Fortinet FortiEDR Reviews

We would have used this solution for endpoint detection EDR, which we don't currently have. We wanted to see how it works with the discovery of the history of some things that might come up.

The dashboard is easy to follow and use. 

The deployment and uninstalling were easy.

I like the detailed information about the path of a file that might be suspicious. Being able to check that out was easy to follow.

Exceptions are easy to create and the interface is easy to follow with a nice appearance.

The SIEM could be improved. I would have liked to see that you could access the same SIEM or Fortinet EDR dashboard from the same login, but I heard that they were different, which was a bit of a letdown.

I used this solution for a month to do a PoC.

I was using the latest version.

It's a stable solution. It would fit our organization's needs.

We are currently using Cylance.

The initial setup was straightforward. There were no complexities.

The deployment didn't take long at all. It took more time to create a Cylance install and push-out to the network to do anything. It didn't really take that much time. It was no problem.

There are no issues with the pricing.

We were using a demo for both Fortinet FortiEDR and SentinelOne. We were doing PoC on both to see which one we wanted to use.

We wanted to see the differences between them and Cylance.

I would rate Fortinet FortiEDR an eight out of ten.

We own facility houses for the elderly and I'm a network and system admin. We are customers of Fortinet.

The solution is stable and scalable. 

We'd like to be able to put this on our mobile devices and make secure connections to our network. It would be great if we could bring this product in a single MDM application for mobiles, Androids, and for IOSs. It's complicated to administer so I'd like one application for all these things. 

I've been using this solution for two years. 

The solution is stable. 

The product is scalable, we have 30 users in our company. 

The initial setup is a little complicated. We have three admins currently involved. 

Licensing costs could be lower. 

This product is currently in our test environment and I like it and rate FortiEDR eight out of 10. 

We use FortiEDR in the education sector, where we have customers with multiple students, each with their mobile phones and endpoints. Our primary use case involves protecting and monitoring these endpoints for threats or anomalies. It helps us correlate incidents and events to ensure a secure environment for our clients.

The integration capability with FortiGate has been valuable as it enhances our customers' network visibility. Additionally, the automated response features, which allow us to quarantine endpoints and conduct further investigations when threats are detected, have proven effective in maintaining security.

The platform could be improved by enhancing network visibility and reducing the frequency of false positives. Leveraging AI for more accurate threat detection could also significantly improve its effectiveness.

I have been working with FortiEDR for around three years.

I find the platform to be stable. I rate the stability an eight out of ten.

I would rate the product scalability an eight out of ten. It effectively scales to meet the needs of medium-sized organizations.

The setup and deployment are relatively straightforward.

The platform is cost-effective. I rate the pricing a ten. 

FortiEDR is a robust solution for medium-sized companies, especially in sectors like education where endpoint security is crucial. Its integration with other Fortinet products can significantly enhance network security and visibility.

I rate the product an eight. 

The primary use case of the solution is to help protect our components.

Forensics is a valuable feature of Fortinet FortiEDR.

When the Fortinet FortiEDR is enabled sometimes our applications stop. The solution causes our applications to crash. There is room for better integration to prevent stability.

The exception handling for the on-prem version has a cap compared to the cloud version and can be improved.

I have been using the solution for ten months.

The solution is not stable. I give the stability a two out of ten.

The solution is scalable.

We have 2,000 people using the solution.

We have a premium technical support service through Fortinet.

The initial setup is complex. I give the deployment a three out of ten.

We are still in the process of deploying the solution.

The price is comprable to other endpoint security solutions.

I give the solution a five out of ten.

Three dedicated people are required for maintenance.

I do not recommend the on-premise version of the Fortinet FortiEDR. I recommend people use the cloud version instead because it is more stable.

It is mostly used according to client’s need. 

I believe that easy deployment is primarily used to facilitate client learning. Additionally, when it comes to EDR, there are more tools available to assist with client work. 

We've encountered challenges during API deployment, occasionally resulting in unstable environments. Deployment can be a bit tricky at times. In terms of pricing, EDR tends to be more costly than FortiClient. In some cases, we opt for FortiClient because clients may not have the resources or time to invest in EDR.

I have experience with Fortinet FortiEDR. 

It is a stable solution.

It is a scalable solution.

The customer service is very good.

Positive

The initial setup is pretty easy and I would rate it an eight out of ten. 

It is expensive and I would rate it an eight out of ten.

I would overall rate it an eight out of ten. 

The solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features. 

I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components. 

I have been working with the product for three years. 

I would rate the solution's stability an eight out of ten. 

I would rate the product's scalability a ten out of ten. 

I would rate the solution's setup an eight out of ten. We have deployed the solution on the cloud and on-prem. The tool's deployment took three weeks to complete. 

I would rate the solution's pricing an eight out of ten. 

I would rate the product an eight out of ten. We work with medium customers. The product's integration and customer service are great. 

We primarily use the solution as an EDR. We use the product to keep things homogenous as the company uses a lot of Fortinet products. 

The solution was relatively easy to deploy.

Our whole environment is using Fortinet and this integrates well into it. 

I've never tried the solution in mixed environments. I'm not sure if it would work well in an environment with Palo Alto or Cisco.

The support needs improvement. 

It is not a good product for smaller organizations or organizations under 500 endpoints. 

Having a fully integrated team would be nice. Recently, we had to use a third-party team. 

We only started using the solution about 12 months back.

I'd rate the stability six out of ten. It does take quite a bit of memory. Sometimes this is not the most stable of platforms. 

I'd rate the scalability at seven out of ten. 

We had issues with scaling. We had to use a third-party team which was an issue with the deployment. When we had to expand there were complications. We ended up exceeding the number of endpoints we signed up for. It was not sized properly.

The companies using the solution would have to be large or medium-sized at least. It wouldn't be economical to use for a small company. If a company has under 500 endpoints, it wouldn't necessarily make sense to use the solution. 

We've been disappointed with technical support. They need to improve their services. Having a fully integrated team would be nice. Right now, we deal with a third-party team and have had some issues with them.

Neutral

I also use Cynet and prefer that to FortiEDR.

Cynet is easy to use. It's basically launch and leave.

It is straightforward to set up and easy to deploy.

The pricing for FortiEDR is pretty high. It's not affordable for small companies. I'd rat the affordability three out of ten in terms of affordability, with ten being affordable. 

I'm an end-user.

I can recommend this solution, however, it wouldn't be at the top of my list in terms of recommendations.

I'd rate it six out of ten overall. There is quite some space for improvement.

NGAV and EDR features are outstanding.

We saw Lockey very early on and caught it via behavioral signatures on the traditional AV. We already had parts of the payload downloaded because the traditional AV behavioral signatures were not blocking everything. We had removed the endpoint from the network to investigate and realized the standard AV would have failed. Adding enSilo blocked Lockey immediately and allow no parts of it through. We have found errors in other applications and used enSilo findings to improve the operation of our systems. enSilo also provides a forensic service, which we have leveraged to validate files are malicious or not.

One of the key features to enSilo is it does not block/delete entire executables. Instead, it blocks malicious functions. This allows users to be unaffected if the file is useful but has bad components. FoxIt is a good example of this. Not a malicious tool but has vulnerable behaviors that enSilo can block.

The engineering team continues to add useful features, like the ability to search for files and hashes across the environment. At the moment, I am very happy with the product. Not a deal killer, but making the portal mobile friendly would be helpful when I am out of office.

Almost two years.

Endpoint agent is incredibly small (<2MB), so it is very easy to deploy.

Product has been rock solid from its earliest versions until now. Seems the engineers do a good amount of QA and testing, so they do not release half-baked software.

Recently tripled our deployment size over a weekend without issue.

enSilo team is super responsive. From the tier 1 support to the advanced malware researchers, they all understand customer service. I have been called and emailed at 1AM with high-risk events, and also when I reach out at 2PM, they respond just as fast.

The team is not hesitant to escalate an issue to development/engineering. Unlike a lot of companies, they are quick to modify the application to fix an issue.

Used Tanium and other EDR/Forensics tools at previous employers. Those tools are great at managing overwhelming information but do not necessarily help with visualizing real threats occurring in the environment. enSilo quickly provides a visualization of what has happened and where the malicious behavior occurred. You can then dive down to a full memory dump without having to dig through other useless screens.

The management is cloud-based so it was easy to just install agents and go after opening a firewall to our dedicated IP.

In-house. No real need to go external.

I avoid this question with security tools as there is no real return on this, just a lowered burden to manage risk. I will say the tool requires maybe 2 hours of actual focus a week, so much less noise than other tools. enSilo also reduces our risk more than any other tool we have (firewall, web filter, email filter, etc.). From that perspective, we get the most risk reduction with the least burden from enSilo.

I know it is tough to get big budget additions up front, but I highly recommend deploying environment wide and adding the forensic service. Prioritize your most at risk assets, e.g., users with unrestricted browsing or access to sensitive data.

Yes:

Carbon Black - Too much noise and time to configure policy. Also, it had too many disparate components to manage/up-sell.

Tanium - Would not talk to us, because we are under 5000 endpoints.

Cylance - Not mature enough at the time of our initial purchase in early 2016.

Confer - Lots of promise, but got purchased by Carbon Black.

Check it out, it is definitely worth your time. They have a unique approach and will let you sleep at night.