What is our primary use case?
The solution is primarily being used at our endpoint, which includes roaming users with laptops. It is being used in all of our servers at our data center. Our security team can monitor everything centrally using the Falcon dashboard. If there is an incident, our team can actually go to the root cause of the incident to try to solve it there.
What is most valuable?
The overall user experience is good. As of today, there have been no incidents that we've had to deal with and we've been using it for years.
The solution has a very good graphical interface. It makes it easy to use. The central monitoring is excellent.
There's almost no maintenance required. It's very low if there's any at all.
The solution is an AI and ML-enabled tool for protecting our endpoints. We're still able to use Symantec as an endpoint as well.
What needs improvement?
The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ.
I'd really like to have a complete solution. Right now most of the incidents happen on our endpoints. It is visible at the endpoint, the end server. If this can have a correlation tool that could actually give us a comprehensive dashboard, that would be useful. It could give us top-down visibility and could be from the firewall or any kind of security protection tool. It could be part of the DNS protection suite. However, that's why it's so important to have better integration capabilities.
If this endpoint is trying to get at this particular website and it is identified as DNS level protection, that also comes to this dashboard. Around 80% to 90% view of whatever it is happening with this endpoint, whatever action it is doing, can be inspected on the dashboard.
If the endpoint is protected by CrowdStrike. I am only to access this application through a CrowdStrike protected device.
For how long have I used the solution?
We have been using CrowdStrike as a tool now for the last three months.
What do I think about the stability of the solution?
The stability may be too early to judge, as we are still in a POC. However, when we see the product, it is very, very stable.
What do I think about the scalability of the solution?
We didn't go with the Basic version. We went with Superior. Even the insurance companies are also sold on this product.
We find that the solution is very, very scalable as a tool and it can completely manage and protect the endpoint. It offers around 99.99% of your protection and assurance and can scale up however much you like.
We have implemented it for approximately 200 users as a POC. We are ready to have a contract with CrowdStrike and we will be implementing it for 700 users in the end, so we will scale it from the POC when we begin to officially use it.
How are customer service and technical support?
Due to the fact that we are still running a POC, we have direct access to the principal on the contract. They have given us a lot of confidence in the product and they are always available alongside the system integrator. We basically have two layers of support.
At this initial stage, if there is any troubleshooting needed, or any type of support is required, the system integrator will provide this to us. If we need to escalate to support for some reason, we have agreed to have CrowdStrike themselves look into any issues.
So far, it's been an effective system and we are satisfied with the level of support we've received.
Which solution did I use previously and why did I switch?
We were using Symantec products, which were Symantec EndPoint Four and Five. We found that the latest modules needed additional tools to protect us. There were multiple tools needed at various levels. There was complexity in increasing users on this platform. It also took a more traditional approach to security, and we were looking for something more advanced that had advanced AI and ML capability.
We evaluated CrowdStrike and we found it satisfactory in our environment. Therefore, we decided to change to it from Symantec.
How was the initial setup?
The initial setup is very, very straightforward, and very easy to use. So far, we've found it very easy to drill down to the root cause.
This is a new area and product for us, so we decided to start using it as a POC. We started in March, or the end of February, of this year, and we have done a POC for some of our users. We'll be going forward with a full implementation and increasing our usage.
In terms of maintenance, I don't find there's much of a requirement for it. It is very easy to maintain. For monitoring and reporting purpose, we have access to a dashboard. Our security can take a look at everything themselves. We also have team members that are capable of configuring this product. That will help us to reduce the requirement of manpower in the long run.
What about the implementation team?
We had a system integrator partner that assisted us with the POC.
What's my experience with pricing, setup cost, and licensing?
I'm not sure what the exact cost of the solution is.
What other advice do I have?
We're a customer. We don't have a business partnership with this solution.
I'm not sure which version of the solution we're using right now. It is the latest, as far as I know. We're currently running a POC with it.
In today's environment, it's very crucial to protect a company from ransomware, and malware. We focus mainly on avoiding these types of attacks. We're always interested in the latest tools that have the latest techniques and are effective in our environment.
On top of that. we've noticed during the pandemic, there are even more threats happening. We need to focus most of our energy on the endpoints which are basically connected to an unprotected network.
The focus on the endpoints has to be increased at this point in time to ensure we have maximum protection. We prefer to have a cloud-based product rather than an on-premise-based product to protect our data and our endpoints. Therefore, we may need to move to a cloud-based protection suite. Other companies should also consider this. Whether they choose a product like CrowdStrike, Cortex, or Cylance is up to them.
I'd rate the solution eight out of ten.
Which deployment model are you using for this solution?
Get Fast and Easy Protection Against All Threats
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.