We performed a comparison between CrowdStrike Falcon and WatchGuard Threat Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."NGAV and EDR features are outstanding."
"It is stable and scalable."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The stability is very good."
"The setup is pretty simple."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"I get alerts when scripts are detected in the environment."
"Cyberattack detection is very good. We use it for detecting different vulnerabilities, such as ransomware, virus, and malware. It is a good product today when compared to Symantec that we used previously."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"From what we have seen, it is very scalable. We have recently acquired a company where someone had a ransomware attack when we joined networks. Within the course of just a few days, we were able to easily get CrowdStrike rolled out to about 300 machines. That also included the removal of that company's legacy anti-malware tool."
"The DLP is the most valuable feature of CrowdStrike Falcon."
"As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system."
"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
"I like WatchGuard's network segmentation features. It's easy to configure user policies."
"The basic functionality is fantastic. It has been performing well. I generated a report on one machine, using that as the deployment machine. When scanning the network, it discovered machines on the network and deployed the same endpoint protection from that one machine I have on my network."
"When you download the executable file from the internet, it automatically sandboxes to make sure it's not doing anything incorrectly."
"The most valuable feature is the correlation of logs from different devices."
"The solution is very easy to use."
"WatchGuard is very user-friendly. It provides us with all of the security services we need."
"The protection that it provides from ransomware is valuable. The awareness that it has is also valuable. It didn't have a central console earlier, but now it has a central console, which is pretty good."
"WatchGuard Threat Detection and Response is a reliable solution."
"The only minor concern is occasional interference with desired programs."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"Cannot be used on mobile devices with a secure connection."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution is not user-friendly."
"We find the solution to be a bit expensive."
"I would like to see equal support across all versions. Aside from that, I would say most of the features are there."
"The product could be more accurate in terms of performance."
"The detection time has room for improvement."
"They respond quickly on the weekdays, but the weekend response times are slower."
"The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."
"Some of Falcon's features are a bit pricey."
"Crowdstrike Falcon XDR can improve the integration. There are some locks on the cloud to on-premise integrations."
"They don't really have anything when it comes to scanning attachments."
"It can have a couple of false positives, but after you add them to your allow list, it works fine. It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good."
"WatchGuard should offer more visibility into user activity. For example, we should have more details when WatchGuard denies a user access to a port."
"The reporting isn't so good. If they worked to improve this aspect of the solution, it would be much stronger."
"The ease of detecting where an issue is should be improved."
"When it comes to live-monitoring, the user-interface could be improved to make things easier."
"The solution is a bit confusing and there are unusual complications with setup."
"The administrative UI/UX could be significantly improved."
"This product needs to be fully integrated with the firewall. Currently, it only sends logs to the cloud and asks the firewall to correlate them."
More WatchGuard Threat Detection and Response Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 107 reviews while WatchGuard Threat Detection and Response is ranked 27th in Endpoint Detection and Response (EDR) with 12 reviews. CrowdStrike Falcon is rated 8.8, while WatchGuard Threat Detection and Response is rated 8.2. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of WatchGuard Threat Detection and Response writes "Offers deployment simplicity, especially for firewalls and firewall configuration and good documentation available ". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas WatchGuard Threat Detection and Response is most compared with Darktrace, SentinelOne Singularity Complete, Trend Vision One, Bitdefender GravityZone EDR and Huntress. See our CrowdStrike Falcon vs. WatchGuard Threat Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.