The basic functionality is fantastic. It has been performing well. I generated a report on one machine, using that as the deployment machine. When scanning the network, it discovered machines on the network and deployed the same endpoint protection from that one machine I have on my network.
I can see all of that from any cloud solution. So far, it has been really easy to install, deploy, and have visibility on the endpoints that I manage.
I'm just looking for a few extra features, which are likely included in XDR and the other additional software services. Mainly the FortiEDR system. If I go through the computer status and look at the risk, it's a very basic assessment.
Compared to Rapid7, which is a highly rated vulnerability scanner, WatchGuard is more limited. Rapid7 can give me vulnerabilities like autorun being enabled and provide solutions to fix them. It can also reassess vulnerabilities.
However, the EDR Core I'm using only gives me basic information, like "File full of fire and execution detection" as a high vulnerability. It doesn't tell me how to fix it, just that it's a risk. It's very minimal in terms of risk assessment. Rapid7 would say, "This software is outdated," or "You're using an older version of SQL." It's much more detailed, whereas EDR Core is more scaled-down and doesn't provide a full assessment.
So, I'd like a few extra features, especially around threat severity assessment.