We performed a comparison between Fortinet FortiSIEM and vRealize Network Insight based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"The main benefit is the ease of integration."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"The part that was very unexpected was Sentinel's ability to integrate with Azure Lighthouse, which, as a managed services solution provider, gives us the ability to also manage our customers' Sentinel environments or Sentinel workspaces. It is a big plus for us. With its integration with Lighthouse, we get the ability to monitor multiple workspaces from one portal. A lot of the Microsoft Sentinel workbooks already integrate with that capability, and we save countless amounts of money by simply being able to almost immediately realize multitenant capabilities. That alone is a big plus for us."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"The features that stand out are the detection engine and its integration with multiple data sources."
"The Log analytics are useful."
"It is used as an alerting platform."
"The Threat Hunting feature provides complete traffic analysis."
"It's a very nice solution to work with."
"The product's initial setup phase was easy."
"It works well with medium to large-scale enterprises."
"Technical support is helpful."
"I like FortiSIEM because it integrates natively with our other Fortinet solutions and the Fortinet Fabric, but it also integrates with Cisco, Palo Alto and other security fabrics."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"It allows us to see how the network devices function as well as to see network glitches or fluctuations or dropping of packets."
"The most valuable features are the monitoring and tracking. It's also intuitive and user-friendly. The screen looks exactly the same as the other appliances for VMware, so it's easy to navigate."
"The ability to use the natural language query and see the visualization is quickly intuitive, and it works very well."
"It especially helps with deploying NSX, that you're not having to manually chase down and figure out what you need to do to microsegment VMs. This gives a nice option where you can say, "Hey, this VM, show me what flows are there." I can export it out and then import it as an NSX rule and job done."
"It allowed us to set up NSX and to do microsegmentation, without all of the pain points of having to determine each port and each IP address that needed to have access, and which ones needed to be blocked."
"We're a smaller company so it automates a lot of the tasks and lets us focus in on building out our own solution. It's quicker, there is less building of manual solutions, and less downtime. It allows our developers to quickly develop, get provisioning done, de-provisioning, etc; the stuff that you would expect to be able to make it streamlined."
"The most valuable feature is being able to easily see the path that the VM traffic is taking, what ports are in use."
"I find it user-friendly and intuitive. With the GUI interface that we do use on a regular basis, it's easy to navigate, it's easy to see, easy to query. We get reports. It's easy to use."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"Sentinel's reporting is complex and can be more user-friendly."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The on-prem log sources still require a lot of development."
"One key area that can be improved is by building a strong integration with our XDR platform."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"We expect the latest patch from Fortinet FortiSIEM to give the ability to work with signature files."
"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."
"Customer support service could be better."
"They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution."
"The product does not have Security Orchestration and Automation Response, I would recommend adding this feature."
"It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"Fortinet FortiSIEM could improve to extend to several locations or sites."
"The only reason I would not give it a nine or a 10 is for cost reasons. It seems to be one of those things that really belongs as part of the product inherently and not as an add-on. That would be my only concern."
"The compatibility with each and every component of the infrastructure is the main thing that I am looking for. I would like them to make sure that it's compatible with different kinds of storage systems, etc. I have seen the compatibility list. I feel it can be more compatible than it is right now."
"The solution can be improved by making it more compatible with other brands, allowing for better integration."
"While it's not exactly a feature, what normally happens when we are trying to look at the VM flow portion is - although Network Insight does have options to integrate a few physical switches into it - we can't really get an end-to-end flow of the network. We might be using a few switches that are not supported by Network Insight. That is where they can improve, in the support for more physical switches and network devices."
"There is room for improvement when it comes to pricing because we pay here in Brazil, and all the costs are based on the dollar."
"In a very general way, I would like to see an improvement in interoperability with third-party product, from other vendors."
"I want to see more in terms of microsegmentation. As of now, I can see the rules, but they are not in a readable format that I can convert to microsegmentation and can fit into NSX Manager."
"I'd like to see better support for being able to search the hardware NetFlow data. It ingests fairly well, but you can't tell, in a lot of cases, what source the data came from. I'd like to see more support for picking specific sources. That way you could really make a compelling use case. There are also some difficulties where it can't exactly trace the path between source and destination but if you hit the reverse flow on the same search it shows the entire path."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while vRealize Network Insight is ranked 24th in IT Infrastructure Monitoring with 44 reviews. Fortinet FortiSIEM is rated 7.6, while vRealize Network Insight is rated 8.6. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of vRealize Network Insight writes "Provides deep analytical insights and makes migrations efficient with dependency mapping". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and ThousandEyes, whereas vRealize Network Insight is most compared with ThousandEyes, NETSCOUT vSTREAM, VMware Aria Operations for Applications, AppNeta by Broadcom and Zabbix. See our Fortinet FortiSIEM vs. vRealize Network Insight report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
