We performed a comparison between Fortinet FortiSIEM and OmniPeek based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM)."The best functionality that you can get from Azure Sentinel is the SOAR capability. So, you can estimate any type of activity, such as when an alert was triggered or an incident was found."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"Free ingestion for Azure logs (with E5 licence)"
"The pricing of the product is excellent."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The Threat Hunting feature provides complete traffic analysis."
"The solution is very stable. It's run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install."
"Fortinet FortiSIEM provides good detection against advanced threats."
"The seamless integration with FortiGate is the solution's most valuable aspect."
"Real-time monitoring makes life quite easy for me."
"Both the collecting logs and duo correlation are valuable features for us."
"The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation."
"We have found the most important features in Fortinet FortiSIEM to be the correlation, file utility check, latest file, and hash changes. These features are important for us."
"I believe the most crucial feature of OmniPeek search is the ability to sniff packets based on channel switching."
"The most valuable features are the voice bot, which checks the quality of service for voice, and the expert view that gives me insight on what and where to troubleshoot."
"It's a solid piece of software. It's stable."
"The most valuable feature of OmniPeek was the ability it gave us to see the connection procedure."
"The most valuable feature of OmniPeek is the ability to assign custom color codes to the different packets easily."
"The most valuable feature is OmniPeek is user-friendly."
"The solution should allow for a streamlined CI/CD procedure."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."
"The backup and recovery process for this solution needs improvement."
"It would be good if the solution offered even more configuration options, especially in relation to the VPN so that it continues to be a very flexible option."
"The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."
"They need to integrate better with Cisco and Palo Alto."
"I don't see a clear roadmap in the future for improving this software."
"I would like to see the tool work in an open environment the same as how it does in a closed environment."
"I would like to see the saving feature improved. We have had issues if you do not save your progress then you have to start from the beginning."
"The solution's automation has room for improvement."
"I am not using OmniPeek for automation, we only do manual testing. Automation testing is tedious to do. The automation should be more user-friendly. I have exposed some APIs but the usage is not user-friendly."
"Making it more clear on how to configure the filters, or really automating them, would be an improvement."
Fortinet FortiSIEM is ranked 9th in Security Information and Event Management (SIEM) with 63 reviews while OmniPeek is ranked 30th in Application Performance Monitoring (APM) and Observability with 6 reviews. Fortinet FortiSIEM is rated 7.6, while OmniPeek is rated 7.8. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of OmniPeek writes "Easy to identify packets, beneficial color assigning, and responsive support". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and ThousandEyes, whereas OmniPeek is most compared with LiveAction LiveNX, Colasoft Capsa, LogicMonitor, SolarWinds NPM and DX Performance Management.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.