Trellix ESM and Fortinet FortiSIEM are prominent players in the SIEM market. Based on user reviews, Fortinet FortiSIEM appears to have the upper hand in features, though Trellix ESM offers stronger support and pricing advantages.
Features: Users praise Trellix ESM for its robust analytics, adaptability to diverse IT environments, and efficient threat detection. Fortinet FortiSIEM is noted for comprehensive incident management features, seamless integration capabilities, and advanced correlation engine. Fortinet FortiSIEM's extensive feature set gives it an edge in this category.
Room for Improvement: Trellix ESM users highlight needs for enhanced reporting, more intuitive configuration options, and improved UI experience. Fortinet FortiSIEM feedback points to complexity in setup, a steeper learning curve, and occasional performance lags. Trellix ESM needs user-friendliness enhancements, while Fortinet FortiSIEM requires simplification in deployment.
Ease of Deployment and Customer Service: Trellix ESM is favored for its quicker deployment times and responsive customer support. Fortinet FortiSIEM, while powerful, has a lengthier and more complex setup process but compensates with detailed documentation and training resources. Trellix ESM stands out for better deployment ease and customer service.
Pricing and ROI: Trellix ESM is often seen as more cost-effective with favorable ROI, thanks to lower setup costs and ongoing expenses. Fortinet FortiSIEM, although pricier, justifies its cost through extensive features and longer-term ROI benefits. Users generally find Trellix ESM more budget-friendly, whereas Fortinet FortiSIEM aligns with organizations seeking comprehensive feature sets despite higher costs.
The platform has resulted in time saved and reduces mean time to response, making it a great platform.
There is a knowledgeable, though small, team of support engineers around the world.
The customer support for Fortinet FortiSIEM is excellent.
Local tech support is available, however, for more critical or technical issues, we depend on the OEM directly, especially when it comes to on-prem solutions.
I would rate support for Trellix ESM 10 out of 10 because if we connect with the support in the UK, we get excellent support.
It's rare for me to need them unless it's an issue with licensing, and they are the best in that regard.
Fortinet FortiSIEM is highly scalable.
Fortinet FortiSIEM's scalability is excellent, and it is also easy to configure, maintain, and operate.
At any point in time, when network devices increase or there is a change in the infrastructure, we can add more workers and collectors to expand our infrastructure setup.
Scalability is quite easier with Trellix ESM, because all we need to do is add more receivers to it, so it can go to any point.
It stabilizes itself in an appropriate time, so its uptime is good.
Some stability issues occur, but Fortinet's technical support team provides assistance.
These issues may cause unusual errors and user interface issues.
Fortinet FortiSIEM should broaden its remediation part to include more features for incident management.
Recently, they revised it to a subscription-based, all-inclusive license.
The built-in APIs in Fortinet FortiSIEM are somewhat lacking and could be improved for better integration with external ITSM products.
If there is any device which is not covered, there should not be any additional charges for writing the custom parsers on that.
Setting it up for oneself as an enterprise-licensed product can be quite expensive.
Windows agent licenses cost around 3,000 Rupees per device per year.
My experience with pricing, setup cost, and licensing for Fortinet FortiSIEM is wonderful, as it offers an excellent license compared to other vendors.
I find the real-time monitoring and correlation capabilities effective for security alerts.
It provides extensive logging and record-keeping for internal networks, cloud applications, and services as well as perimeter physical network security.
Reliability and scalability have helped me in my work, especially because the license for Fortinet FortiSIEM is excellent from a cost perspective, and we can add more collectors as we expand.
The weakest point is it doesn't cover almost all the devices, so the customer has to be more dependent on the parsers to be written by the Professional Services team.
| Product | Market Share (%) |
|---|---|
| Fortinet FortiSIEM | 2.8% |
| Trellix ESM | 1.2% |
| Other | 96.0% |
| Company Size | Count |
|---|---|
| Small Business | 34 |
| Midsize Enterprise | 22 |
| Large Enterprise | 24 |
| Company Size | Count |
|---|---|
| Small Business | 15 |
| Midsize Enterprise | 6 |
| Large Enterprise | 24 |
FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.
Companies around the world use FortiSIEM for the following use cases:
Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
