We performed a comparison between Fortinet FortiEDR and Microsoft Defender for Endpoint based on real PeerSpot user reviews.
Find out in this report how the two EDR (Endpoint Detection and Response) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product detects and blocks threats and is more proactive than firewalls."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Fortinet is very user-friendly for customers."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The most valuable feature is the analysis, because of the beta structure."
"Microsoft Defender for Endpoint is easy to load and it runs quietly in the background, unlike other solutions."
"Coming from an organization where the EDR wasn't strong, it has always been a case of basically searching through the information you already have and looking for something. It was basically trying to find the needle in a haystack. What the Defender platform does is that it reduces the size of the haystack, and it'll say that the needle is over here. Minutes matter, and it certainly zeros you in on the events that are concerning. It also simplifies the effort of trying to get some kind of correlation of behaviors or actions you see in the environment and confirming if something is benign or a threat."
"The most important feature is the way it monitors the threats and blocks them. About 10 days ago, we were implementing SOC for a particular client. The SOC was not yet implemented, but they had Microsoft Defender. That organization was hit by some ransomware, but the hacker could not succeed. Because of the EDR, the hacker could not install the hacking tools. They were trying to do that, but Microsoft Defender completely blocked that. The hacker could log into the system, but they could not install anything."
"The virus scanning capability is excellent, and it feeds all the logs into the Microsoft 365 Defender portal, making them easy to search for."
"Microsoft Defender for Endpoint's most valuable feature is its ease of use."
"Defender for Endpoint is a robust solution that works well out-of-the-box."
"The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN."
"It's a very complete application. I have all the controls in one site. I can track emails, attacks, and threats, and I can research information. I really like this configuration because I have all the information in place."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"We find the solution to be a bit expensive."
"FortiEDR can be improved by providing more detailed reporting."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The support needs improvement."
"The only minor concern is occasional interference with desired programs."
"We'd like to see more one-to-one product presentations for the distribution channels."
"A challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy."
"It makes your Surface devices hot. It is resource-intensive. It strains your CPU, not more than other file scanners around, but it also does a lot more. When you are transmitting files or data, it is continuously scanning the traffic and analyzing it bit by bit to see what's going on, and that, of course, is costly in terms of CPU. It is CPU intensive, and if you are on battery, it drains your battery fast. That's the only drawback that it has."
"I miss having an executive dashboard or a simple view for viewing things. Everything is extensive in this solution. Everything is configurable and manageable, but the environment of Microsoft 365 has about 13 administrative dashboards, and in each of the dashboards, there are a gazillion things to set up. It is good for a large enterprise, but for a 200-seat client, you need to see 5% of that."
"If there were more template queries in the library, that would make it much easier. They could have basic things, like, "Where's the IP for this user?" or, "What file was downloaded from this user?" If there were more of those basic queries that would help."
"The price, in general, could always be a little bit cheaper."
"Features like device inventory continue to lack essential workstation drill-downs showing the entire device information with the least effort."
"The solution should be updated by Microsoft with new features from time to time."
"It can get a bit laggy sometimes. Other than that, we don't have any issues. They constantly tweak it and fix it up based on users' feedback. It has improved a lot over the past four years. Defender for Endpoint never really used to be a good endpoint security solution, but over the past couple of years, Microsoft has invested heavily in it. So, it has come a long way in all aspects of endpoint security. If they want to make it better, they should just continue investing in the current path of what they've been doing over the past couple of years."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Fortinet FortiEDR is ranked 15th in EDR (Endpoint Detection and Response) with 19 reviews while Microsoft Defender for Endpoint is ranked 1st in EDR (Endpoint Detection and Response) with 96 reviews. Fortinet FortiEDR is rated 8.2, while Microsoft Defender for Endpoint is rated 8.2. The top reviewer of Fortinet FortiEDR writes "Very customizable but slow in the cloud environment". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "You can access all your security data and telemetry from a single pane of glass". Fortinet FortiEDR is most compared with Fortinet FortiClient, CrowdStrike Falcon, SentinelOne Singularity Complete, Intercept X Endpoint and Cortex XDR by Palo Alto Networks, whereas Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, Symantec Endpoint Security, CrowdStrike Falcon and SentinelOne Singularity Complete. See our Fortinet FortiEDR vs. Microsoft Defender for Endpoint report.
See our list of best EDR (Endpoint Detection and Response) vendors.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.