We performed a comparison between Fortinet FortiSIEM and ThousandEyes based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM)."Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"Log aggregation and data connectors are the most valuable features."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"FortiSIEM's log correlation is good."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"The solution is easy to use and user-friendly."
"FortiSIEM helped us discover all the threats at the time that were attacking the IT services of the company. We now have multiple-level authentication."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"This solution offers extensive customization options, making it possible to adapt it precisely to their requirements."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"The event correlation is pretty robust. The GUI is pretty good."
"From our perspective, ThousandEyes stands out as an invaluable tool because of its deep and extensive capabilities."
"The most valuable aspect of the solution was the ability to see how the connection quality is between the sites and get an alert if it was turning bad."
"ThousandEyes gives companies better visibility."
"The installation process is not hard at all."
"The solution is very easy to use."
"The authentication overall - including to the VPN and LAN - is excellent."
"The company provides excellent service."
"The most valuable features are integration and ease of use."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"The on-prem log sources still require a lot of development."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"The solution should allow for a streamlined CI/CD procedure."
"Given that I am in the small business space, I wish they would make it easier to operate Sentinel without being a Sentinel expert. Examples of things that could be easier are creating alerts and automations from scratch and designing workbooks."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"We need to see incident reports about the event log, without events from the administrator or through human interaction."
"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."
"Its training can be improved. Its price also needs to be improved."
"Fortinet FortiSIEM could improve by having a signature update."
"Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"The dashboard needs to improve."
"It's an expensive solution."
"I would like the product to offer more agility."
"It would be nice if the solution covered other areas like server monitoring."
"The guest portal is hard to use."
"They only offer synthetic requests."
"Once I fully use the tool 100%, I'm sure I would have something to critique, however, for now, I'm happy with it."
"ThousandEyes could improve the dashboards by adding more features."
"There is room for improvement in terms of customization and user-friendliness."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while ThousandEyes is ranked 12th in Network Monitoring Software with 11 reviews. Fortinet FortiSIEM is rated 7.6, while ThousandEyes is rated 8.4. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of ThousandEyes writes "Reliable. simple to set up, and offers fast monitoring capabilities". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and PRTG Network Monitor, whereas ThousandEyes is most compared with Cisco Secure Network Analytics, Accedian Skylight, Dynatrace, SolarWinds NPM and Meraki Dashboard.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
