


WatchGuard Firebox and Microsoft Defender for Endpoint both compete in the cybersecurity category. WatchGuard seems to have the upper hand in user-friendly setup and ease of management, while Microsoft Defender excels in integration and threat detection capabilities.
Features: WatchGuard Firebox is known for its intuitive setup, particularly in VPN configurations, and includes features like WebBlocker and Application Control. Microsoft Defender for Endpoint offers seamless Active Directory integration, real-time protection, and malware detection, making it appealing for comprehensive security needs.
Room for Improvement: WatchGuard Firebox needs better integration with third-party solutions and an improved interface. Enhancing reporting and cloud-based management would also benefit users. Microsoft Defender for Endpoint requires more user-friendly threat intelligence tools, better third-party app integration, and automation in reporting.
Ease of Deployment and Customer Service: WatchGuard Firebox is adaptable to hybrid cloud setups and generally has responsive support, though setup can sometimes be complex. Microsoft Defender for Endpoint offers consistent support and seamless deployment experiences due to its strong integration capabilities within its ecosystem.
Pricing and ROI: WatchGuard Firebox provides competitive pricing with cost-effective licensing and significant bulk savings, contributing to a strong ROI. Microsoft Defender for Endpoint is often included in Microsoft packages, reducing costs for existing Microsoft users and providing substantial value through its security features, despite its standalone solutions being relatively pricey.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
Cortex XDR by Palo Alto Networks helps to reduce my total cost of ownership significantly.
In Cortex XDR by Palo Alto Networks, most of the remediation is automated and the accuracy is quite good.
Without detection and protection measures, organizations would face substantial payments and reputational damage, including the necessity to inform customers about data breaches, potentially leading to loss of business.
We have seen a return on investment when using Microsoft Defender for Endpoint, as it saves labor by reducing the need for staff to focus on it.
The biggest return on investment for me when using Microsoft Defender for Endpoint is the time saving.
From a security standpoint, preventing even a single major security incident or prolonged outage can represent significant cost savings.
I do not see any return on investment after WatchGuard Firebox implementation in terms of cost reductions.
Reduced incidents and easier management helped lower operational cost.
The technical support from Palo Alto deserves a mark of ten because they reach out within an hour whenever assistance is needed.
There is no back and forth, and they know what we are asking for and come up with the best resolution for a solution.
If any of these services are missed, it becomes a problem in terms of support tickets, follow-up, or special configuration that needs to be done in the system.
The Microsoft agent, who did not actually work for Microsoft, is one of the vendors that Microsoft uses for support, said, 'Just to set expectations, my lunch break is in an hour and I am going to go away then.'
The level-one support seems disconnected from subject matter experts.
I rate Microsoft support 10 out of 10.
On a scale of one to 10, I would rate the technical support of the WatchGuard Firebox a 10.
When comparing WatchGuard Firebox with other vendors such as Fortinet, SonicWall, Palo Alto, and Sophos, WatchGuard Firebox performs competitively.
Most of the time, support engineers are knowledgeable and able to assist effectively with firewall configuration issues, VPN troubleshooting, firmware updates, and security-related concerns.
You can onboard 10,000 endpoints in just hours, which demonstrates the excellent scalability of this product.
Activating the newly purchased licenses is instantaneous, allowing installations without adjustments since it's cloud-based.
Cortex XDR by Palo Alto Networks can be expanded anytime by purchasing another license without any issues related to scalability.
We managed to scale it out in a short amount of time, with two months of planning and three months of implementation on 10,000 computers.
Microsoft Defender for Endpoint is scalable enough to handle various devices across environments, whether they are laptops, Android devices, or operating in hybrid environments.
Compatibility is its main feature.
Overall, WatchGuard Firebox offers strong scalability for SMBs, MSPs, branch offices, and hybrid environments while keeping deployment and management relatively straightforward.
The user interface and features compared to newer firewalls are not up to the mark, which includes functionalities such as filtering, web filtering, threat protection, user identity, and UTM features that need improvement.
You can choose different models based on throughput and features, which makes it easy to support growing environments.
Cortex remains fast and responsive, even with increasing data and alerts.
The thresholds we've seen on our firewall boxes at some instances reached 80% to 85%, but even at that level of utilization, we don't observe any latency or any issues reported with respect to accessing the application.
Cortex XDR by Palo Alto Networks can be trusted completely.
I haven't seen any outages with Microsoft.
I rate Defender 10 out of 10 for stability.
Defender for Endpoint is extremely stable.
I have just one WatchGuard Firebox unit that is licensed, and I have no bugs on it, so I am happy with that.
Once properly configured, the platform handles VPN connectivity, traffic inspection, and security services constantly, even in multi-site environments with remote users.
There are issues with traffic hitting the firewall, which could indicate performance problems related to throughput.
Improving reporting and dashboard customization, along with the addition of real-time and exportable reports, would help SOC teams greatly.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
Repeated interactions are necessary due to Level One's lack of tools and knowledge, hindering efficient problem-solving and negatively impacting our experience with Microsoft support.
In contrast, competing products offer reduced pricing for long-term commitments, which makes it difficult for us in that environment.
We use Microsoft partners to help govern the platform, and as part of an alliance, we want to gather data from each tenant and combine them for a complete view.
It gives good visibility and control over the traffic, and the UI makes it easy to manage policies and respond quickly when something comes up.
The cost for renewal after three years is 75% of the hardware cost, which is a significant problem.
When implementing a rule using a group of IPs, it is not possible to do that directly.
The pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks.
I would say it is definitely not a cheap product, considering how mature it is and how scalable all Palo Alto products are together.
Compared to CrowdStrike, which is very costly, and SentinelOne, which is also very costly, Cortex XDR by Palo Alto Networks is a medium cost-efficient solution.
That has been the trend we have seen with Microsoft lately—it is just getting more and more expensive.
Given our extensive Microsoft licensing, transitioning to Defender for Endpoint did not affect licensing costs.
It costs $15 per VM for the P2 plan, which is seen as affordable for customers.
When we tried to renew the Palo Alto license, the cost was beyond any reasonable range.
Fortinet is more expensive than WatchGuard.
I find WatchGuard Firebox to be cost-effective.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
It includes machine learning to easily analyze data and detect complex threats across endpoints, networks, or clouds.
Defender for Endpoint's coverage across different platforms in our environment is pretty good. We have devices running Linux, Mac OS, Windows, iOS, and Android. It covers all of them.
Microsoft Defender for Endpoint provides a unified management interface allowing customers to manage their on-premises and hybrid infrastructures from a single pane.
One of the best features of Microsoft Defender for Endpoint is its database for identifying zero-day attacks or malware attacks.
The Firebox offers valuable features such as network security, URL filtering, UTM features, intrusion prevention and detection, and authentication.
The features of WatchGuard Firebox are most valuable for maintaining network security.
Some of the best features of WatchGuard Firebox in my experience are its ease of management, strong VPN capabilities, and integrated security services.



| Company Size | Count |
|---|---|
| Small Business | 46 |
| Midsize Enterprise | 21 |
| Large Enterprise | 53 |
| Company Size | Count |
|---|---|
| Small Business | 82 |
| Midsize Enterprise | 45 |
| Large Enterprise | 96 |
| Company Size | Count |
|---|---|
| Small Business | 101 |
| Midsize Enterprise | 30 |
| Large Enterprise | 17 |
Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.
Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.
What are the key features of Cortex XDR?Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.
Microsoft Defender for Endpoint provides comprehensive threat protection that integrates well with current systems, offering proactive threat detection and automatic updates while reducing manual efforts.
The platform is designed for seamless integration with Microsoft products, facilitating efficient management and use. It offers proactive ransomware protection and valuable threat intelligence, crucial for timely response and increased visibility across devices. Users highlight its ability to secure endpoints from viruses and malware, integrating with Windows and Office 365 to enhance real-time detection capabilities in diverse environments, including hybrid and on-premises setups. However, enhancements are needed in Linux integration, detection accuracy, and policy implementations.
What are the key features of Microsoft Defender for Endpoint?Microsoft Defender for Endpoint is implemented across industries for securing endpoints, relying on its deep integration with Windows and Office 365 to protect against malware and viruses. Organizations benefit from its real-time detection and comprehensive management capabilities, particularly in hybrid environments where diverse digital infrastructures need safeguarding.
WatchGuard Firebox is a high-performance firewall known for its ease of setup, offering robust security with layered protection and centralized management capabilities.
WatchGuard Firebox stands out for its intuitive management and high throughput, addressing security needs with features like VPN, web filtering, and threat detection. Its centralized control and reporting abilities, along with Active Directory integration, make it popular among varied organizations. Its user-friendly interface and ongoing updates enhance usability and reliability. However, there's a call for better cloud-based administration, scalability, and improved integration with third-party vendors.
What are the key features of WatchGuard Firebox?WatchGuard Firebox is implemented across industries to secure internet gateways and protect data in multi-site businesses. Its applications span from Unified Threat Management (UTM) and intrusion prevention to compliance support in business environments requiring secure connectivity through VPNs.
We monitor all Anti-Malware Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.