We performed a comparison between Fortinet FortiSIEM and Zabbix based on real PeerSpot user reviews.Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The product can integrate with any device."
"The initial setup is very simple and straightforward."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."
"The most valuable feature of Fortinet FortiSIEM is the user and entity behave as analytics(UEBA). This feature mixes your data and provides useful information based on the behavior of the targeted."
"Technical support is helpful."
"We like the integration of all of these Fortinet platforms together. Everything is integrated well, and we are able to sell that as a service to our customers."
"Our customer did not have security monitoring in the first place. With this solution, it provided security posture management and visibility about the security landscape and threats that they had."
"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."
"It is used as an alerting platform."
"The solution’s IP database is awesome."
"We have found that Zabbix is more easy to use than other applications."
"The product is very stable."
"The solution allows you to configure and customize how you want to collect information from servers or other systems."
"It meets my organizational needs. It's pretty easy to use."
"I have found that the reporting feature in Zabbix is most valuable. Additionally, the solution has given us bandwidth options, we are able to see where problems are. For example, we noticed a problem that occurred because of a bad interface going in the wireless VLAN."
"The most valuable feature is the monitoring of virtual machines."
"The features I found most valuable are the user interface and a wide range of network devices that are easy to configure."
"Zabbix is a cost-effective solution. We're a small organization with a few dozen devices to monitor, and it was available for free. We can see what we need. We haven't done an in-depth analysis on it, but we're currently okay with the product."
"When we pass KPIs to the governance department, there's no option to provide rights to the data or dashboard to colleagues. We can use Power BI for this, but it isn't easy or convenient. They should just come up with a way to provide limited role-based access to auditing personnel"
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"We'd like also a better ticketing system, which is older."
"The reporting could be more structured."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"I think the number one area of improvement for Sentinel would be the cost."
"Patching is not great - we're not getting the support we'd expect."
"They need to integrate better with Cisco and Palo Alto."
"The only drawback is the licensing model. It can get expensive if you want to integrate more solutions."
"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"FortiSIEM is not a market leader in the SIEM space."
"The graphs on the user interface could be improved as we often experience glitches."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"FortiSIEM could be better integrated with other vendors."
"There are some features of Zabbix that are not good for reporting. The DX Spectrum solution has better reporting."
"Zabbix can use better documentation and support for troubleshooting."
"I would like for this solution to be more cloud-friendly."
"As far as improvements, sometimes I get a bit frustrated when I move from a previous version to a new one because some configuration has changed—I need to investigate the documentation to deal with some configuration. But it doesn't take much time, so it's okay."
"The only improvement I would suggest, revolves around its AI and ML capabilities."
"Correlation of events would be a wonderful addition."
"There is a bit of a learning curve during installation."
"The product could be more secure and more stable."
Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:
- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds
- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft
- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft
- Respond to incidents rapidly with built-in orchestration and automation of common tasks
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.
Companies around the world use FortiSIEM for the following use cases:
Zabbix is an open-source monitoring software that provides real-time monitoring and alerting for servers, networks, applications, and services.
It offers a wide range of features including data collection, visualization, and reporting.
With its user-friendly interface and customizable dashboards, Zabbix helps organizations ensure the availability and performance of their IT infrastructure.
Fortinet FortiSIEM is ranked 8th in Security Information and Event Management (SIEM) with 27 reviews while Zabbix is ranked 1st in Network Monitoring Software with 34 reviews. Fortinet FortiSIEM is rated 7.6, while Zabbix is rated 8.6. The top reviewer of Fortinet FortiSIEM writes "It has robust event correlation and good GUI, but their technical support should be better, and it should support more nonstandard log sources". On the other hand, the top reviewer of Zabbix writes "Very mature, easy to scale, and free to use". Fortinet FortiSIEM is most compared with IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM, PRTG Network Monitor and Wazuh, whereas Zabbix is most compared with Checkmk, Centreon, Nagios XI, Nagios Core and SolarWinds NPM. See our Fortinet FortiSIEM vs. Zabbix report.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.