Project Coordinator at ELECTUS
Real User
An effective endpoint that is easy to set up and simple to expand
Pros and Cons
  • "The stability is very good."
  • "We'd like to see more one-to-one product presentations for the distribution channels."

What is our primary use case?

The implementation that we have is on one municipality in Serbia with, for example, 300 plus users. It was the FortiGate F200 EDR solution with an appliance and the necessary one-year support.

What is most valuable?

The best features depends on the customer. Our primary goal is to our customers. Mostly our customers use this as an endpoint solution for the workstations and really find it quite effective.

The stability is very good. 

It is scalable. 

The solution is pretty straightforward to set up.

What needs improvement?

We'd like to see more one-to-one product presentations for the distribution channels. You must know the technical issues and technical possibilities of this solution very well. It would be nice to have some sort of help to explain the potential of the product.

For how long have I used the solution?

I've been using the solution for approximately three years. 

Buyer's Guide
EDR (Endpoint Detection and Response)
November 2023
Find out what your peers are saying about Fortinet, CrowdStrike, SentinelOne and others in EDR (Endpoint Detection and Response). Updated: November 2023.
746,723 professionals have used our research since 2012.

What do I think about the stability of the solution?

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze.

What do I think about the scalability of the solution?

The scalability is okay. If you want to expand on some other products in the Fortinet Portfolio, it is very, very easy. For example, we're also using Fortinet's FortiNAC solution for IoT platforms or IoT devices. 

We have 500 users that use this solution daily.

How are customer service and support?

We haven't really dealt with technical support.

Which solution did I use previously and why did I switch?

We do have EDR solutions from other companies as well. 

How was the initial setup?

We are a technical crew. Therefore, we had nice training, and everything worked quite well. We are satisfied with the process. It's not too difficult. That said, you must have knowledge of the product if you want to do an implementation for this kind of device. On a scale of one to ten, it's a seven. It's okay.

What's my experience with pricing, setup cost, and licensing?

The pricing is pretty reasonable. I would rate it four out of five in terms of affordability.

What other advice do I have?

We are a Fortinet partner. We are a system integrator company. We have some projects that use FortiGate products. We are a company that does business only in the public sector, in the government sector. We don't do corporate.

I'd advise those new to the solution to go one step at a time and not immediately try to tackle all of the features at once. As you grow, you can keep adding on and begin to implement other services. 

I'd rate the solution nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Sales manager at Scantech Solution Limited
Reseller
A good ransomware protection solution, but the setup is a bit difficult
Pros and Cons
  • "The price is low and quite competitive with others."
  • "The dashboard isn't easy to access and manage."

What is most valuable?

We like the ransomware protections. I'm not sure if Fortinet has a phishing feature on the EDR solution, but customers also need it to protect their email accounts.

What needs improvement?

The dashboard isn't easy to access and manage. The SSA management should be improved. In addition, they should enhance the deployment in the next release.

For how long have I used the solution?

We recently started using Fortinet FortiEDR, and we are using the latest version. The customer deploys on cloud or SaaS model for the EDR and tries to work with the existing Fortinet firewall. We do the import. Our customer is the grocery industry, so they also use their computers and need to record an EDS for the import. They are using Kaspersky for antivirus.

What do I think about the stability of the solution?

It is a stable product.

What do I think about the scalability of the solution?

It is a scalable product. We have 50 users using Fortinet FortiEDR at our organization, namely IT managers, administrators and engineers. In addition, there are two people required for maintenance.

How are customer service and support?

We usually get local support from distributors instead of Fortinet. But I rate the technical support an eight out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

It is not easy to set up Fortinet FortiEDR. It takes more than a day to complete the installations and configurations.

What's my experience with pricing, setup cost, and licensing?

We have an annual license. The price is low and quite competitive with others.

What other advice do I have?

I rate this solution a seven out of ten, and I recommend this solution to others.

Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Buyer's Guide
EDR (Endpoint Detection and Response)
November 2023
Find out what your peers are saying about Fortinet, CrowdStrike, SentinelOne and others in EDR (Endpoint Detection and Response). Updated: November 2023.
746,723 professionals have used our research since 2012.
System Admin at Kuratorium Wiener Pensionisten-Wohnhäuser
Real User
Top 20
Very stable and scalable
Pros and Cons
  • "This is stable and scalable."
  • "Cannot be used on mobile devices with a secure connection."

What is our primary use case?

We own facility houses for the elderly and I'm a network and system admin. We are customers of Fortinet.

What is most valuable?

The solution is stable and scalable. 

What needs improvement?

We'd like to be able to put this on our mobile devices and make secure connections to our network. It would be great if we could bring this product in a single MDM application for mobiles, Androids, and for IOSs. It's complicated to administer so I'd like one application for all these things. 

For how long have I used the solution?

I've been using this solution for two years. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

The product is scalable, we have 30 users in our company. 

How was the initial setup?

The initial setup is a little complicated. We have three admins currently involved. 

What's my experience with pricing, setup cost, and licensing?

Licensing costs could be lower. 

What other advice do I have?

This product is currently in our test environment and I like it and rate FortiEDR eight out of 10. 

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Owner at a security firm with 1-10 employees
Reseller
Very customizable but slow in the cloud environment
Pros and Cons
  • "The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
  • "Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."

What is our primary use case?

Our primary use cases for Fortinet FortiEDR are cash registers and endpoint, and point of sales.

The reason we originally started with FortiClient with one of our clients in the first place was that they were able to have legacy cash registers, a really old technology, which we had to get to run in a small resource space, and FortiClient, which was the predecessor, allowed us to literally pick and choose what features we wanted in the client and reduce its size, which you couldn't do with any other types of clients that were out there. That's how we started with that.

It is mostly on premise and any cloud services that we use are directly from Fortinet themselves. I would call that public cloud. We do run some of the customer's environment in private cloud, basically co-location. This has provided the services back to their dataset. I am talking about Fortinet's cloud for the public. For the private stuff it was basically out at Q9, which is the co-location provider.

How has it helped my organization?

Fortinet FortiEDR has the ability to customize the footprint of the client or the agents on the device and on the endpoint.

What is most valuable?

The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers. The customer has literally about 800 cash registers. That was the use case for Fortinet FortiEDR - to get that down into a tiny space. The only way to do that was to use this product because it had that ability to unbundle services that were a surplus.

What needs improvement?

In terms of what could be improved, I would say everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation.

A classic example of that would be products like FortiMail where you're basically acting as a mail relay. So say you're on a support call and I'm sending you a mail with document that you expect to come to you immediately, or within 30 - 60 seconds, could take up to 45 minutes because of the load on the cloud services. This can result in trouble tickets and other customer side issue.

In the next release I would like to see more investment in their cloud services. Additionally, they definitely need better integration into their FortiSIEM and FortiSOAR solutions.

They should continue to improve that and possibly include a managed threat hunting feature, an MDR solution.

For how long have I used the solution?

I'm a Fortinet Gold Reseller but primarily we're a consulting company, not a product company. We tend to be agnostic with the one caveat being Fortinet, and only because I was the first guy in Canada to get certified in that, and also the first guy to sell it. There is a personal preference there. But I'm looking deeper into more enterprise security solutions that are SASE and endpoints and EDR, XDR, MDR, all that kind of stuff.

We've done work primarily with FortiGate deployments, but we've also done multiple SD-WAN projects and we've worked with FortiEDR, which is similar to their version of EDR. We've worked with FortiClient before that. As far as FortiCloud goes, we've worked with FortiMail in the cloud, we've worked with FortiManager in the cloud, but we haven't gone into CASB stuff yet.

We also do some Fortinet managed services in our customer base. So I have worked with Fortinet since 2004, 2005.

Fortinet FortiEDR has only been out for a couple of years. We've been working with it for a couple of months, primarily migrating a customer from FortiClient to FortiEDR.

We haven't done full scale deployments of FortiEDR yet, it's still fairly new.

What do I think about the stability of the solution?

In terms of stability, EDR is a pretty decent solution, but it's not best of breed. One of the challenges with Fortinet, and all of these vendors, is that they are doing acquisitions and doing things to retrofit into their environment, but there's a dependency on legacy or other features that Fortinet has, and Prisma from Palo Alto has. They have their own products, which are how their system is designed. It's really a suite of products. Fortinet is now FortiFabric, with Palo Alto it's Prisma, Prisma Cloud and XSOAR and all that stuff.

All these types of companies are not as flexible. I think in the future, people are not going to be interested in having these huge complex suites of products in order to take advantage of integration.

If you look at a true SASE solution, for example Zscaler, it's a product on its own. And it typically integrates with industry best of breed products first. So Zscaler would work with CrowdStrike or Microsoft Defender before it's going to work with an integrated solution like Palo Alto or Fortinet.

I'm finding more and more that these companies, Palo Alto, Fortinet, Check Point, Juniper, are all doing well right now. But I think in the next year to two, you're going to see a transition away from that type of technology.

It is actually one of Fortinet's big selling points that they're not maintenance heavy and they've got their gang leveraging all the other components. It actually updates itself automatically if you choose. And it has the ability, using FortiManager and other products, where you can push out policies very easily across multiple appliances, although that requires proper design and architecture from the beginning to make sure that you've got cookie cutter configurations across your enterprise.

What do I think about the scalability of the solution?

Scalability is Fortinet's sweet spot, even though they're heavily focused trying to sell into enterprise, their sweet spot is still mid-size, SMB, customers.

Those products work well in an environment which is below 3000 users. It also works well in in terms of large enterprises, like a bank.

I don't see EDR really expanding. Fortinet Firewalls is another story. Firewalls can scale up to very large enterprises, including Telcos, but I don't see the EDR product deployed in those environments.

How are customer service and support?

Their support is getting better.

Right now it is not that good. Fortinet was never big on technical support. I think they went by the theory that if it was hard to write, it should be hard to understand. Their technical support is getting better, but if you compare it to Cisco, it's not as good and it never was. It is one of their weak points. Its response time is not bad, but the attitude of the people on the phone is. It's the amount of information they ask for to do an RMA, for example. They can be very challenging to work for. That's an opportunity for managed security providers, because if you confront them, and take it away from the customer, it makes the customer's experience much better. So a bad support center is good for an MSSP.

How was the initial setup?

The initial setup is complex compared to stuff like CrowdStrike or other products where you can just sign up and download and it, and it works.

It's a little bit more complex with FortiEDR because you're dealing with the setup and management of it, whereas in products like CrowdStrike, it's pretty automatic and it's just a question of a radio button to turn on or turn off additional features that you may want.

For example, going EDR to XDR or going EDR to MDR in CrowdStrike, you can do that in Fortinet but you have to implement FortiSOAR and all this other stuff.

Initially the setup took us a while, simply because we had to mess around with the client. We are talking weeks because we had to test and make sure that there were no performance issues and no interruptions in the flow of data, etc...

That took us probably five, six weeks to get up in a POC type environment. Once we got that, it's cookie cutter. You have an image that you deploy that already has that compiled in it, and it works pretty easily.

What's my experience with pricing, setup cost, and licensing?

Fortinet FortiEDR is priced pretty competitively if you compare it to other companies that are in the same boat, like Palo Alto, who have similar product suites. It is reasonable. In the industry, they call Fortinet the Chevy of Perimeter Security and Palo Alto the Cadillac. I think that's undeserved. I think Fortinet is actually, in the long run, a better product, but it has that reputation because of their pricing. Palo Alto, right off the bat, charged a much higher premium, which created the illusion that you're getting a better product. Palo Alto products are brutally expensive.

But that's the way Palo Alto works and it works for them. Although, I've heard rumors that they're changing their channel model where they're going after enterprise customers directly, rather than forcing it through the channel. Fortinet is a 100% channel, Palo Alto is not. And that's affecting them. If you look at stock prices and earnings, Fortinet is actually doing better.

What other advice do I have?

With any of these products, you need to step back and look at where the wave of technology is going in the security posture. I think that you need to step back and say, "Here's my current situation, what's the best solution two to three years from now?" If you look at that, I don't see Fortinet or Palo Alto or any of those traditional product vendors being the future state.

These companies are like system integrators. A lot of system integrators went out of business mostly because they couldn't make the paradigm shift from a product led business to a service led business. I see the same type of thing happening in the traditional Perimeter Security companies, that are not designed from the ground up. They make an acquisition of a product and they try to integrate it into their business model, and to leverage all their other products in a suite. That's not the way the industry is going.

On a scale of one to ten, I would rate Fortinet FortiEDR somewhere around a six.

It goes back to what I said that I don't think it's got a huge future. If you compare it to CrowdStrike or those type of products, it is very similar to Palo Alto's Cortex, they didn't even come out with an an EDR solution, they went directly to an XDR solution. What is XDR penetration? About 2% of the market right now. It's just not a fit to the future. That's why I give it a six.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Cyber Security Analyst at a retailer with 1,001-5,000 employees
Real User
Is stable and scalable but limited in the number of details it provides
Pros and Cons
  • "It is stable and scalable."
  • "The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"

What is most valuable?

It is stable and scalable.

What needs improvement?

Comparatively, it works fine, but the amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions. The ability to make certain changes or investigate is also limited.

Also, the investigation and the details, which I would get when I'm looking into it, and the ways I could configure or white list or black list a few things are also limited. It is not up to an extent where it can give me granular options to do that.

For how long have I used the solution?

I've been using it for about a year.

What do I think about the stability of the solution?

The stability is pretty good.

What do I think about the scalability of the solution?

It is scalable.

What other advice do I have?

For some organizations, FortiEDR is good enough, but for others, it's not. It depends on the organization's infrastructure.

I would rate Fortinet FortiEDR at six on a scale from one to ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Network Administrator at a financial services firm with 51-200 employees
Real User
Easy to use dashboard and interface, and it's easy to create exceptions
Pros and Cons
  • "Exceptions are easy to create and the interface is easy to follow with a nice appearance."
  • "The SIEM could be improved."

What is our primary use case?

We would have used this solution for endpoint detection EDR, which we don't currently have. We wanted to see how it works with the discovery of the history of some things that might come up.

What is most valuable?

The dashboard is easy to follow and use. 

The deployment and uninstalling were easy.

I like the detailed information about the path of a file that might be suspicious. Being able to check that out was easy to follow.

Exceptions are easy to create and the interface is easy to follow with a nice appearance.

What needs improvement?

The SIEM could be improved. I would have liked to see that you could access the same SIEM or Fortinet EDR dashboard from the same login, but I heard that they were different, which was a bit of a letdown.

For how long have I used the solution?

I used this solution for a month to do a PoC.

I was using the latest version.

What do I think about the stability of the solution?

It's a stable solution. It would fit our organization's needs.

Which solution did I use previously and why did I switch?

We are currently using Cylance.

How was the initial setup?

The initial setup was straightforward. There were no complexities.

The deployment didn't take long at all. It took more time to create a Cylance install and push-out to the network to do anything. It didn't really take that much time. It was no problem.

What's my experience with pricing, setup cost, and licensing?

There are no issues with the pricing.

Which other solutions did I evaluate?

We were using a demo for both Fortinet FortiEDR and SentinelOne. We were doing PoC on both to see which one we wanted to use.

We wanted to see the differences between them and Cylance.

What other advice do I have?

I would rate Fortinet FortiEDR an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user1430793 - PeerSpot reviewer
Security Analyst at a tech services company with 11-50 employees
Real User
Automation saves us time; forensic detailing and memory exfiltration are great for separate analysis
Pros and Cons
  • "Ability to get forensics details and also memory exfiltration."
  • "Detections could be improved."

What is our primary use case?

We use this product to deploy to all the clients we have to monitor any kind of suspicious activities occurring on the end points besides antivirus. This will kind of automate their response basically with the EDR. I'm a security analyst and we are customers of Fortinet. 

How has it helped my organization?

Since we've had this solution we've been able to monitor different hosts of services and different devices effectively. We can also automate to save a lot of time instead of doing things manually.

What is most valuable?

The most valuable features would be the ability to get forensics details and also memory exfiltration so we can analyze them separately after an incident.

What needs improvement?

Detections could definitely be improved. It's still detecting some things that it shouldn't be like Microsoft Intune and 365 devices as well.

I'd like to see an improvement in the reporting. There are currently no reporting capabilities so I would definitely want to see that.

For how long have I used the solution?

I've been using this solution for 18 months. 

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

We haven't had issues with scalability and we have over 5,000 endpoints. In the security team we have four people who use the solution daily. The others use it in case of emergency.

How was the initial setup?

The initial setup was very straightforward. 

What other advice do I have?

This is definitely a good product and will make your life easier. 

I would rate this solution a seven out of 10. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Information Technology Support Specialist at Chemtrade Logistics
Real User
Straightforward, easy to maintain, and works as per our expectations
Pros and Cons
  • "It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
  • "They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."

What is our primary use case?

We had a ransomware attack in 2017, and that's when we went with enSilo, which is now called FortiEDR. It helps us to detect the hash files and all that. So far, it's really good. It detects any kind of anomaly. If any installation is happening, it checks the process and everything else and lets us know how it works.

What is most valuable?

It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism.

Fortinet FortiEDR is also very straightforward and easy to maintain.

What needs improvement?

They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller.

For how long have I used the solution?

I have been using this solution for three years.

What do I think about the stability of the solution?

It is really good.

What do I think about the scalability of the solution?

It is scalable. Currently, around 1500 users are using it.

How are customer service and technical support?

The support has gone down a little bit since Fortinet acquired enSilo. Earlier, because they were a small company, they used to pay more attention to the customers and proactively contact us for certain things, like product updates. The support structure has now changed. Now, it's a big umbrella. Fortinet is a big fish, so they can't contact you as much because they have more clients. As enSilo, it was a smaller footprint, and it was kind of personalized support.

How was the initial setup?

The initial setup was simple. The deployment time depends on how big the implementation is. Ours is a big organization. It took us a week to deploy to our systems, and that's obviously because we were pushing those agents. Some of our sites are so remote that they can only have 1MB lines. So, when you push the agent, it obviously takes time.

What about the implementation team?

We have a small team of only seven people for implementation. One dev person deals with it.

What other advice do I have?

Overall, we are quite happy with this product. It basically works the way we want it since we have installed it. It's as per expectations. 

I would rate Fortinet FortiEDR a nine out of ten. 

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free EDR (Endpoint Detection and Response) Report and find out what your peers are saying about Fortinet, CrowdStrike, SentinelOne, and more!
Updated: November 2023
Buyer's Guide
Download our free EDR (Endpoint Detection and Response) Report and find out what your peers are saying about Fortinet, CrowdStrike, SentinelOne, and more!