Sentinel and Fortinet FortiSIEM compete in the security information and event management (SIEM) category. Sentinel is often favored for its cost-effectiveness and customer support, while Fortinet FortiSIEM stands out for its comprehensive features and overall user satisfaction.
Features: Sentinel offers robust integration capabilities, automation features, and a streamlined threat detection and response process. Fortinet FortiSIEM is noted for its advanced analytics, scalability, and detailed reporting.
Room for Improvement: Sentinel users often mention the need for improved documentation, enhanced threat intelligence, and better user interface. Fortinet FortiSIEM users suggest more customization options, an intuitive setup process, and refined user interface adjustments.
Ease of Deployment and Customer Service: Sentinel is known for its straightforward deployment process and responsive customer service. Fortinet FortiSIEM can be more complex to deploy but provides reliable customer support. Sentinel is favored for quick implementation, whereas Fortinet FortiSIEM supports extensive infrastructures well.
Pricing and ROI: Sentinel is recognized for its affordability and significant return on investment. Fortinet FortiSIEM, though more expensive, provides value through its extensive capabilities. Pricing differences highlight Sentinel's budget-friendliness and Fortinet FortiSIEM's advanced functionality.
There is a knowledgeable, though small, team of support engineers around the world.
Local tech support is available, however, for more critical or technical issues, we depend on the OEM directly, especially when it comes to on-prem solutions.
They take some time to respond because they need logs and investigations, which delays the response time.
The customer support for Sentinel is very good; any tickets logged will be answered immediately within the given timeframe.
Fortinet FortiSIEM is highly scalable.
At any point in time, when network devices increase or there is a change in the infrastructure, we can add more workers and collectors to expand our infrastructure setup.
Fortinet FortiSIEM is easy to scale.
It stabilizes itself in an appropriate time, so its uptime is good.
Some stability issues occur, but Fortinet's technical support team provides assistance.
These issues may cause unusual errors and user interface issues.
Fortinet FortiSIEM should broaden its remediation part to include more features for incident management.
Enhancing the completeness of its APIs could aid in better external integrations.
Recently, they revised it to a subscription-based, all-inclusive license.
Price is always a consideration, so the price would be nice if it were lower.
Windows agent licenses cost around 3,000 Rupees per device per year.
Setting it up for oneself as an enterprise-licensed product can be quite expensive.
The revised model is subscription-based and more flexible.
They nearly always bill it in dollars, so if it can be billed in our currency, that would be helpful and fixed in our currency.
My experience with pricing, setup cost, and licensing shows that while it is a little on the higher side, since it is part of a package for all Microsoft products, I feel it is a better choice comparatively than other SIEMs in the market.
It provides extensive logging and record-keeping for internal networks, cloud applications, and services as well as perimeter physical network security.
I find the real-time monitoring and correlation capabilities effective for security alerts.
Sentinel's best features include that it's a very easy product to use.
In terms of metrics showing how Sentinel has helped, as part of log filtering, we have reduced around thirty to thirty-five percent of false-positive incident creation.
| Product | Mindshare (%) |
|---|---|
| Fortinet FortiSIEM | 2.3% |
| Sentinel | 2.7% |
| Other | 95.0% |
| Company Size | Count |
|---|---|
| Small Business | 34 |
| Midsize Enterprise | 22 |
| Large Enterprise | 24 |
| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 3 |
| Large Enterprise | 8 |
Fortinet FortiSIEM offers robust features like automation, real-time monitoring, and scalable log correlation. It integrates SOC and NOC, enhancing security by seamlessly managing data. A preferred choice for threat management, its comprehensive reports and competitive pricing add value.
Fortinet FortiSIEM serves as a comprehensive platform for security monitoring, threat detection, and incident management. It streamlines operations by integrating seamlessly with Fortinet and third-party tools, offering dynamic service discovery and user-friendly analytics. Leveraging its stable infrastructure, organizations conduct log analysis and behavioral monitoring across networks and applications. It supports compliance reporting and enhances security environments through integration with firewalls and security devices. Its cloud and on-premise options cater to regulatory and operational needs, while multitenant capabilities enable managed security service providers to extend robust security services. Users have highlighted areas for improvement in API integration, data retrieval speed, resource consumption, automation, and reporting flexibility.
What are the key features of Fortinet FortiSIEM?In healthcare, Fortinet FortiSIEM ensures compliance and secure health data management. Financial institutions utilize it for real-time monitoring and fraud detection, while educational sectors deploy for network security and data integrity. Service providers leverage its multitenant features for expansive client management.
Sentinel is a robust platform offering seamless native integration, enhanced security through transactional data, and a user-friendly interface reminiscent of Microsoft Windows. Its capabilities in threat detection, monitoring, and business intelligence integration make it an attractive choice for organizations.
Sentinel simplifies security management with its advanced features, including the Kusto Query Language and automation abilities that reduce the complexity of coding tasks. The platform's correlation engine allows for efficient rule generation, while its threat visibility and intelligence features offer preparation against risks. Advanced hunting queries, anomaly dashboards, and scalability options enhance its utility. Users appreciate its seamless connections with Microsoft tools and ability to improve threat detection through cloud and business intelligence integration. However, enhancements could improve documentation on security aspects, simplify dashboards, and optimize drag-and-drop features. There are suggestions for better device integration, a shift to web interfaces, and improved customization options, although some users face challenges with Unix scripting.
What are the most important features of Sentinel?Sentinel finds application across sectors for logging, security event monitoring, and integration with tools like Microsoft Defender for Endpoint. Users from industries such as government and academic institutions leverage its advanced SQL query support for customized responses, enhancing security measures with AI capabilities in diverse environments.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
