We performed a comparison between Fortinet Forticlient and Microsoft Defender for Endpoint based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Both solutions have a valuable set of features and are considered to have good pricing. Users seem to give Fortinet Forticlient slightly better ratings because its deployment is easier than that of Microsoft Defender For Endpoint.
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Ability to get forensics details and also memory exfiltration."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"NGAV and EDR features are outstanding."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The price is low and quite competitive with others."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Compared to other similar solutions, it is faster in connecting."
"It is not at all interesting for me as a standalone product, but as a product that is integrated with FortiGate with all features, it is actually a great tool and a great experience. I had test installed FortiClient working from home. I remembered and knew which web categories were denied or allowed. All those policies were correctly reflected standalone, for example, on my laptop."
"The integration capabilities are good."
"The connection speed is fast. I can connect quickly at any time, and there are never any interruptions to the FortiClient connection. I could easily code into the client's server with that connection, with no lag."
"Having a centralized console is a valuable feature. The Fortinet fabric is also very valuable where all different pieces talk together to secure our network and track the North, South, East, and West movement of files and data through our network."
"It is a feature-rich product that is easy to use and install without sacrificing security."
"The solution offers great stability."
"We find the VPN features valuable."
"It is stable and very easy to use."
"It's great for investigating what's happening on a machine. They show a whole bunch of machine timeline events that are related to a security incident. They have quite good details on the things related to threat and vulnerability management, such as any weakness that has been disclosed publicly, assets that are exposed, and if there is an exploit active in the wild for that vulnerability. It can provide you with all such information, which is cool."
"The antivirus features are very useful."
"The most valuable aspect lies in its automation capabilities, particularly within security automation."
"Its real-time security is the most valuable."
"The endpoint detection of threats is valuable. The initial detection of things like ransomware and viruses and being able to shut down machines immediately and stop a threat is valuable. We can stop a threat at a source versus allow it to propagate it across the network."
"Defender provides useful alerts and groups them. It sends an alert to your portal if it detects any malicious activity, and you can group multiple alerts to form an incident."
"Auto-remediation: When the product sees malware, it resolves the issue immediately. This protects the machine."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The support needs improvement."
"FortiEDR can be improved by providing more detailed reporting."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The only minor concern is occasional interference with desired programs."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The SIEM could be improved."
"The current version of this solution does not show the malicious websites that have been visited. They should add this to an upcoming release."
"We do not use the solution every day and there are times when the new users have trouble reconnecting. The technology itself works but our users getting adopted to it is a major problem. Having the user adapt to the desktop landing page that it begins on is throwing them off a bit."
"In the next release, I would like to see an additional layer of security added."
"It would be extremely useful to have an automatic updating feature."
"There should be more frequent releases or updates."
"I have yet to find the benefits of the latest upgraded version."
"The connectivity could be improved."
"The software inventory part is not yet up-to-date. It doesn't have a great interface, which is a disadvantage. I wish we could leverage it, but we don't use it at all because it's not that reliable."
"Something that is unique to Microsoft is its licensing model. When you go out and you buy McAfee or Symantec, you know what you're getting out of the box, but with Microsoft, often, when you're looking to achieve a certain set of capabilities, those capabilities are spread across different products. You might try to do something you could do with CrowdStrike, but then find out that you also need to purchase Microsoft Defender for Identity or Microsoft Defender for Azure. You realize that when they talk about what they can offer within the Microsoft platform, it's really the suite of investments. So, sometimes, you may find yourself buying Defender for Endpoint thinking that it matches CrowdStrike, but then you find that Microsoft really needs to sell you something else. One plus one will equal three, but when you have a very concise platform, such as CrowdStrike, you know what you're going to get."
"Its user interface (UI) can be improved. Currently, in the console, you have to dig down for certain things. They've got many different layers to get to things instead of having it all on the surface. You have to go three folds lower to get to specific functionality or click a particular option. It would be good if we can manage the console through menus and instead of three clicks, we can do things in one click. They need to change the UI and work on it in terms of a better user experience."
"The solution has minimal customization options, especially compared to Mandiant, so we want to see more scope for customization. A single portal for customization would also be a welcome addition."
"Windows Firewall is integrated with Windows Defender. Over the last few days, I have had a problem with defining a wildcard on Windows Firewall. For example, I wanted to pull out the connection of my program and install a software package with a lot of executable files. I wanted to prevent it from accessing the internet. I could not select executables by using a wildcard. I had to select a single executable with its full name."
"Localization is always a challenge, especially with new products you typically want. Solutions are designed to be deployed where the most licenses are being consumed, such as in the United States. They focus on US products, devices, and networks. Specialized deployments for other countries would allow for a smoother experience in transition."
"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."
"The UI for Microsoft Defender for Endpoint needs to be better. Integration with client dashboards is also lacking in this product, e.g. client dashboards shouldn't just be viewable from the cloud, because when the client's computer is offline, you won't be able to see the client dashboard."
"It is currently more suitable for end-users rather than enterprises with lots of other processes and third-party tools. It needs improvement on that front. We had many issues while integrating it with our enterprise solutions, such as Splunk, and third-party tools. It provides everything via APIs. Other vendors provide integration with third-party tools, but Microsoft doesn't do that. It is also logging too much and is not serialized from the process aspect. It has all the data, but it is not in a proper format or not properly indexed, which doesn't make it easier for enterprises to use this data. Other vendors provide troubleshooting information that can be used to troubleshoot issues, but Microsoft doesn't provide anything like that."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Fortinet FortiClient is ranked 15th in Endpoint Protection Platform (EPP) with 85 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Fortinet FortiClient is rated 8.0, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Fortinet FortiClient writes "Easy to set up and user-friendly with good support ". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Fortinet FortiClient is most compared with OpenVPN Access Server, Microsoft Azure VPN Gateway, Kaspersky Endpoint Security for Business, Ivanti Connect Secure and CrowdStrike Falcon, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Check Point Harmony Endpoint. See our Fortinet FortiClient vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.