Try our new research platform with insights from 80,000+ expert users

Fortinet FortiSIEM pros and cons

Vendor: Fortinet

3.8 out of 5

75 reviews
83% willing to recommend

Pros & Cons summary

Fortinet FortiSIEM offers flexible reporting and rule generation with built-in reports and alerts, integrating SOC and NOC operations for robust monitoring. Seamless integration with platforms like Cisco and Palo Alto enhances interoperability. It provides strong event correlation for threat detection, but creating parsers for unsupported devices is cumbersome. Documentation needs improvement, especially on CLI features, and integration can be challenging. Technical support is often criticized, and the licensing model is seen as expensive.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Fortinet FortiSIEM provides extensive analytics, including invaluable log correlation and threat detection capabilities.

It allows seamless integration with other security fabrics and technologies, enhancing overall operational efficiency.

The ability to match IPs with threat intelligence feeds adds valuable context for security monitoring.

Fortinet FortiSIEM's dashboards and event correlation are robust and customizable to meet specific security needs.

Its auto-discovery and real-time monitoring prove essential for comprehensive network security oversight.

CONS

Creating parsers for unsupported devices is cumbersome and time-consuming.

Technical support and response time need significant improvement.

Better integration with third-party vendors and tools is necessary.

Improvement is needed in hardware resource utilization for efficiency.

Fortinet FortiSIEM should simplify creating and managing normalizers.

Fortinet FortiSIEM Pros review quotes

Director of IT with 501-1,000 employees

Jul 21, 2015

With the online-based monitoring we've set up, we've been able to watch trends of attempted attacks on our network, and we're also able to monitor our account issues internally as attackers attempt to log into our accounts.

Read full review

Systems Administrator with 501-1,000 employees

Jul 22, 2015

It gives greater visibility via the dashboards into the real-time status of the network and also provides specific alerts and performance monitoring.

Read full review

Senior Network Security Architect at a retailer with 1,001-5,000 employees

Aug 2, 2015

The primary thing I use it for is monitoring IPS because we have 12 or 14 Cisco IPS devices, and the Cisco solution for monitoring that many IPS devices is hokey at best, aside from it being expensive.

Read full review

Fortinet FortiSIEM

Free Report: Fortinet FortiSIEM Reviews and More

Learn what your peers think about Fortinet FortiSIEM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2026.

884,933 professionals have used our research since 2012.

Senior Enterprise Information Security Architect at a healthcare company with 1,001-5,000 employees

Aug 19, 2015

The pricing is very, very affordable; for the value you get, I think it’s about the cheapest solution on the market.

Read full review

IT Security and Compliance Officer at a energy/utilities company with 501-1,000 employees

Aug 19, 2015

AccelOps gives us a greater visibility into potential data/network breach attempts with the monitoring and alerting capabilities.

Read full review

Manager, Security Services at a financial services firm with 5,001-10,000 employees

Feb 17, 2016

The most valuable features for us are the built-in reports and alerts, along with the extreme flexibility in reporting and rule generation.

Read full review

Information Security Officer at a aerospace/defense firm with 10,001+ employees

Mar 11, 2016

We're able to get real-timec as well as our customer networks that we're monitoring at all times.

Read full review

Associate Director, Network Services at a university with 1,001-5,000 employees

Mar 11, 2016

The primary valuable feature is that it has replaced a whole lot of other products with one platform.

Read full review

RO

Infrastructure Operations Manager at a computer software company with 501-1,000 employees

Mar 21, 2016

There are things like dashboards and reports (pre-configured and custom) that let me know that things are operating the way they should be, and when they are not.

Read full review

Network Engineer at a sports company with 51-200 employees

May 1, 2017

The ability to write my own parsers for the devices that are not supported by Fortinet is the most valuable feature.

Read full review

Show 10 more reviews (out of 72)

Fortinet FortiSIEM Cons review quotes

Director of IT with 501-1,000 employees

Jul 21, 2015

As we're an SMB, I would like to see different licensing options and the solution is priced out of the reach of some small businesses.

Read full review

Systems Administrator with 501-1,000 employees

Jul 22, 2015

Issues that could have been resolved in 30-60 minutes sometimes took months, but they have improved.

Read full review

Senior Network Security Architect at a retailer with 1,001-5,000 employees

Aug 2, 2015

One of the things that actually opened a ticket about (and they couldn’t help me) is when traffic is leaving our network, it’ll only report the source.

Read full review

Fortinet FortiSIEM

Free Report: Fortinet FortiSIEM Reviews and More

Learn what your peers think about Fortinet FortiSIEM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2026.

884,933 professionals have used our research since 2012.

Senior Enterprise Information Security Architect at a healthcare company with 1,001-5,000 employees

Aug 19, 2015

The way that upgrades are handled could be a bit cleaner.

Read full review

IT Security and Compliance Officer at a energy/utilities company with 501-1,000 employees

Aug 19, 2015

Ease-of-use for end users that do not spend every day in the product. Also, the presentation of historical and trending data in dashboards needs to be improved immensely.

Read full review

Manager, Security Services at a financial services firm with 5,001-10,000 employees

Feb 17, 2016

Creating parsers to try make unknown events or currently unsupported devices produce meaningful information is extremely cumbersome.

Read full review

Information Security Officer at a aerospace/defense firm with 10,001+ employees

Mar 11, 2016

The dashboards need to be improved. It gives you so much detail, but sometimes too much detail, especially to an executive, it's too much.

Read full review

Associate Director, Network Services at a university with 1,001-5,000 employees

Mar 11, 2016

It lacks a "wizard" that shows a particular user's activity or particular circumstance. I think the interface is intimidating because there's so much information there.

Read full review

RO

Infrastructure Operations Manager at a computer software company with 501-1,000 employees

Mar 21, 2016

The biggest thing that could be better is a quicker response to support cases.

Read full review

Network Engineer at a sports company with 51-200 employees

May 1, 2017

The reporting feature is not very attractive for the upper management and I am not able to perform complex/nested queries.

Read full review

Show 10 more reviews (out of 72)

Product Categories

Product Categories

Security Information and Event Management (SIEM)

AI Observability

Fortinet Security Operations (SecOps) Platform

Popular Comparisons

Popular Comparisons

CrowdStrike Falcon vs Fortinet FortiSIEM

Wazuh vs Fortinet FortiSIEM

SentinelOne Singularity Cloud Security vs Fortinet FortiSIEM

Splunk Enterprise Security vs Fortinet FortiSIEM

Microsoft Sentinel vs Fortinet FortiSIEM

IBM Security QRadar vs Fortinet FortiSIEM

Cribl vs Fortinet FortiSIEM

Elastic Security vs Fortinet FortiSIEM

Cortex XSIAM vs Fortinet FortiSIEM

LogRhythm SIEM vs Fortinet FortiSIEM

Rapid7 InsightIDR vs Fortinet FortiSIEM

Exabeam vs Fortinet FortiSIEM

Gigamon Deep Observability Pipeline vs Fortinet FortiSIEM

Sentinel vs Fortinet FortiSIEM

Anomali vs Fortinet FortiSIEM

See all alternatives

Product Categories

Product Categories

Security Information and Event Management (SIEM)

AI Observability

Fortinet Security Operations (SecOps) Platform

Popular Comparisons

Popular Comparisons

CrowdStrike Falcon vs Fortinet FortiSIEM

Wazuh vs Fortinet FortiSIEM

SentinelOne Singularity Cloud Security vs Fortinet FortiSIEM

Splunk Enterprise Security vs Fortinet FortiSIEM

Microsoft Sentinel vs Fortinet FortiSIEM

IBM Security QRadar vs Fortinet FortiSIEM

Cribl vs Fortinet FortiSIEM

Elastic Security vs Fortinet FortiSIEM

Cortex XSIAM vs Fortinet FortiSIEM

LogRhythm SIEM vs Fortinet FortiSIEM

Rapid7 InsightIDR vs Fortinet FortiSIEM

Exabeam vs Fortinet FortiSIEM

Gigamon Deep Observability Pipeline vs Fortinet FortiSIEM

Sentinel vs Fortinet FortiSIEM

Anomali vs Fortinet FortiSIEM

See all alternatives

Related questions

153

What Solution for SIEM is Best To Be NIST 800-171 Compliant?

118

When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?

93

What are the main differences between Nessus and Arcsight?

99

What's The Best Way to Trial SIEM Solutions?

130

Which is the best SIEM solution for a government organization?

459

What is the difference between IT event correlation and aggregation?

95

What Is SIEM Used For?

79

RSA-EMC vs. other SIEM products?

227

What Questions Should I Ask Before Buying SIEM?

97

What are the pros and cons of internal SOC vs SOC-as-a-Service?