Fortinet FortiSIEM Reviews

We primarily use it for all of our cloud space and for firewalls,and AWS security services etc., for example, for the email, Cloud watch and AWS security HUB

Single pane of glass for security issues

There's a great feature on the solution that allows us to analyze security issues and incidents. It automatically allows us to trace any incident. It's an invaluable aspect of the solution. 

The solution has a relatively low cost.

We find the solution to be stable.

It's my understanding that the solution can scale well.

The solution needs to be form flow diagram automatically with AWS platform

I've only been using the solution for the last six months.

The solution is stable. It's very reliable. There aren't bugs or glitches. It doesn't freeze or crash.

I personally have never tried to scale the solution. That said, the solution is scalable and companies shouldn't have any issue expanding it as needed.

The solution is being used pretty extensively in our organization and we have several teams on it.

We've definitely called technical support in the past when we have run into issues. We've been satisfied with the level of service they provide. We always get a proper response and they're always ready to resolve any issues we have. We are able to close tickets very quickly because they are so knowledgeable and responsive.

The solution was fairly complex. However, this was due to the fact that we had to do a lot of configurations at the outset. The solution didn't make the process easy for us. Typically, it's easy to implement and I would be able to handle the process myself.

It took us about 15 days to deploy everything on our end.

Implementation was done by Fortinet's Professional Service Team which was quite satisfactorily 

The solution is very cost-effective compared to competitors. We just need to pay licensing and support costs. There aren't added costs beyond that.

We didn't previously look at other solutions. We saw that Fortinet fit our needs, and therefore we chose it.

We're a public utility, so we just use the solution. We don't have a business relationship with the company.

We use the latest version of the solution.

We use a variety of Fortinet solutions at our organization. For example, we integrate the complete AWS cloud space into that all FortiSIEM.

I'd recommend the solution to other organizations, especially those that are cost-conscious. Compared to there solutions' it's rather easy to implement.

I'd rate the solution overall seven out of ten.

I primarily use the solution as part of the firewall. I work mostly with banks and have extensive experience with configuring the VPN in relation to Fortinet.

The solution is quite user-friendly.

It's very easy to configure everything, including the VPN. It gives you lots of good options.

The product is quite well-organized. The GUI makes it easy to navigate.

The solution is almost 100% perfect. It's already quite simple and easy to configure. In that sense, no improvements are needed.

You do seem to be constantly learning new things with the product. There's a bit of an ongoing learning curve in terms of usage. Right now, I'm learning about higher availability and that's an ongoing process.

It would be good if the solution offered even more configuration options, especially in relation to the VPN so that it continues to be a very flexible option. 

The solution offers both command line and GUI visualizations. They need to ensure that their GUI offers just as much flexibility on the configuration as the command line structure.

I've been using the solution for about seven months at this point. It's been less than a year.

The stability of the product is fairly good. It's likely 70-80% there in terms of stability. There are many versions and the stability may vary slightly on each. 

In terms of security, however, I would say it's very stable. 

We haven't implemented the latest version yet as it hasn't been implemented widely. 

In general, the stability isn't a problem for us and we don't need to worry too much about it.

The technical support is quite fine. We can communicate with them easily if we need to. If we have a problem or we need an issue addressed, we simply open a ticket and the Fortinet team is ready to assist. They are very knowledgeable and responsive. We've been satisfied with the support they give us.

The initial setup does take some time to learn. I'm in the process of learning more about it now, specifically in relation to configuration or the VPN.

If you are comparing the product to Cisco's solutions, it's very cheap and moderately priced. It's affordable. At the same time, it's a very effective solution. It's affordable and it works well.

On a scale from one to ten, I would rate the product at an eight. It's been a pretty positive experience overall. I'm still learning the solution and discovering new things about it, however, it has everything I need at the same time. 

We primarily use the solution for network and security monitoring.

Most of those CM functions and the correlation alerts are very helpful to our clients. 

The network monitoring is one of the most valuable aspects of the solution.

You can scale the solution with ease if you need to expand.

The stability is very reliable. It offers very good performance.

The initial setup is complex. They need to make it easier in terms of implementation. That said, all CM implementations are quite difficult. It may not be a fault of this particular product.

The policy editing should be easier. Right now, it's too hard. 

Some of the parts of the mapping tool should be in the product itself. It would make our efforts easier.

The product is quite expensive. It's something clients always comment on.

We have been using the solution for many years - including before Fortinet acquired the original organization.

The solution is quite stable. We find it very reliable. It doesn't crash or freeze. There aren't bugs and glitches.

The scalability of the solution is excellent. It's one of the main reasons we chose to go with this option. If a company needs to expand, it can do so easily. There aren't constraints.

We have about five to ten customers on the solution currently.

I'm not using the vendor's technical support. Mostly we have our own in-house resources. I cannot tell if are they good or bad. I have never dealt directly with them. Therefore, it would be difficult to review their services.

In terms of the initial setup, the process is not straightforward. It's complex and difficult. Making it easier would help a lot.

All CM installations and implementations are complicated. You have to tailor the product. It's not really something you can just implement out-of-the-box. 

That said, a basic installation is simple. It takes a few days. After you've done the implementation stage, then it takes time. Of course, it depends on the projects. I cannot say how much time it's taken exactly. I just know it takes quite a while.

For deployment, we use two people in a project. One of them is for the beginning of the project - for the implementation and the installation process. The other is the administration which we are generally pas off to our customers. I tend to handle the daily operations.

All of our customers find the solution expensive. It's not a cheap option.

I don't know the exact cost of the solution as I don't directly handle the licensing.

We are actually a reseller service company and we are dealing with the solutions for our customers. We are using the SIEM solutions. We are not a user, we are a reseller.

We have many customers. Not all may be using the latest version of the solution.

I would recommend the solution.

In general, I would rate the solution eight out of ten.

We primarily use the solution for collecting logs and duo correlation on our customer's premises.

Both the collecting logs and duo correlation are valuable features for us.

Fortinet also offers very good pricing. Their pricing is incredible.

The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients.

They also have to improve their import perfection solution.

The solution is very stable, like all Fortinet products.

The solution is scalable.

Technical support is very good. They also provide you with additional materials to study the product by yourself so that you can get a better understanding of the full solution.

The initial setup is complex, mostly because of the security, not because of the product. Most of the security features in the installation process are difficult. They require tuning.  You have to be careful you don't configure something wrong. This is a complexity of the environment and the solution itself. The engineer should understand what the customer is looking for. The product might be very good, but if it is positioned in the wrong way, it can be harmful.

I did not evaluate other options; this solution was the decision of the customer. However, in the past, I have evaluated and worked with Splunk and IBM.

We use the public cloud deployment model.

I like the product, and I would recommend it, but I much prefer Splunk.

The beautiful thing about Fortinet is that they have integrated many, many solutions. Their platform is very powerful. In the case of the customer, if he decides to choose Fortinet, he'll largely be stuck with that one vendor. Fortinet does integrate with a few other vendors, but it's best if you use only their solutions. It's more efficient, you have more manageability and you get more value that way.

I would rate the solution seven out of ten.

We use the on-prem deployment model of this solution. Our primary use case of this solution is for all of our infrastructure monitoring, applications, performance monitoring, and for security, incident, and event analysis. 

Analytics is the most valuable feature. The business service summaries in the dashboards and the correlations for the SIEM are also valuable features. 

Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.

It should also have better integration.

It's a good product. It does what it is supposed to do. 

Scalability required a lot of training. If the training isn't adequate you cannot enjoy the end results.

There are currently around ten users using this solution. They are mostly system and network administrators using this solution. We don't have plans to increase the usage. We are going to switch to another product. 

We require two staff members for the deployment and maintenance. 

When you log a call, you don't get instant replies or if there is a bug they take ages to fix it and they ask you to hold.

We didn't previously use another SIEM solution. 

The installation is straightforward but the configuration is complex because it compromises of several aspects of the network infrastructure, servers, and the databases. You have to know what you want to gain out of this product. 

The deployment took around three months. There are a lot of dashboards to configure. It's not about just the installation. The planning phase and understanding what you want to get out of it, setting up the logs, and working on the correlations take time. 

We used a local integrator for the deployment. They were good. When you consider the other SIEM products, this isn't a popular solution. When we implemented it, we were with the solution before it was acquired by Fortinet. It was a hassle. 

Licensing is a one time cost. If you want to enable different modules then there will be additional costs. 

Properly review this solution and your requirements. See how it will scale up to cloud requirements. Cloud technologies are becoming more prominent and you should see how you will be able to manage it with this tool.

It's a good product but you need to be well trained. If you don't have good training then you won't maximize the benefits of this product. 

I would rate it a seven out of ten. 

We have nearly 30 analysts currently using FortiSIEM.

FortiSIEM provides a single PIN to monitor SOC and NOC. It's a nice tool for integration and monitoring. It provides multiple categories for monitoring based on security designations like low, medium, and high. 

It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM. 

I've been using FortiSIEM for a year and a half.

FortiSIEM is stable. QRadar and FortiSIEM are both fairly stable. There aren't many issues from an admin point of view.

FortiSIEM is scalable. 

Fortinet support is great. They're more responsive than IBM.

FortiSIEM is easy to set up. Installing the supervisor component of FortiSIEM took around one hour, but the console installation for QRadar takes almost three to four hours.

I rate FortiSIEM seven out of 10. 

Fortinet FortiSIEM can be used to detect unusual user and entity behavior on networks.

We currently are in the process of testing the solution.

The solution is easy to use and user-friendly.

Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules.

I have been using Fortinet FortiSIEM for a few months.

I have found Fortinet FortiSIEM to be stable.

Fortinet FortiSIEM is scalable.

The installation is straightforward and can be done in one day.

I am able to do the implementation of the solution.

The solution is available for both, perpetual and subscription licenses.

I rate Fortinet FortiSIEM an eight out of ten.

The solution has an all-in-one approach. We buy one product and everything our customer needs is included. He doesn't have to pay any additional licenses to get more functionality, so everything is there and if we have to do any adjustments, it's also done very quickly and easily.

The solution can't be improved, but it can be managed more clearly. The solution just needs minor improvements. I'm quite sure Fortinet is already working on this.

They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI, there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution. 

The solution is very stable. It has run for years without the need to do anything except, add new patches when they are available, which are always a good idea to install.

The initial setup is quite easy.

If we do an overall comparison with other products and also count additional licenses, which are necessary for other products, then the prices are comparative.

If we just leave it at base prices, for example, Splunk: Splunk is cheaper, but if you also count the price for licenses, reports, and other things - especially the megabytes and gigabytes of the lock data that you need - then it comes up to a much higher price than you have to pay for FortiSIEM which already includes these things in a base version.

I would rate the solution nine out of ten. Our clients have been very happy with the solution.