Fortinet FortiSIEM vs ThousandEyes comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
35,430 views|20,278 comparisons
Fortinet Logo
9,350 views|4,889 comparisons
Cisco Logo
8,272 views|6,111 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Fortinet FortiSIEM and ThousandEyes based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Microsoft, IBM and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: September 2023).
734,678 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases.""We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility.""It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us.""It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment.""The connectivity and analytics are great.""The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system.""The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products.""The native integration of the Microsoft security solution has been essential because it helps reduce some false positives, especially with some of the impossible travel rules that may be configured in Microsoft 365. For some organizations, that might be benign because they're using VPNs, etc."

More Microsoft Sentinel Pros →

"The event correlation is pretty robust. The GUI is pretty good.""It is used as an alerting platform.""We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers.""The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers.""The most valuable feature of Fortinet FortiSIEM is the correlation of many events.""Fortinet FortiSIEM is less costly than other products and is available 24/7.""Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly.""Fortinet FortiSIEM is easy to use."

More Fortinet FortiSIEM Pros →

"ThousandEyes gives companies better visibility.""It's fairly easy to set up.""The solution's initial setup process was straightforward...In terms of ROI, the solution is worth the money.""The most valuable feature of ThousandEyes is user-friendliness. It has been essential for us to have a solution that is easy to use.""The most valuable features are integration and ease of use."

More ThousandEyes Pros →

Cons
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work.""Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems.""They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft.""We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days.""Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks.""We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules.""It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools.""Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."

More Microsoft Sentinel Cons →

"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions.""The process of installing Fortinet FortiSIEM and the customization of the alerts take too long.""The log collection and configuration management are not great.""An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS.""Patching is not great - we're not getting the support we'd expect.""Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire.""We expect the latest patch from Fortinet FortiSIEM to give the ability to work with signature files.""They need to integrate better with Cisco and Palo Alto."

More Fortinet FortiSIEM Cons →

"ThousandEyes could improve the dashboards by adding more features.""They only offer synthetic requests.""Once I fully use the tool 100%, I'm sure I would have something to critique, however, for now, I'm happy with it.""Presently, it lacks the ability to integrate with other Cisco products.""There is room for improvement in terms of customization and user-friendliness."

More ThousandEyes Cons →

Pricing and Cost Advice
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."
  • "Sentinel can be expensive. When you ingest data from sources that are outside of the cloud, you're paying a fair amount for that data ingestion. When you're ingesting data sources from within the cloud, depending on what your retention periods are, it's not that expensive."
  • "I have worked with a lot of SIEMs. We are using Sentinel three to four times more than other SIEMs that we have used. Azure Sentinel's only limitation is its price point. Sentinel costs a lot if your ingestion goes up to a certain point."
  • "Pricing is pay-as-you-go with Sentinel, which is good because it all depends on the number of users and the number of devices to which you connect."
  • More Microsoft Sentinel Pricing and Cost Advice →

  • "The price of Fortinet FortiSIEM is a lot less when compared to other solutions."
  • "They have a yearly subscription."
  • "The solution is available for both, perpetual and subscription licenses."
  • "Manageable, however would be better as pay as you go versus CapEX."
  • "The price of Fortinet FortiSIEM was reasonable compared to other solutions."
  • "There are additional features that cost more than the standard licensing fees."
  • "This is probably more on the lower cost end of the spectrum compared to competing products. Fortinet's license model is based on events per second, which makes sense, but that's not typical. It makes it very hard to calculate what your costs are going to be as you scale the platform because some log sources, such as firewall logs, are very noisy, and there are lots and lots of events per second, but some of them are not. So, it becomes a bit of a science experiment trying to guess what your costs are going to be as you scale the solution. This is where other competing products perhaps have a more straightforward license model."
  • "Fortinet's products are not expensive, it is less than the competition."
  • More Fortinet FortiSIEM Pricing and Cost Advice →

  • "In our company, we incur a yearly expense in our company for the licensing part. I rate the solution's pricing a seven out of ten since it is expensive."
  • More ThousandEyes Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    734,678 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Top Answer:Fortinet FortiSIEM is less costly than other products and is available 24/7.
    Top Answer:The price of the solution is expensive. The license is scalable. If there are 10 devices it is simple to license.
    Top Answer:Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market.
    Top Answer:It actually depends on the exact purpose or requirements. Some tools are better for only network devices while others… more »
    Top Answer:The most valuable features are integration and ease of use.
    Top Answer:There is room for improvement in terms of customization and user-friendliness.
    Comparisons
    Also Known As
    Azure Sentinel
    FortiSIEM, AccelOps
    Learn More
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Azure Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

    Companies around the world use FortiSIEM for the following use cases:

    • Threat management and intelligence that provide situational awareness and anomaly detection
    • Alleviating compliance mandate concerns for PCI, HIPAA and SOX
    • Managing “alert overload”
    • Handling the “too many tools” reporting issue
    • Addressing the MSPs/MSSPs pain of meeting service level agreements

    ThousandEyes is a Network Intelligence platform that delivers visibility into every network an organization relies on, whether public or private. ThousandEyes enables users to optimize application delivery, end-user experience and ongoing infrastructure investments.

    With cloud, enterprises can innovate much faster, but the growing number of cloud and SaaS applications means that more apps are being delivered over the Internet. This increases dependence on the Internet, a public “best effort” network, and other third-party infrastructures, substantially reducing the ability of IT teams to predict, visualize and control operational behavior. This results in a chaotic and unmanageable IT environment, making issue resolution a time-consuming ordeal, potentially impacting reputation and revenue. ThousandEyes has innovated an approach based on an unmatched distribution of smart agents across the Internet and enterprise, providing visibility all the way to the end user. ThousandEyes gathers and analyzes massive volumes of Network Intelligence data from all of these vantage points, enabling organizations to solve even their most obscure performance problems in minutes. By using ThousandEyes in the planning and testing phases of cloud adoption, customers can also strategically identify and fix underlying problems before production deployment of business-critical applications.

    The ThousandEyes solution is ubiquitous across industry sectors, and since launching in mid-2013, customers have come from a diverse set of industry sectors, which include Silicon Valley technology companies, financial services, healthcare, pharmaceuticals, retail, manufacturing and education.

    Offer
    Learn more about Microsoft Sentinel
    Learn more about Fortinet FortiSIEM
    Learn more about ThousandEyes
    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
    Wayfair, GitHub, Craigslist, Comcast, SurveyMonkey, Lyft, Box, HP, Zendesk, IO Data Centers, Good Technology, NNTCommunications, Proofpoint, Schneider, Crowdstrike, Avera, Pitney Bowes, InstartLogic, Shutterfly, Shutterstock, Condé Nast, Roche, Jive, Actelion, Brocade, Infor, Okta, JLL, DigitalOcean, Zuora, NetSuite, CloudFlare, One, DemonWare, Quantcast, Carbonite, CareerBuilder, Prosper, Oscar, Slack
    Top Industries
    REVIEWERS
    Financial Services Firm23%
    Healthcare Company7%
    Comms Service Provider7%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Government10%
    Financial Services Firm9%
    Manufacturing Company7%
    REVIEWERS
    Comms Service Provider23%
    Financial Services Firm10%
    Media Company10%
    Computer Software Company10%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider10%
    Government10%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Computer Software Company24%
    Financial Services Firm12%
    Manufacturing Company9%
    Government7%
    Company Size
    REVIEWERS
    Small Business32%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise15%
    Large Enterprise61%
    REVIEWERS
    Small Business39%
    Midsize Enterprise25%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business30%
    Midsize Enterprise18%
    Large Enterprise52%
    REVIEWERS
    Small Business20%
    Midsize Enterprise20%
    Large Enterprise60%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise11%
    Large Enterprise73%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    September 2023
    Find out what your peers are saying about Splunk, Microsoft, IBM and others in Security Information and Event Management (SIEM). Updated: September 2023.
    734,678 professionals have used our research since 2012.

    Fortinet FortiSIEM is ranked 10th in Security Information and Event Management (SIEM) with 26 reviews while ThousandEyes is ranked 16th in Network Monitoring Software with 5 reviews. Fortinet FortiSIEM is rated 7.4, while ThousandEyes is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It has robust event correlation and good GUI, but their technical support should be better, and it should support more nonstandard log sources". On the other hand, the top reviewer of ThousandEyes writes "Reliable. simple to set up, and offers fast monitoring capabilities". Fortinet FortiSIEM is most compared with Splunk Enterprise Security, IBM Security QRadar, PRTG Network Monitor, LogRhythm SIEM and ManageEngine Log360, whereas ThousandEyes is most compared with Cisco Secure Network Analytics, Dynatrace, Meraki Dashboard, AppDynamics and Zabbix.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.