• Home
  • Fortinet FortiSIEM vs. Netsurion

Fortinet FortiSIEM vs Netsurion comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo

Microsoft Sentinel

Read 85 Microsoft Sentinel reviews
32,763 views|18,195 comparisons
92% willing to recommend
Fortinet Logo

Fortinet FortiSIEM

Read 63 Fortinet FortiSIEM reviews
7,467 views|4,053 comparisons
81% willing to recommend
Netsurion Logo

Netsurion

Read 24 Netsurion reviews
920 views|330 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Fortinet FortiSIEM vs. Netsurion
March 2024
Executive Summary

We performed a comparison between Fortinet FortiSIEM and Netsurion based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Fortinet FortiSIEM vs. Netsurion Report (Updated: March 2024).
Download the complete report
769,065 professionals have used our research since 2012.
Featured Review
Sachin Paul
Makes data integration very easy for our SOC
It enables data integration within our hybrid, multi-cloud environment, and it makes this data integration very easy for our security operations... Read more →
Ali Mohamed
The log correlation is good
FortiSIEM provides visibility into what happens on our corporate network. We can see traffic from users and detect brute force or bot attacks. It's... Read more →
Kevin Lohan
Provides real-time alerting, a dedicated team, and around-the-clock monitoring
One of the primary benefits of using Netsurion for our organization is that, due to a mandate from our regulator, we are required to have robust... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high.""Microsoft Sentinel comes preloaded with templates for teaching and analytics rules.""Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself.""If you know how to do KQL (kusto query language) queries, which are how you query the log data inside Sentinel, the information is pretty rich. You can get down to a good level of detail regarding event information or notifications.""The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system.""The connectivity and analytics are great.""The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us.""The main benefit is the ease of integration."

More Microsoft Sentinel Pros →

"It's easy to manage. There's a web interface and a command line, depending on what the user is comfortable with. There's a large knowledge base available, and the support is timely.""FortiSIEM's log correlation is good.""FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication.""Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses.""We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers.""Analytics is the most valuable feature. The business service summaries in the dashboards and the correlations for the SIEM are also valuable features.""The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation.""This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."

More Fortinet FortiSIEM Pros →

"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats.""The product satisfies our compliance, and thus, all of our auditors. All of the data that we use and store for all security events is required by our auditors to be kept in a central storage location.""Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy.""Expediting incident response is really great.""The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats.""I really appreciate the fact that the dashboard breaks everything down into a pretty easy view for me... It shows what changes are happening to privileged user accounts, access and identity, what's cropping up. It shows application activity and whether we've got system resources that aren't online and being found anymore. It's a pretty simple, easy, quick hit and there are the supporting logs behind it. If I need to drill down further, I can do that quickly. It's very effective.""If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches.""Netsurion has its own security operations center, where it tracks information that comes across our telemetry."

More Netsurion Pros →

Cons
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft.""Sentinel's reporting is complex and can be more user-friendly.""Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel.""If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details.""Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized.""Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise.""Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider.""I would like to see more AI used in processes."

More Microsoft Sentinel Cons →

"The nodes on our network did not comply with the SIEM solution. They use a different format parking log.""Areas for improvement would be the ease of use and the integration with Fortinet's own products.""I would like to see easier implementation in the future.""They need to integrate better with Cisco and Palo Alto.""Not very good on non-API features, lacks that functionality.""The dashboard needs to improve.""The solution's interface could be modernized and improved.""Sometimes, if there are changes made by a user on a database server, it can be difficult to get that information on the fly. I would like to see a situation where once I specify a user with the database server I need, and with the changes they have performed on that, I don't need to continue my search pattern to drill down just to get the information."

More Fortinet FortiSIEM Cons →

"The system requirements are very, very high. So I need a pretty powerful server to run. If they could lighten that load so that the on-premise part of their product didn't impact my systems as much that would be ideal.""Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's an individual that wasn't clear in the communication, it's not the process per se. You always have to be able to segregate if the process didn't work or an individual either didn't say the right thing or my people didn't understand what they were being told.""The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated.""The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open.""I would also like to have a dashboard that I can access anytime to review the real-time data from their website.""I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events.""There's always room to improve because there would be no competition if they had a perfect solution. The GUI to perform searches within the product may not be intuitive to a new user.""The threat detection and response is passive. We have asked if there were options for taking action, and we have not gotten any feedback on that, which would be useful to know. Depending on the situation and threat, some actions may not be possible, but we haven't gotten any feedback on what options could be directed and actionable with the understanding that it may have an extra cost. It would be nice to know or find out if it is actually possible to take actions by a SIEM service or a SIEM agent."

More Netsurion Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

    • More Microsoft Sentinel Pricing and Cost Advice →

  • "Please be cheaper and more simplified."
  • "We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that."
  • "Pricing is acceptable for more than 90% of our customers, as they normally get discounts."
  • "Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."
  • "The price of Fortinet FortiSIEM is a lot less when compared to other solutions."
  • "They have a yearly subscription."
  • "The solution is available for both, perpetual and subscription licenses."
  • "Manageable, however would be better as pay as you go versus CapEX."

    • More Fortinet FortiSIEM Pricing and Cost Advice →

  • "The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."
  • "Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."
  • "The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same."
  • "The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."
  • "I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."
  • "When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."
  • "EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."
  • "In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money."

    • More Netsurion Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    See Recommendations
    769,065 professionals have used our research since 2012.
    Questions from the Community
    Is there a common threat intelligence tool that aggregates multiple threa...
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Read all 10 answers   →
    What is a better choice, Splunk or Azure Sentinel?
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Which is better - Azure Sentinel or AWS Security Hub?
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Read all 2 answers   →
    What do you like most about Fortinet FortiSIEM?
    Top Answer:Real-time monitoring makes life quite easy for me.
    Read all 36 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiSIEM?
    Top Answer:The price is competitive. We can scale based on the licensing. It is an annual CapEx.
    Read all 23 answers   →
    What needs improvement with Fortinet FortiSIEM?
    Top Answer:Network detection and response is a separate product. That's how I ended up with Wazuh. I'm looking for something to… more »
    Read all 36 answers   →
    What do you like most about Netsurion Managed Threat Protection?
    Top Answer:Expediting incident response is really great.
    Read all 6 answers   →
    What is your experience regarding pricing and costs for Netsurion Managed...
    Top Answer:Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They… more »
    Read all 5 answers   →
    What needs improvement with Netsurion Managed Threat Protection?
    Top Answer:There is one area that needs improvement and that is with the agents and the server that's on-site. The system… more »
    Read all 6 answers   →
    Comparisons
    Also Known As
    Azure Sentinel
    FortiSIEM, AccelOps
    Netsurion Managed Threat Protection, Netsurion EventTracker
    Learn More
    Microsoft
    Fortinet
    Netsurion
    Video Not Available
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

    Companies around the world use FortiSIEM for the following use cases:

    • Threat management and intelligence that provide situational awareness and anomaly detection
    • Alleviating compliance mandate concerns for PCI, HIPAA and SOX
    • Managing “alert overload”
    • Handling the “too many tools” reporting issue
    • Addressing the MSPs/MSSPs pain of meeting service level agreements

    Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
    The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Comms Service Provider8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    REVIEWERS
    Comms Service Provider22%
    Financial Services Firm12%
    Computer Software Company10%
    Media Company10%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Comms Service Provider10%
    Government9%
    Financial Services Firm6%
    REVIEWERS
    Financial Services Firm18%
    Non Profit9%
    Healthcare Company9%
    University9%
    VISITORS READING REVIEWS
    Computer Software Company30%
    Manufacturing Company13%
    Government7%
    Financial Services Firm5%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    REVIEWERS
    Small Business42%
    Midsize Enterprise25%
    Large Enterprise33%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise17%
    Large Enterprise53%
    REVIEWERS
    Small Business38%
    Midsize Enterprise33%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business38%
    Midsize Enterprise17%
    Large Enterprise45%
    Buyer's Guide
    Fortinet FortiSIEM vs. Netsurion
    March 2024
    Free Report: Fortinet FortiSIEM vs. Netsurion
    Find out what your peers are saying about Fortinet FortiSIEM vs. Netsurion and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    769,065 professionals have used our research since 2012.

    Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Netsurion is ranked 15th in Security Information and Event Management (SIEM) with 24 reviews. Fortinet FortiSIEM is rated 7.6, while Netsurion is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas Netsurion is most compared with Arctic Wolf Managed Detection and Response, CyberHat CYREBRO and Wazuh. See our Fortinet FortiSIEM vs. Netsurion report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.