Fortinet FortiSIEM vs Netsurion comparison

Read 24 Netsurion reviews

792 Views
293 Comparison Views

92% willing to recommend

Fortinet FortiSIEM

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Fortinet FortiSIEM and Netsurion based on real PeerSpot user reviews.

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Fortinet FortiSIEM vs. Netsurion Report (Updated: July 2024).

Fortinet FortiSIEM vs. Netsurion

Download the complete report

Helped 793,295 peers since 2012

Categories and Ranking

Fortinet FortiSIEM

Ranking in Security Information and Event Management (SIEM)

10th

Average Rating

7.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Netsurion

Ranking in Security Information and Event Management (SIEM)

14th

Average Rating

8.4

Number of Reviews

Ranking in other categories

Managed Security Services (5th), SOC as a Service (3rd), Managed Detection and Response (MDR) (13th), Extended Detection and Response (XDR) (16th)

Mindshare comparison

As of July 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.5%, up from 3.2% compared to the previous year. The mindshare of Netsurion is 0.3%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Unique Categories:

No other categories found

Managed Security Services

1.9%

SOC as a Service

2.3%

Featured Reviews

Marcelo Canedo

Presales IT at a tech services company with 201-500 employees

Jun 16, 2022

Integrates logs from different sources so that there is a common place to see and create dashboards

I work in our presales department. We have three of our clients using Fortinet FortiSIEM. The solution is useful to integrate logs from different sources so that there is a common place to see and create dashboards and the AI associated with event checking. We have a common service desk for our…

Read full review

Kevin Lohan

Head of IT at a venture capital & private equity firm with 11-50 employees

Aug 22, 2023

Provides real-time alerting, a dedicated team, and around-the-clock monitoring

The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network. For instance, if there's an unusual activity with user accounts, like a sudden surge in login attempts, the system promptly sends notifications via email, text, and even phone calls if our initial response is lacking. This holds true regardless of the time, even if it's as late as two in the morning. This capability provides me with a sense of security. Apart from this, my colleagues and I lack the time to meticulously sift through extensive logs and data. Having someone else handle the task of comprehensively analyzing the information we generate, not only pinpointing potential risks for us to counteract but also alerting us in real-time, is immensely valuable. It's truly impressive. Our workload prevents us from achieving this level of vigilance, even if we were to hire more staff. Their performance in this regard is unparalleled.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."

"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."

"The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation."

"The CMDB and the device discovery features are most valuable."

"The seamless integration with FortiGate is the solution's most valuable aspect."

"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."

"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."

"FortiSIEM's log correlation is good."

More Fortinet FortiSIEM pros

"The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on."

"We don't have the eyeballs available to stare and watch for things, or even have the capability of building internal alert systems. So, the managed SOC has been huge for freeing up staff to work on other responsibilities. We are saving on at least one full-time employee."

"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats."

"When I looked last week, we probably averaged about 20 million log entries a day. So, we certainly can't individually manage that. Just looking at the reports, then trying to go back and find anything that was questionable, was a challenge. Therefore, the managed service has been invaluable to us in terms of being able to narrow the scope of what really needs to be looked at and bringing those things to our attention to be dealt with."

"The product satisfies our compliance, and thus, all of our auditors. All of the data that we use and store for all security events is required by our auditors to be kept in a central storage location."

"The most important feature is keeping track of when accounts are created and deleted, when permission groups are changed, and memberships are changed in groups; and overall, how many errors are occurring on the various systems that we're monitoring."

"They have what they call Elasticsearch which is very quick, although that's only available for the last seven days' worth of data. It used to be that, if I wanted to do a search from three days ago, it might take me 10 to 15 minutes because it had to actually unzip some archive files. So I really like that feature. It's almost instantaneous for anything within the last seven days."

"Netsurion has its own security operations center, where it tracks information that comes across our telemetry."

More Netsurion pros

Cons

"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."

"Not very good on non-API features, lacks that functionality."

"Our customers are noticing configuration available in the GUI interface and I think that they should be equal."

"They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution."

"We expect the latest patch from Fortinet FortiSIEM to give the ability to work with signature files."

"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."

"We need to see incident reports about the event log, without events from the administrator or through human interaction."

"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."

More Fortinet FortiSIEM cons

"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."

"The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open."

"I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events."

"I would also like to have a dashboard that I can access anytime to review the real-time data from their website."

"Netsurion's threat detection and response aren't quite mature. I would expect a little more."

"I would like to see the dashboard come up more quickly."

"There's always room to improve because there would be no competition if they had a perfect solution. The GUI to perform searches within the product may not be intuitive to a new user."

"The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated."

More Netsurion cons

Pricing and Cost Advice

"The price is competitive."

"Manageable, however would be better as pay as you go versus CapEX."

"Fortinet FortiSIEM is not an expensive solution."

"Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."

"They have a yearly subscription."

"We bought the perpetual license, so we own the product, but there is a three-year support renewal fee for that."

"Fortinet FortiSIEM is very cost-efficient compared to other SIEM solutions."

"We pay for a license for FortiSIEM. We pay for the license and renewal."

More Fortinet FortiSIEM pricing and cost advice

"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."

"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."

"I don't know if the pricing is by the seat but we're paying about $20,000 to 25,000 a year. On top of that, we pay for the managed support services. That runs us about another $35,000 or $40,000 a year."

"When we first got the EventTracker product, we were using SIEM Simplified. At the time they didn't call it that, but it was more of a service thing. So, there was a bit more hand-holding and getting stuff set up, along with failure reports, that they did during the first one to two years. Then, we decided that the the additional money to have someone do these daily reports wasn't terribly useful, so we discontinued that service."

"We put together the package of what we needed. It was based pretty much on the number of agents that we were deploying. If we needed to manage logging from certain specific applications, like Active Directory and SQL Server, there has been no additional cost for that. We had agents deployed for those specific servers and the applications were included, then there was just an additional installation that they had to do for us."

"You are paying for different levels, especially as far as the monitoring goes and how often you review it with the team. The other factor that figures in is how many nodes are on your network, such as clients, network equipment, servers, etc. There are some additional pieces on top of that, but it's laid out pretty simply, as far as how much you're going to pay for a node."

"Licensing is very easy. Our CIO takes care of the billing, but in terms of price point, he hasn't complained, so it must be good."

"The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."

More Netsurion pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

793,295 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Government

10%

Financial Services Firm

Manufacturing Company

Computer Software Company

28%

Manufacturing Company

12%

Government

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Fortinet FortiSIEM?

Fortinet FortiSIEM needs to provide better API integrations to users.

What is your experience regarding pricing and costs for Fortinet FortiSIEM?

I don't have the price list of any of the competitors of Fortinet FortiSIEM. I work with the technical part of the tool. There is a need to make yearly payments towards the licensing charges attach...

What needs improvement with Fortinet FortiSIEM?

Fortinet FortiSIEM is a better solution than other products. As a SIEM solution, it can meet all the requirements of customers. The product already offers good integration capabilities with multipl...

What do you like most about Netsurion Managed Threat Protection?

Expediting incident response is really great.

What is your experience regarding pricing and costs for Netsurion Managed Threat Protection?

Their pricing is high. I don't know if it's a barrier. The quality speaks to the price. The price is the price. They provide what they promise. From a purchasing perspective, I just have to come ba...

What needs improvement with Netsurion Managed Threat Protection?

There is one area that needs improvement and that is with the agents and the server that's on-site. The system requirements are very, very high. So I need a pretty powerful server to run. If they c...

IBM Security QRadar vs Fortinet FortiSIEM

Comparisons

Compared 12% of the time

Splunk Enterprise Security vs Fortinet FortiSIEM

Compared 10% of the time

Wazuh vs Fortinet FortiSIEM

Compared 10% of the time

Microsoft Sentinel vs Fortinet FortiSIEM

Compared 9% of the time

LogRhythm SIEM vs Fortinet FortiSIEM

Compared 6% of the time

More Fortinet FortiSIEM Competitors

Arctic Wolf Managed Detection and Response vs Netsurion

Compared 49% of the time

CyberHat CYREBRO vs Netsurion

Compared 26% of the time

Sumo Logic Security vs Netsurion

Compared 25% of the time

More Netsurion Competitors

Product Reports

Fortinet FortiSIEM

Download Fortinet FortiSIEM product report

Download Netsurion product report

Also Known As

FortiSIEM, AccelOps

Netsurion Managed Threat Protection, Netsurion EventTracker

Learn More

Fortinet

Video not available

Overview

FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

Companies around the world use FortiSIEM for the following use cases:

Threat management and intelligence that provide situational awareness and anomaly detection
Alleviating compliance mandate concerns for PCI, HIPAA and SOX
Managing “alert overload”
Handling the “too many tools” reporting issue
Addressing the MSPs/MSSPs pain of meeting service level agreements

Our open XDR platform unifies your existing security telemetry to deliver wider attack surface coverage and deeper threat analytics resulting in greater security visibility. Our SOC does the heavy lifting for you of proactive threat hunting, event correlation and analysis, and provides you with guided remediation. The result is a force multiplier that allows your IT team to be confident and in control again while also maximizing all of your cybersecurity investments.

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.

The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores

Fortinet FortiSIEM vs. Netsurion