We performed a comparison between CrowdStrike Falcon and SonicWall Capture Client based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"This is stable and scalable."
"It is stable and scalable."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Ability to get forensics details and also memory exfiltration."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"I like the feature called RTC, the remote time connector."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"The solution offers great stability."
"Cyberattack detection is very good. We use it for detecting different vulnerabilities, such as ransomware, virus, and malware. It is a good product today when compared to Symantec that we used previously."
"The most valuable feature is the indicator of compromise, which show you what file was either quarantined or removed."
"The most valuable feature of CrowdStrike Falcon is its accuracy."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"Scalability hasn't been an issue for us."
"The solution serves as a very stable platform."
"The most valuable features of SonicWall Capture Client are CSC (Capture Security Center), RTDMI (Real-Time Deep Memory Inspection), and the deep memory inspection feature."
"Overall, what I love the most about SonicWall Capture Client is its management console. SonicWall Capture Client also has the intelligence to tell you which computer is online, what OS it uses, etc. I also found the rollback feature and SentinelOne integration valuable in SonicWall Capture Client. Rollback is a powerful feature of the solution because it's similar to locking your endpoint during an attack, so you won't have to pay the hackers, particularly during ransomware attacks. That feature in SonicWall Capture Client allows you to get back your endpoint or make your endpoint right again after an attack. I also like that it isn't complex to remove the engine error from the endpoint because you only have to provide the security key from SonicWall Capture Client, so the process is simple. It's not complex."
"SonicWall Capture Client's scalability is nice."
"The initial setup is straightforward."
"SonicWall Capture Client has a serial number to connect to your firewall."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"Detections could be improved."
"Intelligence aspects need improvement"
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"I haven't seen the use of AI in the solution."
"The SIEM could be improved."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Dashboard creation is one of the areas for improvement in CrowdStrike Falcon. Sometimes, management asks for a custom dashboard, so my team has to collect data from CrowdStrike Falcon, integrate that in Splunk, then create the dashboard in Splunk. The Splunk dashboard is more elaborate, so the CrowdStrike Falcon dashboard needs improvement. Another area for improvement in the tool is the malware detection report, as it needs to be more detailed and include some graphics so that if you want to present that data in a nutshell, it's easier to do. For example, the report should consist of some graphical representation that shows a month's worth of data. In terms of an additional feature I'd like CrowdStrike Falcon to have, it's the device posture assessment feature that detects the device posture within the network. Whichever device connects to the corporate network, my company should be able to analyze the device posture. Then there should be communication with the network, which means that as soon as a device connects, CrowdStrike Falcon can assess the device posture, detect its corporate asset, and decide whether it should be allowed on the network."
"It would be nice if the dashboard had some more information upfront, and looked a little better."
"On the firewall management side, there should be more granularity. There should also be more granularity for device control. Everything else is brilliant."
"CrowdStrike Falcon sometimes wrongly flags things as malicious. Let's say a user is active on Chrome only. Sometimes, our cross-segmenting will fetch from the backend data and show that it is malicious because of memory or CPU utilization."
"CrowdStrike costs a little more than its competitors."
"To simplify the budgeting process for our clients, CrowdStrike should consider offering bundled packages that include essential features."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that."
"The vulnerability reports need to be better. Windows Defender detected some issues that SonicWall Capture Client couldn't."
"The biggest issue with SonicWall Capture Client is network latency."
"SonicWall Capture Client could be made a little lighter than it currently is in terms of memory consumption."
"An area for improvement in SonicWall Capture Client is TenantCloud support. Suppose you want to implement SonicWall Capture Client. You'll have to register it on MySonicWall. Then once your SonicWall Capture Client license expires and you don't want to renew it, you can't delete it from your MySonicWall account, so that's an area for improvement."
"They should improve their user interface."
"It takes technical support too long to resolve an issue."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while SonicWall Capture Client is ranked 49th in Endpoint Protection Platform (EPP) with 6 reviews. CrowdStrike Falcon is rated 8.8, while SonicWall Capture Client is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of SonicWall Capture Client writes "A stable solution that is used for endpoint security and to protect computers from malware". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas SonicWall Capture Client is most compared with SentinelOne Singularity Complete, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Bitdefender GravityZone Enterprise Security and ESET Endpoint Protection Platform. See our CrowdStrike Falcon vs. SonicWall Capture Client report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.