We performed a comparison between Fortinet FortiEDR and NetWitness Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The setup is pretty simple."
"It is stable and scalable."
"The stability is very good."
"The product's initial setup phase is very easy."
"Fortinet is very user-friendly for customers."
"NGAV and EDR features are outstanding."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"The most valuable features are the threat prediction and network forensics."
"Their technical support responds quickly and are knowledgable."
"The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Cannot be used on mobile devices with a secure connection."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution is not user-friendly."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"FortiEDR can be improved by providing more detailed reporting."
"Health monitoring of the event sources and devices."
"The solution should have more integration capabilities with different platforms."
"The product's licensing models are complex to understand. This particular area needs improvement."
"Technical support could be improved."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"Its technical support could be better."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"More customizability is required, which is something that they need to improve on."
Fortinet FortiEDR is ranked 12th in Endpoint Detection and Response (EDR) with 32 reviews while NetWitness Platform is ranked 18th in Log Management with 36 reviews. Fortinet FortiEDR is rated 7.8, while NetWitness Platform is rated 7.4. The top reviewer of Fortinet FortiEDR writes "A proactive solution that works as a proactive upgrade from a firewall". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Fortinet FortiEDR is most compared with Fortinet FortiClient, CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.