Try our new research platform with insights from 80,000+ expert users

Microsoft Defender for Endpoint vs SonicWall Capture Advanced Threat Protection comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 1, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Microsoft Defender for Endp...
Ranking in Advanced Threat Protection (ATP)
4th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
197
Ranking in other categories
Endpoint Protection Platform (EPP) (1st), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (4th)
SonicWall Capture Advanced ...
Ranking in Advanced Threat Protection (ATP)
30th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
8
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Advanced Threat Protection (ATP) category, the mindshare of Microsoft Defender for Endpoint is 8.9%, down from 11.0% compared to the previous year. The mindshare of SonicWall Capture Advanced Threat Protection is 1.2%, up from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP)
 

Featured Reviews

John Rallo - PeerSpot reviewer
Offers excellent visibility into vulnerabilities and the attack surface itself
Attack surface reduction and limiting attack surface vectors are valuable features. It's helpful to isolate specific devices and get super granular with the features they offer. The visibility into the attack surface is good. It gets highly granular. I don't work on that side, but the people who do tell me they get more visibility.
MA
Has a good configuration but the price should be more competitive
Our primary use case of this solution is for security.  It's a good solution but the price is high. It also has an easy configuration. The feedback that we get from our customers is that it's a good product. Our customers are mostly smaller enterprises.  The price should be more competitive.  I…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One feature I like the most is vulnerability management, which shows any vulnerable software or OS present in my environment. Microsoft Defender for Endpoint provides a complete overview and also recommends the steps to mitigate the vulnerabilities or threats. Most of the other antivirus or EDR solutions generally don't provide vulnerability management. It is an add-on that Microsoft Defender for Endpoint provides."
"One of the valuable features of the solution is the small updates that keep my machine relatively clean from any infections."
"The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN."
"It depends on the licensing. Most of the customers have got at least a 365 E3 license, and they can use most of the features of Windows 10 Defender. So, anyone who has got an enterprise license can start using those features. Some of the customers have got E5 licenses, and they can use all advanced features. Customers with E5 licenses use the advanced site protection (ATP) features and web content filtering without going via a proxy, which gives the benefit of replacing the proxy. They can get the benefit of MCAS and integration with Intune and the endpoint manager. It is a kind of single platform for all 365 technologies. It helps customers in managing everything through a unified portal."
"You can query and access useful information from logs and events, which is powerful and efficient."
"Microsoft Defender for Endpoint is a comprehensive and scalable solution for protecting on-premises and hybrid infrastructure."
"The most valuable aspect is information, specifically the automatic investigation of packages."
"In terms of the installation, ease of use, and user interface, Defender has been great so far."
"The reporting that you get from it is the most valuable feature. You can see it via the appliance itself, and also via the MySonicWall account for the registered device. You are able to select the file if it's malicious, and you can select it in the reporting and see what triggered it, and things like that. I found that to be quite useful."
"Provides good protection and security."
"We use it for protection against viruses and ransomware attacks."
"We get alert messages whenever there is a new threat. We are notified at the firewall level that things are blocked, which keeps us in our comfort zone."
"It also has an easy configuration. The feedback that we get from our customers is that it's a good product."
"The ATP (Advanced Threat Protection) on scanning is the most valuable feature."
"They have a large database of commonly known things that they can catch automatically, then they have anything which is questionable go to the sandbox and be examined there before going into our network."
"I like this setup for a firewall. You can set things up very easily and you can automate items as well. It's a very robust firewall solution for enterprise as well as small businesses."
 

Cons

"Defender for Endpoint is complex, and the documentation is detailed. At the same time, it's hard to navigate sometimes."
"Monitoring can always be better, onboarding can be a little bit faster, log collection could be easier, they could streamline the dashboard. They could maybe split it up into different workspaces and have the ability to segment groups a little bit more."
"I would like the solution to be able to prevent unauthorized programs from installing and to block unauthorised URLs which is similar to web filtering product."
"It is currently more suitable for end-users rather than enterprises with lots of other processes and third-party tools. It needs improvement on that front. We had many issues while integrating it with our enterprise solutions, such as Splunk, and third-party tools. It provides everything via APIs. Other vendors provide integration with third-party tools, but Microsoft doesn't do that. It is also logging too much and is not serialized from the process aspect. It has all the data, but it is not in a proper format or not properly indexed, which doesn't make it easier for enterprises to use this data. Other vendors provide troubleshooting information that can be used to troubleshoot issues, but Microsoft doesn't provide anything like that."
"Microsoft Defender for Endpoint can improve by making the reporting faster. It takes some time to reflect back to the administration portal of what has been updated. For example, out of 100 Computers, approximately 90 computers received updates, but when you check the administration portal over one or two days, you will only see 75, even though 90 were updated."
"Microsoft Defender for Endpoint could improve by providing more user-friendly dashboards. They may be complicated for some."
"The solution has minimal customization options, especially compared to Mandiant, so we want to see more scope for customization. A single portal for customization would also be a welcome addition."
"There is no behavior analytics for devices and endpoints. There is no behavior-based protection."
"We would like to get immediate alerts from the alerting system without using third-parties."
"Having an on-premise solution as well would be an option for some people, but they'll want to use a cloud solution for their sandboxing. Certain sites would want to keep all the checks done on an on-premise appliance. All the checking, rather than sending that up into a cloud engine."
"The setup needs improvement. It needs to be made more user-friendly."
"SonicWall should promote their roadmap and improve their marketing to customers."
"SonicWall had a recent layoff. This is a concern for us, because now we are missing the local presence from both the engineering and sales side."
"I would like to have better documentation before starting with deployment because the deployment is a bit complex."
"It does fare well against enterprise products."
"I would say the solution needs a much simpler user interface, but the functionality of the firewall is quite extensive. You need the user interface to be that way. However, if there was a way to make the user interface a little easier, that would be great."
 

Pricing and Cost Advice

"Currently, for us, Windows Defender is free with the purchase of Windows Server. Pricing is an important point for us when we are looking at the competitors of this solution. If we choose to go with another vendor, we will have to pay some license fees."
"We sell this product as part of Office 365 and it is not expensive."
"The solution comes as a part of Windows 10 and it is covered under its license."
"For most people, the price of the license is not something that they have to worry about."
"As we operate in the educational sector, we are eligible for an educational discount."
"The license for Microsoft Defender for Endpoint is included in the license for the Microsoft Windows operating system."
"You do not need to pay any additional costs for antivirus and anti-malware solutions for endpoint protection."
"We pay a yearly license for Microsoft Defender. We also have a support contract with them."
"We get our value for our money."
"The best deal from SonicWall is to buy the HA pair. When you buy the initial one, you receive the second one at a significant discount. If there is an event and something happens to one firewall, then you have the second firewall to roll into. For the price, it's pretty to tough to beat and not a lot of other firewall vendors offer it. You battle for a discount on both. Where with SonicWall, if you buy one, the second one is at half price. It's pretty straightforward."
"It's thirty dollars per user and we have 30 users."
"When you compare it with other solutions, they are cheaper and more economical."
report
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
862,499 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Government
8%
Financial Services Firm
8%
Manufacturing Company
8%
Real Estate/Law Firm
18%
Computer Software Company
12%
Manufacturing Company
10%
Financial Services Firm
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
Ask a question
Earn 20 points
 

Also Known As

Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
No data available
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Petrofrac, Metro CSG, Christus Health
Wonder Cement, Foster Clark Products
Find out what your peers are saying about Microsoft Defender for Endpoint vs. SonicWall Capture Advanced Threat Protection and other solutions. Updated: June 2025.
862,499 professionals have used our research since 2012.