We performed a comparison between Cisco Secure Endpoint and WatchGuard Threat Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the analysis, because of the beta structure."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The setup is pretty simple."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It is stable and scalable."
"The product's initial setup phase was very simple."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help."
"For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors."
"The most valuable feature is the correlation of logs from different devices."
"The analytics are important because if there is an abnormality then it provides that information to us."
"WatchGuard Threat Detection and Response is a reliable solution."
"WatchGuard is very user-friendly. It provides us with all of the security services we need."
"The interface is very good."
"The basic functionality is fantastic. It has been performing well. I generated a report on one machine, using that as the deployment machine. When scanning the network, it discovered machines on the network and deployed the same endpoint protection from that one machine I have on my network."
"I like WatchGuard's network segmentation features. It's easy to configure user policies."
"The tool provides automated responses."
"ZTNA can improve latency."
"Cannot be used on mobile devices with a secure connection."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"We find the solution to be a bit expensive."
"One of the things that Cisco Secure Endpoint really needs is that it's not just Secure Endpoint, it's a point product, and I think we really need to move into solution-based selling, designing, and architecting. So that we're not worried about putting things on endpoints and selling 'x' amount of endpoints, but to provide a solution that covers all of the remote access and sell them as solutions that cover multiple things."
"It is not very stable because we have new versions four times a year, which fixes bugs. We had some problems with some deployments."
"The initial setup of Cisco Secure Endpoint is complex."
"It's pretty good as it is, but its cost could be improved."
"I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"Integration and dashboard are areas with certain shortcomings in Cisco Secure Endpoint."
"The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers."
"I'd like a few extra features, especially around threat severity assessment."
"The solution is a bit confusing and there are unusual complications with setup."
"WatchGuard should offer more visibility into user activity. For example, we should have more details when WatchGuard denies a user access to a port."
"When it comes to live-monitoring, the user-interface could be improved to make things easier."
"The website must provide more information on the product."
"This product needs to be fully integrated with the firewall. Currently, it only sends logs to the cloud and asks the firewall to correlate them."
"It can have a couple of false positives, but after you add them to your allow list, it works fine. It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good."
"The ease of detecting where an issue is should be improved."
More WatchGuard Threat Detection and Response Pricing and Cost Advice →
Cisco Secure Endpoint is ranked 9th in Endpoint Detection and Response (EDR) with 45 reviews while WatchGuard Threat Detection and Response is ranked 27th in Endpoint Detection and Response (EDR) with 12 reviews. Cisco Secure Endpoint is rated 8.6, while WatchGuard Threat Detection and Response is rated 8.2. The top reviewer of Cisco Secure Endpoint writes "Makes it possible to see a threat once and block it across all endpoints and your entire security platform". On the other hand, the top reviewer of WatchGuard Threat Detection and Response writes "Offers deployment simplicity, especially for firewalls and firewall configuration and good documentation available ". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Check Point Harmony Endpoint and SentinelOne Singularity Complete, whereas WatchGuard Threat Detection and Response is most compared with CrowdStrike Falcon, Darktrace, Trend Vision One, SentinelOne Singularity Complete and Huntress. See our Cisco Secure Endpoint vs. WatchGuard Threat Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.