What needs improvement with Fortinet FortiSIEM?

Miriam Tover - PeerSpot reviewer
  • 0
  • 423
PeerSpot user

35 Answers

Ijeoma Nkemjika - PeerSpot reviewer
Top 5
Jan 18, 2024

The solution's interface could be modernized and improved.

Search for a product comparison
Stefan Bächer - PeerSpot reviewer
Real User
Top 5
Sep 27, 2023

Customer support service could be better.

Niranjan Singh - PeerSpot reviewer
Real User
Top 5
Apr 27, 2023

Fortinet FortiSIEM is a little out of sight and needs more marketing efforts to be popular in the market.

Alain ClovisBapfunya - PeerSpot reviewer
Real User
Top 10
Mar 28, 2023

The only drawback is the licensing model. It can get expensive if you want to integrate more solutions.

TamimKhan - PeerSpot reviewer
Real User
Top 5Leaderboard
Mar 28, 2023

They should enhance the solution's AI capabilities, including XDR and EDR.

Ali Mohamed - PeerSpot reviewer
Real User
Top 20
Jan 11, 2023

FortiSIEM could be better integrated with other vendors.

Learn what your peers think about Fortinet FortiSIEM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
757,198 professionals have used our research since 2012.
Real User
Top 20
Jan 10, 2023

We have recently faced many issues in terms of support and their turnaround time for giving support as well as their patch level. The patching is one of the significant issues we face with Fortinet SIEM. We're at the enterprise level and we're not getting the support we'd expect. They really need to bring in new features like proper dashboards and alert systems and a real-time alert system which would be beneficial for users.

Real User
Top 5
Oct 4, 2022

They should offer better visibility, more correlation tools and a better understanding of the network. Fortinet FortiSIEM already uses simple and standard protocols like SNMP, DuraMI and Syslog. Other solutions like QRadar use sFlow, so I think that they can do better. In addition, the log collection and configuration management are not great.

Real User
Top 20
Aug 25, 2022

An improvement would be if FortiSIEM's licensing was based on the number of nodes rather than the EPS. In the next release, FortiSIEM should implement a central repository.

Real User
Top 20
Aug 10, 2022

Their technical support is horrible. By horrible, I mean a train wreck of a disaster that has fallen off a bridge and caught fire. The out-of-the-box log ingestion for the supported devices is fine. The main issues arise when you're trying to ingest a log source that's not supported. You're left to figure it out yourself. You have to figure out the custom parsing yourself. There should be better support for nonstandard log sources. That's because unless you can ingest logs from all of your key controls, the solution will have gaps. Out of the box, this product doesn't support a lot of normal security devices that are common, and then you get into building custom parsers yourself to get it to work. The other problem is infrastructure stability. The architecture scaling rules that the vendor provides are vastly understated. So, we constantly run into stability problems that we end up figuring out and solving by throwing more infrastructure at it because they're understating the infrastructure requirements. It is understandable that they would do that, and you see why they would do that, but it is causing no end of problems.

Real User
Top 20
Jul 4, 2022

Fortinet FortiSIEM could improve to extend to several locations or sites.

Real User
Top 20
Jun 16, 2022

It's difficult to integrate unsupported devices with FortiSIEM compared to QRadar. It's easier to integrate and develop processes in QRadar. It's harder to develop a custom process in FortiSIEM.

Abdul-MuminIddrisu - PeerSpot reviewer
Real User
Top 5
Apr 6, 2022

The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work.

Real User
Feb 16, 2022

The graphs on the user interface could be improved as we often experience glitches.

Real User
Dec 21, 2021

Areas for improvement would be the ease of use and the integration with Fortinet's own products.

Real User
Nov 22, 2021

Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give more rules.

Real User
Nov 19, 2021

I would like to see more integration with other platforms.

Real User
Top 20
Nov 18, 2021

We expect the latest patch from Fortinet FortiSIEM to give the ability to work with signature files. The patch management on the software needs to be better. We have not received frequent updates from their site. That's the major challenge for us. Going by the latest trends there are lots of cyber attacks happening in the entire world. All of the latest trends, patches, file updates, and hash updates should be released as soon as possible, whilst an attack is detected the patch has to be released on time.

Real User
Aug 26, 2021

With FortiSIEM, the issue has to do with the ways we can generate a report. It's not as flexible compared to that with other SIEM tools, like Splunk. When you work with a service provider who is using FortiSIEM as a service for other clients, you cannot run more than 30 clients on one tool. You cannot onboard, which would consume more resources and would make it slower. Also, resource consumption would be high.

Real User
Aug 7, 2021

There is no proper guide for integration or configuration. They need to improve the documentation library.

Real User
Jun 3, 2021

This solution is not very good on non-API features and lacks that functionality. We've raised multiple tickets to Fortinet about this and they are pending there. The product development hasn't been fast enough to ensure it can function on the cloud. It's excellent when you download and get the security locks but in areas like Microsoft 365, you have to fetch the security access using APIs and they don't update quickly enough. If Microsoft announces a new service today, we have to wait at least six months before FortiSIEM start supporting it. It's crucial that the API support is updated, for now FortiSIEM lacks functionality compared to its competitors.

Real User
Apr 1, 2021

I would like to see easier implementation in the future.

Feb 11, 2021

The initial setup is complex. They need to make it easier in terms of implementation. That said, all CM implementations are quite difficult. It may not be a fault of this particular product. The policy editing should be easier. Right now, it's too hard. Some of the parts of the mapping tool should be in the product itself. It would make our efforts easier. The product is quite expensive. It's something clients always comment on.

Feb 3, 2021

Its training can be improved. Its price also needs to be improved.

Real User
Dec 4, 2020

The solution is almost 100% perfect. It's already quite simple and easy to configure. In that sense, no improvements are needed. You do seem to be constantly learning new things with the product. There's a bit of an ongoing learning curve in terms of usage. Right now, I'm learning about higher availability and that's an ongoing process. It would be good if the solution offered even more configuration options, especially in relation to the VPN so that it continues to be a very flexible option. The solution offers both command line and GUI visualizations. They need to ensure that their GUI offers just as much flexibility on the configuration as the command line structure.

Real User
Top 20
Jul 15, 2020

The solution needs to be form flow diagram automatically with AWS platform

Real User
Jun 30, 2020

This is a great product for everyone. The disadvantage is the product portfolio. We need more incidents automatically to protect our network. We need to see incident reports about the event log, without events from the administrator or through human interaction. In the next release, I would like to have automated generation reports of incident reports.

Real User
Nov 13, 2019

When they started out after acquiring AccelOps, the user interface wasn't that great. But from version 5.0 they have obviously radically changed the interface, aligning it to the rest of the Forti products from a user experience point of view. This means that there is constant improvement on the interface side of the solution. The other thing that I've noticed is when searching for very old incidents, there is a slight delay. It obviously has to pull that information from the backend database, and the key point to note is that it depends on how you set it up in the backend where factors such as disk types and disk array configs come into play.

Real User
Nov 7, 2019

When compared with some competitors, in terms of performance, the CPU and RAM requirements and the capability of coordination with development all need some improvement. The solution should offer user behavior analytics in a future release.

Sep 19, 2019

The support of the product changed recently, and I don't think it's for the better. They should work to improve the support they offer to clients. They also have to improve their import perfection solution.

Real User
Aug 19, 2019

Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great. It should also have better integration.

Aug 18, 2019

The solution can't be improved, but it can be managed more clearly. The solution just needs minor improvements. I'm quite sure Fortinet is already working on this. They could work on their documentation. If there's anything about the solution that needs improvement, it's that. For example, documentation already is on a very high level but specifically on the CLI, there are tons of features which can be fine-tuned and thousands of commands are very difficult to document. If they could make this easier, it would improve the overall solution.

Real User
Aug 13, 2019

The performance can be improved. Sometimes it takes a long time to fetch data.

it_user1020687 - PeerSpot reviewer
Real User
Jun 26, 2019

The Fortinet Fabric should be more easy more friendly to use. They use a different parsing log format. for example Symantec ATP is not supported by FortiSIEM. Our reseller provided us FortiSIEM as a service. They should also provide us with a dashboard to monitor and to deploy a correlations. I think fortinet should improve the AI correlations by combining advanced statistical and heuristic analysis with behavioral whitelisting .

it_user799953 - PeerSpot reviewer
Real User
Jun 11, 2019

The backup and recovery process for this solution needs improvement. I would like to see a database with more structure in terms of maintenance and ease of use. The process of creating is much simpler than that of duplication. The procedures are not proper for handling its PostgreSQL database.

FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass. Companies around the world use FortiSIEM for the following use cases: Threat management and intelligence that provide situational awareness and anomaly detection Alleviating compliance mandate concerns for PCI, HIPAA and SOX Managing “alert overload” Handling the “too many tools” reporting issue Addressing the MSPs/MSSPs pain of...
Download Fortinet FortiSIEM ReportRead more

Related Q&As