We performed a comparison between Fortinet FortiSIEM and Zabbix based on real PeerSpot user reviews.
Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"Sentinel enables us to ingest data from our entire ecosystem. In addition to integrating our Cisco ASA Firewall logs, we get our Palo Alto proxy logs and some on-premises data coming from our hardware devices... That is very important and is one way Sentinel is playing a wider role in our environment."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"It has basic out-of-the-box integrations with multiple log sources."
"FortiSIEM is a great tool for making security processes transparent."
"The most valuable feature of Fortinet FortiSIEM is the correlation of many events."
"Fortinet FortiSIEM is easy to use."
"The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature."
"The most valuable feature is the anomaly-reporting alarms."
"It is used as an alerting platform."
"Easy alert setup which enables different alerts in different categories."
"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"The most valuable features in Zabbix are those that help us overcome bottlenecks in CPU usage, as well as reduce memory delay. I know that we have only reached the tip of the iceberg of what Zabbix's features can do for us, and we have not used all of them yet."
"It can send messages to our ticketing system."
"The integration capabilities and APIs are the best part."
"The most valuable feature is service assurance."
"Zabbix helps to save time."
"Zabbix is good for discovery."
"Dashboard and the customization of the items and triggers are the most valuable features."
"It is a great product. The SNMP protocol tracking feature is good. I really like how it tracks SNMP. The alerts are also great."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"Everyone has their favorites. There is always room for improvement, and everybody will say, "I wish you could do this for me or that for me." It is a personal thing based on how you use the tool. I do not necessarily have those thoughts, and they are probably not really valuable because they are unique to the context of the user, but broadly, where it can continue to improve is by adding more connectors to more systems."
"We are invoiced according to the amount of data generated within each log."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
"We'd like also a better ticketing system, which is older."
"The nodes on our network did not comply with the SIEM solution. They use a different format parking log."
"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."
"When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement."
"The graphs on the user interface could be improved as we often experience glitches."
"Fortinet FortiSIEM could improve by having a signature update."
"The policy editing should be easier. Right now, it's too hard."
"The performance can be improved. Sometimes it takes a long time to fetch data."
"With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk."
"I think the reporting part of Zabbix can be improved in terms of more user-friendly graphics to display the collected data. Many simple users who don't know how to use Zabbix properly might get confused by the reporting, although at the same time it is very versatile for my company."
"In the next release, I'm hoping for features targeted towards larger users with more customizable options. Despite this, I think pre-canned reports that can be used straight out of the box would be beneficial rather than having to configure each report individually. Additionally, a deeper dive into software configurations on the machines would be useful, although I understand there may be challenges in implementing this due to scripting requirements. More documentation would also be appreciated."
"We would like to see the addition of automatic push functionality to this product. This would save time when monitoring our servers and networks as, at present, we have to manually install the Zabbix agent on any hardware to be monitored."
"The networking monitor is not too easy to work with."
"I would like for this solution to be more cloud-friendly."
"There are areas of improvement. The database grows really fast. So, when you install Zabbix, you have to deal with some issues, like the database. We become pretty big very fast."
"The product could be more secure and more stable."
"It would be helpful if they translated the documentation to Cyrillic languages."
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 63 reviews while Zabbix is ranked 1st in Network Monitoring Software with 98 reviews. Fortinet FortiSIEM is rated 7.6, while Zabbix is rated 8.2. The top reviewer of Fortinet FortiSIEM writes "It's cheaper than other solutions with the same features but lacks integration with many third-party vendors". On the other hand, the top reviewer of Zabbix writes "Allows any number of customizations but lacks functionality for finding root causes". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, Wazuh and Rapid7 InsightIDR, whereas Zabbix is most compared with Centreon, Checkmk, SolarWinds NPM, Nagios XI and Nagios Core. See our Fortinet FortiSIEM vs. Zabbix report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.