We performed a comparison between BigFix and Microsoft Defender for Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Ability to get forensics details and also memory exfiltration."
"The stability is very good."
"It allows for visibility into the OT, the industrial environments, that didn't exist before which is a big piece and has benefited my organization. Second, the speed at which people can patch is night and day versus SCCM scan or another similar solution."
"BigFix helped us to identify the compliance of devices and has also improved the way that we manage our software inventory for reporting to vendors."
"We found the implementation partner to be very supportive in terms of explaining and training the in-house resources and deploying the solution."
"DOWNLOADING-PATCHES; It has also helped to reduce network traffic when it comes to downloading patches. By only having to download the patch once to the central location and then utilizing the relay structure to then download the patch to a specific site and then everything gathering at local, it greatly reduces the bandwidth of multiple endpoints."
"My company provides support services to a lot of customers and companies. We have reduced a huge amount of man-effort. Along with the man-effort, we have reduced the timeline to fix the compliance and security gaps. We have an unbroken record. The documentation clearly says that we have done the patching of newly released patches, including Microsoft and third-party patches, in up to 80% of the computers, within 72 hours of the release of the production. That was a very massive benefit that we have seen. When I talk about the 80% endpoints, it is 100 or 200. I am talking about 25,000 endpoints."
"From a security standpoint, it allows us to make sure that we're not leaving ourselves vulnerable to exploits and things like that. That's the biggest advantage that we see to the product from a security standpoint."
"Patch management, because it very much improved the patch compliance and has the capability to manage Windows and non-Windows clients."
"Servers are patched more consistently than they have been previously."
"The scalability is good."
"I like the simplicity of the portal and the integration with Microsoft Intune. Microsoft Defender for Endpoint is easy to use and implement."
"Microsoft Defender for Endpoint is different from other security tools because we can configure it to use multiple types of scanning or archiving."
"The features I have found most valuable are the ransomware and malware protection. The solution detects malware live and whenever it detects suspicious activity, it quarantines it."
"The most valuable feature is that we can use the solution right out of the box without too much configuration."
"This software is easy to use."
"Microsoft's technical support is fantastic."
"The most valuable features are that it's easy to use and the updates are very simple."
"Cannot be used on mobile devices with a secure connection."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Making the portal mobile friendly would be helpful when I am out of office."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The solution should address emerging threats like SQL injection."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution is not stable."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"I'd definitely like to see additional feature parody in the web UI versus the console. There are certain things that you can only do in the console and they're very cumbersome to do, like secure parameters, for example. That's definitely something that has a wide degree of utility but it needs to be easier to surface. At this particular juncture between the transition, between the legacy console and the web UI, it's hard to justify dealing with the cumbersome aspects of the legacy console when theoretically everything's been through the web UI."
"The BigFix Inventory could have an increased scope regarding the tools that can be detected. It does not cover all the possible software installed in Asset."
"I would like to see more custom content."
"The solution could improve by adding support drivers for different systems and equipment. When you have a lot of different computers if they could fix how to install any updates, firmware, or drivers for different systems or servers it would be good."
"I would like to see more emphasis on using the web console, to have the same power as the full fat client console that they do they now. It's a lighter way to log in and it would be faster for our operators to do their work. The console tends to take a long time for a large number of clients."
"BigFix should improve its compatibility with other platforms, such as Linux."
"The scalability of the web UI product doesn't scale to the size that we need for our implementation so it needs to expand. I would also like to see the capability to develop on the back of the web UI capability. There are lots of web features and integrations that we could do with web UI that it would be nice to be able to put on top of what's already there, rather than waiting for IBM to develop what we need."
"It can be improved speed-wise. They can make it a little bit light. If you do any query for servers in bulk, it can take some time. Similarly, creating a job can take some time."
"I'm not too sure of its current capabilities, but I'm pretty sure they are doing a good job on Windows and Mac. However, I'm not sure whether they covered Linux. If I remember correctly, Microsoft Defender didn't have anything proper on Linux back then, but if they have improved it from that aspect, it would already be ticking all the boxes."
"The solution could improve by providing more integration."
"Microsoft Defender for Endpoint is not as robust, and you cannot customize it much, so that's a challenge."
"Some of the integrations that Defender should include involve the use of the web app."
"The documentation could be better. When they update their manuals, sometimes they refer to products by their old names, so it is a little confusing. For example, the documentation might still say "Advanced Threat Protection" instead of Defender for Endpoint."
"This solution is not secure, which is why I have moved to Linux."
"Auto recovery is the most important feature that we would need from this solution. For decryption, similar to Malwarebytes, there should be something to be able to recover the data up to the last normal status. Its ability to recover data to the last normal copy must not exceed 5 to 10 minutes."
"The onboarding and deployment could be more user-friendly, and there is room to grow in some of the reports. I don't want them to be oversimplified or overly complex, but there is room for improvement in the reporting it can do. It's relatively minor."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
BigFix is ranked 14th in Endpoint Protection Platform (EPP) with 91 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. BigFix is rated 8.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of BigFix writes "Very stable and easy to deploy with excellent patch compliance". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". BigFix is most compared with Microsoft Intune, Microsoft Configuration Manager, Microsoft Windows Server Update Services, Tanium and CrowdStrike Falcon, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Fortinet FortiClient. See our BigFix vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.