We changed our name from IT Central Station: Here's why

Fortinet FortiSIEM vs McAfee ESM comparison

Cancel
You must select at least 2 products to compare!
Devo Logo
Read 13 Devo reviews.
12,001 views|4,605 comparisons
Fortinet FortiSIEM Logo
12,804 views|8,291 comparisons
McAfee ESM Logo
4,630 views|3,126 comparisons
Featured Review
Find out what your peers are saying about Fortinet FortiSIEM vs. McAfee ESM and other solutions. Updated: January 2022.
563,208 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean.""Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit.""Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data.""The real-time analytics of security-related data are super. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure. It's fast. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. Devo is pulling back information in a fast fashion, based on real-time events.""The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them.""The ability to have high performance, high-speed search capability is incredibly important for us. When it comes to doing security analysis, you don't want to be doing is sitting around waiting to get data back while an attacker is sitting on a network, actively attacking it. You need to be able to answer questions quickly. If I see an indicator of attack, I need to be able to rapidly pivot and find data, then analyze it and find more data to answer more questions. You need to be able to do that quickly. If I'm sitting around just waiting to get my first response, then it ends up moving too slow to keep up with the attacker. Devo's speed and performance allows us to query in real-time and keep up with what is actually happening on the network, then respond effectively to events.""One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful.""It's very, very versatile."

More Devo Pros →

"The solution is easy to use and user-friendly.""The most valuable feature is the anomaly-reporting alarms.""We find the solution to be stable.""The stability is very reliable. It offers very good performance.""Fortinet FortiSIEM is easy to use.""The CMDB and the device discovery features are most valuable.""I like the various options, including the option for CMDB and the easier access to create rules, playbooks, or use cases. It's also easier to use for creating dashboards and reports.""It's very easy for anyone to work with."

More Fortinet FortiSIEM Pros →

"The most valuable feature in ESM is its search and reporting feature. It's really nice.""Compared to other solutions, the user interface is good.""I like the ease of deployment.""The most valuable feature is the correlation rules.""It is user-friendly. The notification part of McAfee ESM is very easy.""The ease of use is the most valuable feature. Over the years I have always been using this solution and have become comfortable with it.""It enables us to detect malicious threats, issues, or vulnerabilities in our network.""The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."

More McAfee ESM Pros →

Cons
"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution.""Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs.""There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler.""There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space.""One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate.""An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that.""The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc.""From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."

More Devo Cons →

"It would be good if the solution offered even more configuration options, especially in relation to the VPN so that it continues to be a very flexible option.""I would like to see more integration with other platforms.""Its training can be improved. Its price also needs to be improved.""We expect the latest patch from Fortinet FortiSIEM to give the ability to work with signature files.""The policy editing should be easier. Right now, it's too hard.""The solution needs to do a better job with third party integration. Right now, that's lacking on the solution. I specifically am talking about the AWS environment. Most of the AWS environment products do not have that capability to integrate.""There is no proper guide for integration or configuration.""We need to see incident reports about the event log, without events from the administrator or through human interaction."

More Fortinet FortiSIEM Cons →

"The user interface could be more user-friendly.""The only drawback is that they don't have any packet capturing or network behavior analysis.""We acquired the IBM product because McAfee is slightly confusing to use, and it's broader.""There should be support for multitenancy in the product.""It is not a very advanced solution, and it is for very generic use cases. It cannot cope with the advanced requirements that we're going to have. For example, for multiple authentication failures, it is still based on Windows events for detecting multiple login failures, whereas other companies are going beyond and working on implementing two-factor authentication. It is time to correlate the two-factor authentication results with authentification failures, which is not happening with McAfee ESM. The performance of the tool should be improved because it is very slow. The data display on the console is very slow in McAfee ESM. Its data storage is still old-fashioned, and it should be improved and upgraded to the latest versions. They have to come up with some new ideas to match what other leaders in the same domain are doing. For example, in Splunk, when you search for information for the last 60 days or five months, it quickly shows the information, but that is not the case with McAfee. The results should be quicker and faster on the console. They should integrate some additional features such as User Behavior Analytics (UBA) and automation. The threat intelligence part should also be improved on McAfee.""The initial setup is difficult and could improve.""I would like to see good analytics in future releases.""Cloud integration has room for improvement because they're not full-fledged to integrate with the cloud solutions that come. They use different integration platforms to bring in data, and that needs to be improved."

More McAfee ESM Cons →

Pricing and Cost Advice
  • "We have an OEM agreement with Devo. It is very similar to the standard licensing agreement because we are charged in the same way as any other customer, e.g., we use the backroom."
  • "I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
  • "Devo is definitely cheaper than Splunk. There's no doubt about that. The value from Devo is good. It's definitely more valuable to me than QRadar or LogRhythm or any of the old, traditional SIEMs."
  • "[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
  • "Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
  • "Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
  • "Our licensing fees are billed annually and per terabyte."
  • "I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
  • More Devo Pricing and Cost Advice →

  • "Pricing is acceptable for more than 90% of our customers, as they normally get discounts."
  • "Its price can be better. We are Fortinet partners, so we can get discounts, but its price can be an issue at the beginning for others. There is a licensing scheme for every case. There are three licensing schemes that we can choose from."
  • "The price of Fortinet FortiSIEM is a lot less when compared to other solutions."
  • "They have a yearly subscription."
  • "The solution is available for both, perpetual and subscription licenses."
  • More Fortinet FortiSIEM Pricing and Cost Advice →

  • "The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."
  • "The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."
  • "We renew our license annually."
  • "McAfee is the right choice for a low-budget solution."
  • "The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."
  • "The pricing is fair."
  • More McAfee ESM Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    563,208 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    It's very, very versatile.
    Top Answer: 
    Devo, like other vendors, doesn't charge extra for playbooks and automation. That way, you are only paying for the side… more »
    Top Answer: 
    I need more empowerment in reporting. For example, when I'm using Qlik or Power BI in terms of reporting for the… more »
    Top Answer: 
    The solution is easy to use and user-friendly.
    Top Answer: 
    The solution is available for both, perpetual and subscription licenses.
    Top Answer: 
    Fortinet FortiSIEM could improve by having better integration and extensions. This would benefit by allowing us to give… more »
    Top Answer: 
    I would like to see good analytics in future releases. McAfee has many issues with integration. I am looking for an… more »
    Comparisons
    Also Known As
    FortiSIEM, AccelOps
    NitroSecurity, McAfee Enterprise Security Manager
    Learn More
    Overview

    Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

    FortiSIEM (formerly AccelOps 4) provides an actionable security intelligence platform to monitor security, performance and compliance through a single pane of glass.

    Companies around the world use FortiSIEM for the following use cases:

    • Threat management and intelligence that provide situational awareness and anomaly detection
    • Alleviating compliance mandate concerns for PCI, HIPAA and SOX
    • Managing “alert overload”
    • Handling the “too many tools” reporting issue
    • Addressing the MSPs/MSSPs pain of meeting service level agreements

    McAfee Enterprise Security Manager - the foundation of the security information and event management (SIEM) solution family from McAfee delivers the performance, actionable intelligence, and real-time situational awareness at the speed and scale required for security organizations to identify, understand, and respond to stealthy threats, while the embedded compliance framework simplifies compliance.

    Offer
    See Devo in Action

    See how Devo allows you to free yourself from data management, and make machine data and insights accessible.

    Learn more about Fortinet FortiSIEM
    Learn more about McAfee ESM
    Sample Customers
    United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
    FortiSIEM has hundreds of customers worldwide in markets including managed services, technology, financial services, healthcare, and government. Customers include Aruba Networks, Compushare, Port of San Diego, Cleveland Indians, Infoblox, Healthways, and Referentia.
    San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
    Top Industries
    REVIEWERS
    Computer Software Company57%
    Comms Service Provider14%
    Retailer14%
    Insurance Company14%
    VISITORS READING REVIEWS
    Computer Software Company27%
    Comms Service Provider20%
    Government7%
    Financial Services Firm7%
    REVIEWERS
    Comms Service Provider21%
    Computer Software Company13%
    Insurance Company8%
    Retailer8%
    VISITORS READING REVIEWS
    Comms Service Provider27%
    Computer Software Company26%
    Government6%
    Financial Services Firm4%
    REVIEWERS
    Government23%
    Financial Services Firm23%
    Healthcare Company15%
    Insurance Company8%
    VISITORS READING REVIEWS
    Computer Software Company31%
    Comms Service Provider22%
    Government9%
    Financial Services Firm5%
    Company Size
    REVIEWERS
    Small Business14%
    Midsize Enterprise14%
    Large Enterprise71%
    VISITORS READING REVIEWS
    Small Business49%
    Midsize Enterprise15%
    Large Enterprise36%
    REVIEWERS
    Small Business42%
    Midsize Enterprise24%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business47%
    Midsize Enterprise25%
    Large Enterprise28%
    REVIEWERS
    Small Business24%
    Midsize Enterprise15%
    Large Enterprise61%
    Find out what your peers are saying about Fortinet FortiSIEM vs. McAfee ESM and other solutions. Updated: January 2022.
    563,208 professionals have used our research since 2012.

    Fortinet FortiSIEM is ranked 5th in Security Information and Event Management (SIEM) with 13 reviews while McAfee ESM is ranked 14th in Security Information and Event Management (SIEM) with 10 reviews. Fortinet FortiSIEM is rated 7.8, while McAfee ESM is rated 6.6. The top reviewer of Fortinet FortiSIEM writes "Very easy alert setup; a good tool for analysis and for SOC". On the other hand, the top reviewer of McAfee ESM writes "A security information and event management solution with a useful search and reporting feature, but cloud integration could be better". Fortinet FortiSIEM is most compared with Splunk, Microsoft Sentinel, IBM QRadar, Elastic SIEM and SolarWinds Security Event Manager , whereas McAfee ESM is most compared with IBM QRadar, Splunk, ArcSight Enterprise Security Manager (ESM), LogRhythm NextGen SIEM and Elastic SIEM. See our Fortinet FortiSIEM vs. McAfee ESM report.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.