We performed a comparison between Cisco Secure Endpoint and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is stable and scalable."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The product detects and blocks threats and is more proactive than firewalls."
"The price is low and quite competitive with others."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The setup is pretty simple."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"The most valuable features of this solution are the IPS and the integration with ISE."
"Real-time threat prevention using sandboxing, file trajectory, and retrospective security."
"It doesn't impact the devices. It is an agent-based solution, and we see no performance knock on cell phones. That was a big thing for us, especially in the mobile world. We don't see battery degradation like you do with other solutions which really drain the battery, as they're constantly doing things. That can shorten the useful life of a device."
"The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."
"I am really satisfied with the technical support."
"The product itself is pretty reliable. The security features that it has make it reliable."
"The solution's integration capabilities are excellent. It's one of the best features."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"Elastic Security is very customizable, and the dashboards are very easy to build."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"It's open-source and free to use."
"Elastic is straightforward, easy to integrate, and highly customizable."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"The most valuable feature is the speed, as it responds in a very short time."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"We find the solution to be a bit expensive."
"I haven't seen the use of AI in the solution."
"The solution is not stable."
"The dashboard isn't easy to access and manage."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device."
"The reporting and analytics areas of the solution need to be improved."
"I would like to see integration with Cisco Analytics."
"An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"Cisco is good in terms of threat intelligence plus machine learning-based solutions, but we feel Cisco is lagging behind in using artificial intelligence in its systems."
"The product does not provide options like tunnel creation or virtual appliances."
"Elastic Security could improve the documentation. It would help if they were more simple and clean."
"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"We'd like better premium support."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"Their visuals and graphs need to be better."
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."
Cisco Secure Endpoint is ranked 9th in Endpoint Detection and Response (EDR) with 43 reviews while Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 58 reviews. Cisco Secure Endpoint is rated 8.6, while Elastic Security is rated 7.6. The top reviewer of Cisco Secure Endpoint writes "Single dashboard management, quick infrastructure threat detection, and high level support". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint and Cisco Umbrella, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint. See our Cisco Secure Endpoint vs. Elastic Security report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.