We performed a comparison between Microsoft Defender for Endpoint and SonicWall Capture Client based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet is very user-friendly for customers."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The product detects and blocks threats and is more proactive than firewalls."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"It is stable and scalable."
"This is stable and scalable."
"The most valuable aspect lies in its automation capabilities, particularly within security automation."
"I am using it for very simple purposes. It is perfect and quite effective. I have been using it for a while, and I have never had any virus infection, data leak, or other security breaches. It works fine for standalone purposes. If you log on to OneDrive, it has ransomware protection."
"What I like most is the protection against phishing emails and anti-spam."
"The most valuable feature of Microsoft Defender for Endpoint is its ability to bring together all the data, providing more information than just antivirus hits."
"Defender for Endpoint has one dashboard with security-related information, vulnerability-related information, and basic recommendations from Microsoft, all in different tabs. That's helpful because if we want to fix only the recommended ones, we can go fix all of them..."
"The whole bundle of the product, which is similar to other Microsoft products, is valuable. Ten years ago, you had third-party stuff for different things. You had one solution for email archiving and another third-party one for something else. Nowadays, Microsoft Office covers all the stuff that was formerly covered by third-party solutions. It is the same with antivirus. The functionality is just basic. You have the scanning, and then you also have a kind of cloud-based protection and reporting about your environment. With Microsoft Security Center, you have a complete overview of your environment. You know the software inventory, and you have security recommendations. You can not only see that the antivirus is up to date; you can also see where are the vulnerabilities in your system. Microsoft Security Center tells you where you have old, deprecated software and what kind of CVEs are addressed. It's really cool stuff."
"The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN."
"Easy to understand and easy to set up endpoint security solution. It's a multifeatured product with web content filtering and automated investigation features. It also has a fantastic vulnerability management dashboard."
"SonicWall Capture Client's scalability is nice."
"The most valuable features of SonicWall Capture Client are CSC (Capture Security Center), RTDMI (Real-Time Deep Memory Inspection), and the deep memory inspection feature."
"The initial setup is straightforward."
"SonicWall Capture Client has a serial number to connect to your firewall."
"The solution serves as a very stable platform."
"Overall, what I love the most about SonicWall Capture Client is its management console. SonicWall Capture Client also has the intelligence to tell you which computer is online, what OS it uses, etc. I also found the rollback feature and SentinelOne integration valuable in SonicWall Capture Client. Rollback is a powerful feature of the solution because it's similar to locking your endpoint during an attack, so you won't have to pay the hackers, particularly during ransomware attacks. That feature in SonicWall Capture Client allows you to get back your endpoint or make your endpoint right again after an attack. I also like that it isn't complex to remove the engine error from the endpoint because you only have to provide the security key from SonicWall Capture Client, so the process is simple. It's not complex."
"The dashboard isn't easy to access and manage."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"We find the solution to be a bit expensive."
"The only minor concern is occasional interference with desired programs."
"I haven't seen the use of AI in the solution."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"It is using a large space in your memory all the time. While an antivirus will use some of your memory, if they could reduce the load of the antivirus to some extent that would be good."
"Windows Firewall is integrated with Windows Defender. Over the last few days, I have had a problem with defining a wildcard on Windows Firewall. For example, I wanted to pull out the connection of my program and install a software package with a lot of executable files. I wanted to prevent it from accessing the internet. I could not select executables by using a wildcard. I had to select a single executable with its full name."
"Microsoft Defender in the basic form is not very useful for managing the security environment. The free version is not capable of covering the needs of centralized management, EDR, and behavioral analysis. If you don't have the commercial version, you can't have centralized management and set up the policies and other things. Each client is a standalone installation, which is not useful for security in an enterprise model."
"I am not sure if I will be using this product in the future because of the price."
"I would like to be able to set up any kind of protection I want in the firewall, any IP address or any number."
"On the Mac OS platform, there is no parity between Windows and Mac OS. The solution is very feature-rich and very well-integrated into Windows, and I guess baked into Windows 10 and Windows 11. Whereas, on the Mac OS platform, there is still some work there to give it a more feature-reach platform."
"It is currently more suitable for end-users rather than enterprises with lots of other processes and third-party tools. It needs improvement on that front. We had many issues while integrating it with our enterprise solutions, such as Splunk, and third-party tools. It provides everything via APIs. Other vendors provide integration with third-party tools, but Microsoft doesn't do that. It is also logging too much and is not serialized from the process aspect. It has all the data, but it is not in a proper format or not properly indexed, which doesn't make it easier for enterprises to use this data. Other vendors provide troubleshooting information that can be used to troubleshoot issues, but Microsoft doesn't provide anything like that."
"I would like to see integrations with other products, such as Spunk and other CM solutions. That would create possibilities for me, and for a SOC, to consolidate all events in an older console, not one provided by Microsoft but provided by a third party, and use it to create more insights."
"An area for improvement in SonicWall Capture Client is TenantCloud support. Suppose you want to implement SonicWall Capture Client. You'll have to register it on MySonicWall. Then once your SonicWall Capture Client license expires and you don't want to renew it, you can't delete it from your MySonicWall account, so that's an area for improvement."
"It takes technical support too long to resolve an issue."
"The biggest issue with SonicWall Capture Client is network latency."
"SonicWall Capture Client could be made a little lighter than it currently is in terms of memory consumption."
"The vulnerability reports need to be better. Windows Defender detected some issues that SonicWall Capture Client couldn't."
"They should improve their user interface."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while SonicWall Capture Client is ranked 49th in Endpoint Protection Platform (EPP) with 6 reviews. Microsoft Defender for Endpoint is rated 8.0, while SonicWall Capture Client is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of SonicWall Capture Client writes "A stable solution that is used for endpoint security and to protect computers from malware". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas SonicWall Capture Client is most compared with SentinelOne Singularity Complete, CrowdStrike Falcon, Cortex XDR by Palo Alto Networks, Bitdefender GravityZone Enterprise Security and ESET Endpoint Protection Platform. See our Microsoft Defender for Endpoint vs. SonicWall Capture Client report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
