We need something a little more granular."
"The price of the solution could be reduced."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 64 reviews while NETSCOUT nGeniusPULSE is ranked 62nd in Network Monitoring Software with 5 reviews. Fortinet FortiSIEM is rated 7.6, while NETSCOUT nGeniusPULSE is rated 8.0. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of NETSCOUT nGeniusPULSE writes "Good visibility, simple installation, and helpful technical support". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas NETSCOUT nGeniusPULSE is most compared with ThousandEyes, NETSCOUT nGeniusONE, Flowmon and DX Spectrum. See our Fortinet FortiSIEM vs. NETSCOUT nGeniusPULSE report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.