Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSIEM vs NetWitness Platform comparison

Fortinet and NetWitness are both solutions in the Security Information and Event Management (SIEM) category. Fortinet is ranked #7 with an average rating of 8.1, while NetWitness is ranked #30 with an average rating of 8.3. Fortinet holds a 3.3% mindshare in SIEM, compared to NetWitness’s 0.6% mindshare. Additionally, 82% of Fortinet users are willing to recommend the solution, compared to 75% of NetWitness users who would recommend it.
Fortinet FortiSIEM
Read 75 Fortinet FortiSIEM reviews
  • 5,537 Views
  • 4,042 Comparison Views
82% willing to recommend
NetWitness Platform
Read 37 NetWitness Platform reviews
  • 1,507 Views
  • 980 Comparison Views
75% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 18, 2024

NetWitness Platform and Fortinet FortiSIEM are two leading security information and event management solutions. Fortinet FortiSIEM edges out NetWitness Platform in features and consistent performance, while NetWitness is favored for its customer service and ease of deployment.

Features: NetWitness Platform users appreciate its comprehensive threat detection and network monitoring capabilities. It offers advanced analytics, network visibility, and real-time threat detection. Fortinet FortiSIEM users value its extensive device support, integration options, and threat intelligence features. FortiSIEM slightly edges out in features with its broader integration scope and flexible data collection.

Room for Improvement: Users suggest NetWitness Platform could benefit from more intuitive configuration options and enhanced documentation. They also point to the need for better reporting capabilities. For Fortinet FortiSIEM, users recommend improving its scalability and performance optimization. They also note a need for a more streamlined user interface and better customization options.

Ease of Deployment and Customer Service: NetWitness Platform is highlighted for its relatively straightforward deployment process and responsive customer support. Fortinet FortiSIEM users experience a more complex deployment but satisfactory customer service. NetWitness stands out with easier deployment.

Pricing and ROI: Users find NetWitness Platform’s pricing to be higher, but they feel it delivers good ROI with its robust security features. Fortinet FortiSIEM, although more cost-effective upfront, presents a comparable ROI over time due to its extensive feature set. Pricing is a notable differentiator, with FortiSIEM being more budget-friendly.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Fortinet FortiSIEM vs. NetWitness Platform Report (Updated: September 2025).
Buyer's Guide
Fortinet FortiSIEM vs. NetWitness Platform
September 2025
Download the complete report
Helped 868,787 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortinet FortiSIEM
Ranking in Security Information and Event Management (SIEM)
7th
Average Rating
7.6
Reviews Sentiment
5.8
Number of Reviews
75
Ranking in other categories
No ranking in other categories
NetWitness Platform
Ranking in Security Information and Event Management (SIEM)
30th
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
37
Ranking in other categories
Log Management (33rd)
 

Mindshare comparison

As of October 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.3%, up from 2.9% compared to the previous year. The mindshare of NetWitness Platform is 0.6%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Market Share Distribution
ProductMarket Share (%)
Fortinet FortiSIEM3.3%
NetWitness Platform0.6%
Other96.1%
Security Information and Event Management (SIEM)
 

Featured Reviews

Oliver Jackson - PeerSpot reviewer
Systems monitoring enhanced by firewall and intrusion detection features
My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification.  My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…
Read full review
MOTASHIM Al Razi - PeerSpot reviewer
It is a stable solution, but they should make the user interface easier to understand
The solution's initial setup takes work. We have to organize multiple paths and many features. The deployment process takes less than a week. But it takes a month to complete if we want to make the solution smarter by integrating it with various devices. I rate the process as a six out of ten.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."
"Fortinet FortiSIEM is less costly than other products and is available 24/7."
"FortiSIEM's best features are the dashboards and customization."
"Fortinet FortiSIEM has its own validated and authentic IP database that marks malicious IP attacks against the firewall and generates an alert for the same."
"Fortinet FortiSIEM's most valuable feature is the simplicity in handling multi-tenancy and the ability to switch between different clients at the same time. That was handled flawlessly."
"The most valuable feature is the ability to view all the network events on a single pane and find the point of contact or point of the incident."
"The most valuable feature is auto-discovery. When you send logs from any device to port 514, it helps register those devices automatically."
"The tool's most valuable feature stems from the fact that I can see a complete analysis, like all the incidents that have happened, and it detects everything in real-time."
More Fortinet FortiSIEM pros
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"NetWitness can be highly beneficial for incident detection and response."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"The solution is really scalable for the high-end power, enterprise customer."
More NetWitness Platform pros
 

Cons

"Fortinet FortiSIEM should broaden its remediation part to include more features for incident management. Currently, to manage repetitive incidents or for remediation, I need to use a separate software called FortiSOAR."
"The deployment of the platform took some time to set up and configure."
"The biggest thing that could be better is a quicker response to support cases."
"Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome."
"The UI could improve in Fortinet FortiSIEM. Humans view the UI frequently for data and if it was more visually pleasing it would be beneficial."
"The graphs on the user interface could be improved as we often experience glitches."
"The interface needs some improvements because it's a bit cumbersome when you're trying to view items. It takes some time to get used to. Additionally, sometimes the scrolling does not work."
"Their product support, in general, is not that great. The product support is in the same ecosystem. Their support is improving but it's not that great.vvv"
More Fortinet FortiSIEM cons
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The implementation needs assistance."
"The solution should have more integration capabilities with different platforms."
"The initial setup is very complex and should be simplified."
"I believe that integrating the solution with other products such as Oracle would be beneficial."
"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."
"They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams."
More NetWitness Platform cons
 

Pricing and Cost Advice

"Pricing is acceptable for more than 90% of our customers, as they normally get discounts."
"Fortinet FortiSIEM is cheaper compared to other products."
"The price is competitive."
"Please be cheaper and more simplified."
"Fortinet FortiSIEM is not an expensive solution."
"The price of Fortinet FortiSIEM is a lot less when compared to other solutions."
"Pricing is determined based on the customer's budget."
"This is probably more on the lower cost end of the spectrum compared to competing products. Fortinet's license model is based on events per second, which makes sense, but that's not typical. It makes it very hard to calculate what your costs are going to be as you scale the platform because some log sources, such as firewall logs, are very noisy, and there are lots and lots of events per second, but some of them are not. So, it becomes a bit of a science experiment trying to guess what your costs are going to be as you scale the solution. This is where other competing products perhaps have a more straightforward license model."
More Fortinet FortiSIEM pricing and cost advice
"Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
"In comparison to other SIEM solutions such as Splunk, NetWitness is less costly."
"It provides tools to assist in selecting the appropriate license and usage scenarios."
"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."
"We are on an annual license for the use of the solution."
"The tool is very expensive, so I rate the pricing a ten out of ten. The solution has an annual subscription."
"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
"The product is expensive."
More NetWitness Platform pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
868,787 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
Read full review
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
9%
Comms Service Provider
7%
Government
6%
Financial Services Firm
13%
Computer Software Company
12%
Comms Service Provider
7%
Performing Arts
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business34
Midsize Enterprise21
Large Enterprise23
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise7
Large Enterprise20
 

Questions from the Community

What do you like most about Fortinet FortiSIEM?
Fortinet FortiSIEM needs to provide better API integrations to users.
See all answers
What is your experience regarding pricing and costs for Fortinet FortiSIEM?
I am not familiar with the price and cost of Fortinet FortiSIEM. I cannot tell you if it is high, expensive, or low. However, I can say that it is cost-effective as it provides everything needed.
See all answers
What needs improvement with Fortinet FortiSIEM?
Regarding Fortinet FortiSIEM, I cannot identify any specific areas for improvement because I can find everything I need. For the time being, I cannot find a real point for improvement. Everything i...
See all answers
What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
See all answers
What is your experience regarding pricing and costs for NetWitness Platform?
The pricing is comparable to others, and I consider the cost to be intermediate. Specific cost details are unknown to me.
See all answers
What needs improvement with NetWitness Platform?
There is currently no need for improvement in the SIEM ( /categories/security-information-and-event-management-siem ), though there could be potential enhancements by integrating with AI.
See all answers
 

Comparisons

IBM Security QRadar vs Fortinet FortiSIEM Logo
IBM Security QRadar vs Fortinet FortiSIEM
Compared 11% of the time
Wazuh vs Fortinet FortiSIEM Logo
Wazuh vs Fortinet FortiSIEM
Compared 11% of the time
Splunk Enterprise Security vs Fortinet FortiSIEM Logo
Splunk Enterprise Security vs Fortinet FortiSIEM
Compared 11% of the time
LogRhythm SIEM vs Fortinet FortiSIEM Logo
LogRhythm SIEM vs Fortinet FortiSIEM
Compared 5% of the time
ManageEngine Log360 vs Fortinet FortiSIEM Logo
ManageEngine Log360 vs Fortinet FortiSIEM
Compared 5% of the time
More Fortinet FortiSIEM Competitors
IBM Security QRadar vs NetWitness Platform Logo
IBM Security QRadar vs NetWitness Platform
Compared 24% of the time
Splunk Enterprise Security vs NetWitness Platform Logo
Splunk Enterprise Security vs NetWitness Platform
Compared 18% of the time
Elastic Security vs NetWitness Platform Logo
Elastic Security vs NetWitness Platform
Compared 14% of the time
USM Anywhere vs NetWitness Platform Logo
USM Anywhere vs NetWitness Platform
Compared 11% of the time
Trellix Network Detection and Response vs NetWitness Platform Logo
Trellix Network Detection and Response vs NetWitness Platform
Compared 9% of the time
More NetWitness Platform Competitors
 

Product Reports

Buyer's Guide
Fortinet FortiSIEM
October 2025
Fortinet FortiSIEM reportDownload Fortinet FortiSIEM product report
Buyer's Guide
NetWitness Platform
September 2025
NetWitness Platform reportDownload NetWitness Platform product report
 

Also Known As

FortiSIEM, AccelOps
RSA Security Analytics
 

Overview

FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

Companies around the world use FortiSIEM for the following use cases:

  • Threat management and intelligence that provide situational awareness and anomaly detection
  • Alleviating compliance mandate concerns for PCI, HIPAA and SOX
  • Managing “alert overload”
  • Handling the “too many tools” reporting issue
  • Addressing the MSPs/MSSPs pain of meeting service level agreements
Fortinet

NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

NetWitness
 

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
Los Angeles World Airports, Reply
Buyer's Guide
Fortinet FortiSIEM vs. NetWitness Platform
September 2025
Free Report: Fortinet FortiSIEM vs. NetWitness Platform
Find out what your peers are saying about Fortinet FortiSIEM vs. NetWitness Platform and other solutions. Updated: September 2025.
DOWNLOAD NOW
868,787 professionals have used our research since 2012.
See our Fortinet FortiSIEM vs. NetWitness Platform report.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.