We performed a comparison between Cisco Secure Endpoint and VMware Carbon Black Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cisco Secure Endpoint stands out for its threat-hunting capabilities, sandboxing, and swift response to attacks. Users also praised the solution's seamless integration with Talos for continuous protection. Carbon Black Endpoint is appreciated for its transparency, robust security measures, continuous monitoring, and utilization of cloud technology. Cisco Secure Endpoint could benefit from providing more scenario-based information and a simpler, more customizable main dashboard. Integration with artificial intelligence and IoT is another area for improvement. Carbon Black could enhance its reporting capabilities, endpoint query tools, and compatibility with other systems. Users also suggest improvements in the solution’s forensic tools.
Service and Support: Users said Cisco support is efficient and responsive, and customers also found it easy to find answers in the documentation without help. Some users recommend enhancing training programs and streamlining management consoles to further enhance the level of support provided. Carbon Black Endpoint customer service earned mixed reviews, with some users reporting delayed responses or unsatisfactory issue resolution.
Ease of Deployment: Users generally found Cisco Secure Endpoint easy to set up, but some users reported challenges related to agent behavior and configuration. The initial installation involves downloading an agent and installing it on endpoints, and the total deployment time ranged from a week to several months. Users say the deployment process for VMware Carbon Black Endpoint is relatively straightforward. The initial setup can be completed in a few minutes or hours, but the total deployment may take anywhere from a few days to several months.
Pricing: Cisco Secure Endpoint's pricing is seen as fair and reasonable. Some users requested additional discounts, particularly for educational purposes. Carbon Black Endpoint charges a fixed licensing fee per node. Some users noted that there are cheaper alternatives.
ROI: Cisco Secure Endpoint offers cost savings and the potential to earn money by extending services. While some said the ROI of VMware Carbon Black Endpoint was hard to quantify, other users reported successful defenses against malware attacks.
Comparison Results: Our users favor Cisco Secure Endpoint over VMware Carbon Black Endpoint. Cisco Secure Endpoint offers more comprehensive protection, better customer service, and support, making it the preferred choice. Cisco Secure Endpoint has some advanced features for finding and resolving threats that Carbon Black Endpoint lacks. Users also appreciate Cisco Secure Endpoint's pricing, whereas some users say Carbon Black Endpoint has room to improve on price.
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The solution was relatively easy to deploy."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet is very user-friendly for customers."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The product's initial setup phase is very easy."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"The most valuable feature of the solution is its technical support."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"The most valuable feature at this moment is that Cisco AMP or Cisco Secure Endpoint solution is delivering a lot of things, and I always say to a lot of customers that if we didn't have Cisco AMP, we probably would have had ransomware somewhere. So, it's protecting us very well from a lot of hackers, malware, and especially ransomware."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"The product provides sandboxing options like file reputation and file analysis."
"It is a very complete platform."
"The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great."
"The most valuable feature of the solution stems from the support it provides."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."
"The data analysis is the most valuable because of the whitelist database. It is different than standard IDS solutions."
"The software uses very few resources; it is almost invisible to the end user."
"This product has the capability of uploading scripts to the tool and this is a very comprehensive feature."
"It is stable and easy to set up."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"I haven't seen the use of AI in the solution."
"Detections could be improved."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The solution is not stable."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"It could be improved in connection with artificial intelligence and IoT."
"In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."
"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers."
"It's pretty good as it is, but its cost could be improved."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"The user interface is dull."
"Carbon Black CB Defense has helped improve my organization by allowing us to have better data so that we can do correlation and get visibility into the alerts."
"The local technical support is very poor, but the support from headquarters is very nice."
"In the next release, it would help if we can get better control over containers."
"I would like to see improvements made so that we can better see all of the processes."
"The UI interface needs improvement. The management needs further work in future versions."
"Needs improvement in the area of infrastructure for on-premise installation."
"In the past, we've seen some stability issues in the latest version releases. We tend to hang back one version just to make sure issues are fully resolved to avoid user disruption."
"Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform."
Cisco Secure Endpoint is ranked 10th in EPP (Endpoint Protection for Business) with 43 reviews while VMware Carbon Black Endpoint is ranked 13th in EPP (Endpoint Protection for Business) with 61 reviews. Cisco Secure Endpoint is rated 8.6, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Cisco Secure Endpoint writes "Single dashboard management, quick infrastructure threat detection, and high level support". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint and Bitdefender GravityZone EDR, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Tanium. See our Cisco Secure Endpoint vs. VMware Carbon Black Endpoint report.
See our list of best EPP (Endpoint Protection for Business) vendors and best EDR (Endpoint Detection and Response) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.