Fortinet FortiEDR Reviews

It is stable and scalable.

Comparatively, it works fine, but the amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions. The ability to make certain changes or investigate is also limited.

Also, the investigation and the details, which I would get when I'm looking into it, and the ways I could configure or white list or black list a few things are also limited. It is not up to an extent where it can give me granular options to do that.

I've been using it for about a year.

The stability is pretty good.

It is scalable.

For some organizations, FortiEDR is good enough, but for others, it's not. It depends on the organization's infrastructure.

I would rate Fortinet FortiEDR at six on a scale from one to ten.

The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration. 

The security is also very good and the firewall response is good. 

Clients want to be in a hybrid mix and match mode. The security needs to be relevant in that way as well. It has to be online, on the cloud and on-premises. This is the customer's mindset. They don't want to go for user applications on the cloud. They think it will fail and the data will be inaccessible. They don't want to go to the cloud platform. The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud. 

I have been using FortiEDR for the last year. 

It runs constantly, 24/7. It is quite stable. We haven't had any stability issues. 

It is scalable. It is good for both small and large companies. Security has to be strong, it should be at the same standard. It's suitable for all business sizes. 

We haven't needed to contact support for EDR. 

The deployment can be done in one week. We have configured it within a week. It takes generally three people to set it up. I supervise the team. 

There are no additional costs. 

As of now, it's very good. We don't have a lot of challenges. The EDR concept is new to the market. It doesn't have a lot of competition. As of now, we don't have a lot of user input. If it's on the market for a few more years, I'm sure people will have more feedback.

We do our own documentation and share the whitepapers with our clients. I don't find Fortinet to be a difficult tool. The reporting is good and designed in a way that even a newcomer can use it easily. As of now those clients who have migrated from other security vendors don't have a lot of challenges. The clients appreciate the technology and report that they have tangible benefits.

I would rate it a nine out of ten. All of the requirements are addressed nicely and the security is covered. It has everything it needs. 

NGAV and EDR features are outstanding.

We saw Lockey very early on and caught it via behavioral signatures on the traditional AV. We already had parts of the payload downloaded because the traditional AV behavioral signatures were not blocking everything. We had removed the endpoint from the network to investigate and realized the standard AV would have failed. Adding enSilo blocked Lockey immediately and allow no parts of it through. We have found errors in other applications and used enSilo findings to improve the operation of our systems. enSilo also provides a forensic service, which we have leveraged to validate files are malicious or not.

One of the key features to enSilo is it does not block/delete entire executables. Instead, it blocks malicious functions. This allows users to be unaffected if the file is useful but has bad components. FoxIt is a good example of this. Not a malicious tool but has vulnerable behaviors that enSilo can block.

The engineering team continues to add useful features, like the ability to search for files and hashes across the environment. At the moment, I am very happy with the product. Not a deal killer, but making the portal mobile friendly would be helpful when I am out of office.

Almost two years.

Endpoint agent is incredibly small (<2MB), so it is very easy to deploy.

Product has been rock solid from its earliest versions until now. Seems the engineers do a good amount of QA and testing, so they do not release half-baked software.

Recently tripled our deployment size over a weekend without issue.

enSilo team is super responsive. From the tier 1 support to the advanced malware researchers, they all understand customer service. I have been called and emailed at 1AM with high-risk events, and also when I reach out at 2PM, they respond just as fast.

The team is not hesitant to escalate an issue to development/engineering. Unlike a lot of companies, they are quick to modify the application to fix an issue.

Used Tanium and other EDR/Forensics tools at previous employers. Those tools are great at managing overwhelming information but do not necessarily help with visualizing real threats occurring in the environment. enSilo quickly provides a visualization of what has happened and where the malicious behavior occurred. You can then dive down to a full memory dump without having to dig through other useless screens.

The management is cloud-based so it was easy to just install agents and go after opening a firewall to our dedicated IP.

In-house. No real need to go external.

I avoid this question with security tools as there is no real return on this, just a lowered burden to manage risk. I will say the tool requires maybe 2 hours of actual focus a week, so much less noise than other tools. enSilo also reduces our risk more than any other tool we have (firewall, web filter, email filter, etc.). From that perspective, we get the most risk reduction with the least burden from enSilo.

I know it is tough to get big budget additions up front, but I highly recommend deploying environment wide and adding the forensic service. Prioritize your most at risk assets, e.g., users with unrestricted browsing or access to sensitive data.

Yes:

Carbon Black - Too much noise and time to configure policy. Also, it had too many disparate components to manage/up-sell.

Tanium - Would not talk to us, because we are under 5000 endpoints.

Cylance - Not mature enough at the time of our initial purchase in early 2016.

Confer - Lots of promise, but got purchased by Carbon Black.

Check it out, it is definitely worth your time. They have a unique approach and will let you sleep at night.

The solution is used by a small organization of around 500 end users to provide online courses to their students.

Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution.

Fortinet FortiEDR should include some of the new features and better pricing. The solution should address emerging threats like SQL injection. It would be good if the solution detects ransomware files.

We have implemented Fortinet FortiEDR for our clients, and they have been using it for the last two to three years.

Fortinet FortiEDR is a stable solution. Our client has been running it successfully for the last three years.

The solution's technical support is good and fast.

The solution's initial setup is very straightforward.

The solution was deployed within a week.

Fortinet FortiEDR has a yearly subscription. The solution's pricing should be improved because other players in the market are coming up with competitive prices.

Two to three people are required to deploy Fortinet FortiEDR.

Overall, I rate Fortinet FortiEDR an eight out of ten.

It is mostly used according to client’s need. 

I believe that easy deployment is primarily used to facilitate client learning. Additionally, when it comes to EDR, there are more tools available to assist with client work. 

We've encountered challenges during API deployment, occasionally resulting in unstable environments. Deployment can be a bit tricky at times. In terms of pricing, EDR tends to be more costly than FortiClient. In some cases, we opt for FortiClient because clients may not have the resources or time to invest in EDR.

I have experience with Fortinet FortiEDR. 

It is a stable solution.

It is a scalable solution.

The customer service is very good.

Positive

The initial setup is pretty easy and I would rate it an eight out of ten. 

It is expensive and I would rate it an eight out of ten.

I would overall rate it an eight out of ten. 

We use FortiEDR in the education sector, where we have customers with multiple students, each with their mobile phones and endpoints. Our primary use case involves protecting and monitoring these endpoints for threats or anomalies. It helps us correlate incidents and events to ensure a secure environment for our clients.

The integration capability with FortiGate has been valuable as it enhances our customers' network visibility. Additionally, the automated response features, which allow us to quarantine endpoints and conduct further investigations when threats are detected, have proven effective in maintaining security.

The platform could be improved by enhancing network visibility and reducing the frequency of false positives. Leveraging AI for more accurate threat detection could also significantly improve its effectiveness.

I have been working with FortiEDR for around three years.

I find the platform to be stable. I rate the stability an eight out of ten.

I would rate the product scalability an eight out of ten. It effectively scales to meet the needs of medium-sized organizations.

The setup and deployment are relatively straightforward.

The platform is cost-effective. I rate the pricing a ten. 

FortiEDR is a robust solution for medium-sized companies, especially in sectors like education where endpoint security is crucial. Its integration with other Fortinet products can significantly enhance network security and visibility.

I rate the product an eight.