We performed a comparison between Fortinet FortiEDR and NetWitness Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in Endpoint Detection and Response (EDR)."The stability is very good."
"The product detects and blocks threats and is more proactive than firewalls."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"NGAV and EDR features are outstanding."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet is very user-friendly for customers."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The most valuable features are the packet inspection and the automated incident response."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"NetWitness can be highly beneficial for incident detection and response."
"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."
"The newer 11.5 version that my team is using has found it to have good mapping."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"I haven't seen the use of AI in the solution."
"We find the solution to be a bit expensive."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Cannot be used on mobile devices with a secure connection."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"The tool's integration capability isn't so great."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"Health monitoring of the event sources and devices."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"It should have a monitoring feature. It would help us analyze the current state of attacks faster from a single platform."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
Fortinet FortiEDR is ranked 13th in Endpoint Detection and Response (EDR) with 30 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Fortinet FortiEDR is rated 8.0, while NetWitness Platform is rated 7.4. The top reviewer of Fortinet FortiEDR writes "A proactive solution that works as a proactive upgrade from a firewall". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Fortinet FortiEDR is most compared with Fortinet FortiClient, CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.