I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protection because it continually scans servers for emerging vulnerabilities, which gives me peace of mind. FortiEDR can mitigate actions in real time. I also like that I can look into specific events and track the paths the events take as they move through the environment. There are times when I don’t understand the data being shown to me, but when that happens the managed services team is always there to help. They have been super reliable, and are great to work with.
Neither solution is perfect, though. One thing I dislike about FortiEDR is that it can be time-consuming to fine-tune what services are scanned and which ones are valid within our environment. And while it is a great product, it is not a product you can independently implement.
FortiClient has basic functionality and, upon doing product research, I discovered that the newer versions of the product were faulty and the reason for problems, making its ease of use less desirable. Moreover, if FortiClient scans Outlook for its files and archives, your PC will become unusable because it will eat up all of your PC resources and there is no way to stop it. Another huge problem for me is that it generates loads of false positives which also ends up blocking legitimate applications from running. Before making my decision, I also read that learning the incident exception process is complicated. These disadvantages were enough to sway my decision and ultimately make me choose FortiEDR.
ConclusionAs a whole, I have been very pleased using FortiEDR. While there are some areas that can be improved, such as the communication between the managed services team and my own team on site, other than that I have very few complaints.
I'm looking for a comparison between these 2 products: CrowdStrike Falcon and Fortinet FortiEDR. In addition, business cases and customer testimonials will be a plus.
Can anyone assist with this information?