Fortinet FortiSIEM vs Trellix ESM comparison

Fortinet and Trellix are both solutions in the Security Information and Event Management (SIEM) category. Fortinet is ranked #7 with an average rating of 8.1, while Trellix is ranked #20 with an average rating of 8.0. Fortinet holds a 3.3% mindshare in SIEM, compared to Trellix’s 1.0% mindshare. Additionally, 82% of Fortinet users are willing to recommend the solution, compared to 75% of Trellix users who would recommend it.

Fortinet FortiSIEM

Read 74 Fortinet FortiSIEM reviews

4,203 Views
2,495 Comparison Views

82% willing to recommend

Trellix ESM

Read 37 Trellix ESM reviews

1,563 Views
721 Comparison Views

75% willing to recommend

Fortinet FortiSIEM

Trellix ESM

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 18, 2024

Trellix ESM and Fortinet FortiSIEM are prominent players in the SIEM market. Based on user reviews, Fortinet FortiSIEM appears to have the upper hand in features, though Trellix ESM offers stronger support and pricing advantages.

Features: Users praise Trellix ESM for its robust analytics, adaptability to diverse IT environments, and efficient threat detection. Fortinet FortiSIEM is noted for comprehensive incident management features, seamless integration capabilities, and advanced correlation engine. Fortinet FortiSIEM's extensive feature set gives it an edge in this category.

Room for Improvement: Trellix ESM users highlight needs for enhanced reporting, more intuitive configuration options, and improved UI experience. Fortinet FortiSIEM feedback points to complexity in setup, a steeper learning curve, and occasional performance lags. Trellix ESM needs user-friendliness enhancements, while Fortinet FortiSIEM requires simplification in deployment.

Ease of Deployment and Customer Service: Trellix ESM is favored for its quicker deployment times and responsive customer support. Fortinet FortiSIEM, while powerful, has a lengthier and more complex setup process but compensates with detailed documentation and training resources. Trellix ESM stands out for better deployment ease and customer service.

Pricing and ROI: Trellix ESM is often seen as more cost-effective with favorable ROI, thanks to lower setup costs and ongoing expenses. Fortinet FortiSIEM, although pricier, justifies its cost through extensive features and longer-term ROI benefits. Users generally find Trellix ESM more budget-friendly, whereas Fortinet FortiSIEM aligns with organizations seeking comprehensive feature sets despite higher costs.

To learn more, read our detailed Fortinet FortiSIEM vs. Trellix ESM Report (Updated: June 2025).

Buyer's Guide

Fortinet FortiSIEM vs. Trellix ESM

June 2025

Download the complete report

Helped 860,168 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Fortinet FortiSIEM

Ranking in Security Information and Event Management (SIEM)

7th

Average Rating

7.6

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Trellix ESM

Ranking in Security Information and Event Management (SIEM)

20th

Average Rating

7.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of July 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Fortinet FortiSIEM is 3.3%, up from 3.0% compared to the previous year. The mindshare of Trellix ESM is 1.0%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Security Information and Event Management (SIEM)

Featured Reviews

Oliver Jackson

Network Engineer at Laminar Communications Pty Ltd

Systems monitoring enhanced by firewall and intrusion detection features

My primary use case for Fortinet FortiSIEM is systems monitoring and alerting. I use it for standard functions like log monitoring, incident detection, and notification. My customers are mostly medium-sized enterprises ranging from engineering companies, mining companies, independent schools, and…

Read full review

Daniel Durian

Senior Information Security Manager at a real estate/law firm with 10,001+ employees

Helps to monitor and detect cyberattacks

The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick. Trellix ESM provides situation awareness. On the dashboard, I can see outbound and inbound communications to known threat hosts, IPS/IDS activity, and threat intelligence of the perimeter defense in the firewall. This information helps preempt attacks.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The advanced agents used to collect logs have been most valuable. We have also made use of the advanced intelligence this solution offers."

"FortiSIEM sends an email or SMS notifications to admins when there are significant incidents. It's a highly efficient way of responding to incidents."

"Fortinet FortiSIEM provides good detection against advanced threats."

"It detects new technologies, vulnerabilities, and emerging threats on the internet."

"The interface is very easy to use. The connector in the core has FortiSIEM support from the vendor."

"Its automated response feature has benefited our customer communication. Analysts feel more confident in providing timely responses."

"The primary valuable feature is that it has replaced a whole lot of other products with one platform."

"Analytics. It can provide log information from the device. With log information, I can see if there is a threat"

More Fortinet FortiSIEM pros

"The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."

"Trellix ESM is very user-friendly."

"This solution integrates easily and very well with other technologies."

"The support I have received from the vendor has been great."

"The solution's technical support is great."

"Trellix ESM utilizes fewer human resources and improves security and visibility."

"It has good technical support, which is available around the clock. You can call up anytime and get whatever you want. My queues are resolved."

"I rate the tool's deployment an eight out of ten. The deployment is completed in two days."

More Trellix ESM pros

Cons

"The performance can be improved. Sometimes it takes a long time to fetch data."

"FortiSIEM needs to expand its integration with third-party vendors. I don't know if Forcepoint has been added, but there were limited resources for integrating Forcepoint solutions when we implemented FortiSIEM. It integrates well with other Fortinet products and solutions from established cybersecurity companies like Palo Alto but doesn't integrate with some of the newer vendors."

"Patching is not great - we're not getting the support we'd expect."

"Our team tried configuring MS SQL database logs with Fortinet FortiSIEM, but it did not work for some time."

"There could be improvements like introducing some solutions directly into FortiSIEM to avoid the need for separately purchasing additional tools like FortiStore."

"If there is a configuration on the wrong side of the network or there are changes that result in harm to our IT infrastructure, the solution should immediately fix it."

"The policy editing should be easier. Right now, it's too hard."

"The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products."

More Fortinet FortiSIEM cons

"It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs."

"We acquired the IBM product because McAfee is slightly confusing to use, and it's broader."

"I would like to see improvements to the user interface."

"The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases."

"The solution needs to improve case management. The UI is confusing."

"It is not a very advanced solution, and it is for very generic use cases. It cannot cope with the advanced requirements that we're going to have. For example, for multiple authentication failures, it is still based on Windows events for detecting multiple login failures, whereas other companies are going beyond and working on implementing two-factor authentication. It is time to correlate the two-factor authentication results with authentification failures, which is not happening with McAfee ESM. The performance of the tool should be improved because it is very slow. The data display on the console is very slow in McAfee ESM. Its data storage is still old-fashioned, and it should be improved and upgraded to the latest versions. They have to come up with some new ideas to match what other leaders in the same domain are doing. For example, in Splunk, when you search for information for the last 60 days or five months, it quickly shows the information, but that is not the case with McAfee. The results should be quicker and faster on the console. They should integrate some additional features such as User Behavior Analytics (UBA) and automation. The threat intelligence part should also be improved on McAfee."

"I would like to see fingerprint recognition included in the next release of this solution."

"Customized reports and alerting functionality could be included in the dashboard."

More Trellix ESM cons

Pricing and Cost Advice

"There is a need to make yearly payments towards the licensing charges attached to the product. The free version license of the product is available for two months."

"They have a yearly subscription."

"There are additional features that cost more than the standard licensing fees."

"If one is cheap and ten is expensive. I rate the tool's price as an eight out of ten. Compared with Splunk or Oracle, Fortinet is cheap."

"Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."

"The price of the solution is expensive. The license is scalable. If there are 10 devices it is simple to license."

"The price is competitive."

"The price of Fortinet FortiSIEM was reasonable compared to other solutions."

More Fortinet FortiSIEM pricing and cost advice

"Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar."

"We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."

"You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."

"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."

"The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."

"The price of McAfee ESM is higher than some of the other solutions. There are additional features that can be added at an additional fee."

"The cost is dependent on the customer's environment and requirements."

"The licensing cost is based on EPS."

More Trellix ESM pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

860,168 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at Deloitte & Touche

Feb 26, 2015

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…

Read full review

Top Industries

By visitors reading reviews

Computer Software Company

15%

Financial Services Firm

10%

Comms Service Provider

Government

Educational Organization

40%

Financial Services Firm

Computer Software Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Fortinet FortiSIEM?

Fortinet FortiSIEM needs to provide better API integrations to users.

See all answers

What is your experience regarding pricing and costs for Fortinet FortiSIEM?

The pricing is reasonable, which is why it is preferred by government customers. Windows agent licenses cost around 3,000 Rupees per device per year.

See all answers

What needs improvement with Fortinet FortiSIEM?

Fortinet FortiSIEM should broaden its remediation part to include more features for incident management. Currently, to manage repetitive incidents or for remediation, I need to use a separate softw...

See all answers

What do you like most about McAfee ESM?

The solution's technical support is great.

See all answers

What is your experience regarding pricing and costs for McAfee ESM?

When discussing Trellix ESM pricing and licensing, if you consider some premium product, the pricing also has to be premium, however, enterprise customers who look for a premium product, alongside ...

See all answers

What needs improvement with McAfee ESM?

We need to improve Trellix ESM by making sure that most of the logging devices available in the global market should be covered, and if there is any device which is not covered, there should not be...

See all answers

Comparisons

Wazuh vs Fortinet FortiSIEM

Compared 13% of the time

IBM Security QRadar vs Fortinet FortiSIEM

Compared 12% of the time

Splunk Enterprise Security vs Fortinet FortiSIEM

Compared 9% of the time

LogRhythm SIEM vs Fortinet FortiSIEM

Compared 7% of the time

Rapid7 InsightIDR vs Fortinet FortiSIEM

Compared 2% of the time

More Fortinet FortiSIEM Competitors

OpenText Enterprise Security Manager vs Trellix ESM

Compared 29% of the time

Splunk Enterprise Security vs Trellix ESM

Compared 15% of the time

LogRhythm SIEM vs Trellix ESM

Compared 15% of the time

SentinelOne Singularity Complete vs Trellix ESM

Compared 11% of the time

IBM Security QRadar vs Trellix ESM

Compared 9% of the time

More Trellix ESM Competitors

Product Reports

Buyer's Guide

Fortinet FortiSIEM

June 2025

Download Fortinet FortiSIEM product report

Buyer's Guide

Trellix ESM

June 2025

Download Trellix ESM product report

Also Known As

FortiSIEM, AccelOps

McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager

Overview

FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

Companies around the world use FortiSIEM for the following use cases:

Threat management and intelligence that provide situational awareness and anomaly detection
Alleviating compliance mandate concerns for PCI, HIPAA and SOX
Managing “alert overload”
Handling the “too many tools” reporting issue
Addressing the MSPs/MSSPs pain of meeting service level agreements

Fortinet

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

Trellix

Sample Customers

FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

Buyer's Guide

Fortinet FortiSIEM vs. Trellix ESM

June 2025

Free Report: Fortinet FortiSIEM vs. Trellix ESM

Find out what your peers are saying about Fortinet FortiSIEM vs. Trellix ESM and other solutions. Updated: June 2025.

DOWNLOAD NOW

860,168 professionals have used our research since 2012.

See our Fortinet FortiSIEM vs. Trellix ESM report.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.