Fortisiem experience

lithichok · ‎01-09-2024

Hey all,

We (a msp) had a talk with Fortinet over the usage of Fortisiem for our customer base. Sounded interesting, but I’m a bit concerned about on prem deployment, hardware scaling and stuff they left out.

Are there any folks here that use the product and if so, what experience do you have?

10.0.0.0.1 192.168.1.254

AEK · ‎01-10-2024

Hello

As integrator I can't tell you much about its exploitation, however I can share the few things about FortiSIEM deployment:

Very easy integration
Easily scalable by adding workers/collectors
Supports very wide range of applications/devices
Helpful support

AEK

AlexPien · ‎08-21-2025

Yes, we use FortiSIEM as Managed SOC provider. We run it as part of our MSSP-managed SOC environment, hosted in our own data center. It’s a powerful and very scalable MSSP platform. It's easy to integrate new customers with all of their devices and applications. Even the onboarding of unknown applications is easy by creating new parsers and rules.

Overall, FortiSIEM is a solid SIEM choice for a MSSP, but success really depends on good planning, proper deployment, and continuous tuning.

Secusaurus · ‎08-31-2025

Hi @lithichok,

We are MSSP as well. and run it quite the same way as Alex describes it.

It scales perfectly, but you must prepare for scaling before starting to implement the system (just like any other system as well). But you can start and integrate very fast and the thing we loved when researching for the best SIEM: You usually operate on the GUI, just need to switch on code/db-queries and CLI/shell for tuning, not for the daily tasks.

One thing I found out in various discussions: Don't buy the hardware, always deploy as VM! The hardware has many more tasks to solve you can easily work around when using a VM.

Best,

Christian

FCX #003451 | Fortinet Advanced Partner

Fortisiem experience

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website