We performed a comparison between Fortinet FortiEDR and NetWitness Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"This is stable and scalable."
"The solution was relatively easy to deploy."
"The product detects and blocks threats and is more proactive than firewalls."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"NetWitness can be highly beneficial for incident detection and response."
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"The most valuable features are the packet inspection and the automated incident response."
"It gives the capability for the incident response team to correlate logs to identify any kind of problem like malware and incidents in a general sense, both for logs and packets."
"The packet capture aspect of it is a valuable feature because it is quite different from a traditional SIEM solution that only carries out investigations based on captured logs."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Detections could be improved."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"ZTNA can improve latency."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The product's licensing models are complex to understand. This particular area needs improvement."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"The initial setup is very complex and should be simplified."
"Health monitoring of the event sources and devices."
"We have encountered issues with unresolved crashes."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
Fortinet FortiEDR is ranked 12th in Endpoint Detection and Response (EDR) with 32 reviews while NetWitness Platform is ranked 18th in Log Management with 36 reviews. Fortinet FortiEDR is rated 7.8, while NetWitness Platform is rated 7.4. The top reviewer of Fortinet FortiEDR writes "A proactive solution that works as a proactive upgrade from a firewall". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Fortinet FortiEDR is most compared with Fortinet FortiClient, CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.