We performed a comparison between BigFix and Microsoft Defender for Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"This is stable and scalable."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Prior to BigFix we used Altiris, which was distributed. We had to manage multiple servers, and duplicate the tasks that we did on each server. BigFix tremendously reduced the amount of work that we had to do on each server in a centralized manner. We could minimize the work that we had to do, and we had a lot more control over the tasks and what machines they ran on."
"The most valuable and essential features of BigFix are all of them, they are needed when serving the purpose of the desktop operation framework. We cannot run operations without patching or without having an appropriate mechanism for deploying software, et cetera. The features all serve their purpose for our use case."
"Ability to run custom reports and custom relevance."
"BigFix technical support is good."
"Patch management, because it very much improved the patch compliance and has the capability to manage Windows and non-Windows clients."
"The most valuable aspect of BigFix is its ability to patch desktops. While we have complete control over servers and can easily push patches to them, desktops pose a greater risk for leaks and vulnerabilities if patches are not installed in a timely manner. By using BigFix, we have significantly improved our ability to patch desktops, whether they are laptops, desktops, or other mobile devices used by end-users."
"It's good for reporting hardware and software."
"My company provides support services to a lot of customers and companies. We have reduced a huge amount of man-effort. Along with the man-effort, we have reduced the timeline to fix the compliance and security gaps. We have an unbroken record. The documentation clearly says that we have done the patching of newly released patches, including Microsoft and third-party patches, in up to 80% of the computers, within 72 hours of the release of the production. That was a very massive benefit that we have seen. When I talk about the 80% endpoints, it is 100 or 200. I am talking about 25,000 endpoints."
"We had Norton Antivirus before, and with Norton, we didn't have a way to centrally manage a lot of features. Defender allowed us to deploy it from our Office 365 admin console. That is probably the biggest thing that made us go with Defender."
"We have liked the fact that it comes with Microsoft Windows 10 and it is constantly updated with all new virus definitions. It is also updated with new security features on a regular basis."
"A few years ago, when I was using a different product, I was affected by a virus that destroyed everything. Since using Microsoft Defender, I have not had this kind of problem."
"The most valuable features of Microsoft Defender for Endpoint are the ease of use and it was available within the operating system."
"File protection is the most valuable feature. Antivirus security on the Level OS, Microsoft Defender, and Microsoft Guard for 2019."
"This software is easy to use."
"The primary advantage is that you don't need to install it. It's included in the Windows 10 delivery."
"The solution has an easy-to-use interface, is always updated, and is user-friendly."
"The solution is not stable."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Making the portal mobile friendly would be helpful when I am out of office."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The solution should address emerging threats like SQL injection."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The SIEM could be improved."
"I would like to see improvements in the Web UI program and also a BigFix console for Mac OS."
"I would like to see a web UI SDK so we could take what is provided currently and be able to build our own customized web UI for particular customers that want to sell service."
"The solution’s pricing could be improved."
"I would like to see the Self Service section made more user-friendly."
"The product lacks AI, ML, and IIT."
"Needs to improve Network Access Protection (NAP) technologies to prevent computers with vulnerabilities from gaining access to networks."
"Sometimes there is a lag time for our users."
"I would request them to build a robots, or an easier way for integration with the other tools, like ITSM tools."
"If they integrate with the EDR then it will benefit this solution."
"The profiling method currently in use is not very user-friendly and has ample scope for improvement."
"They're in the process of pulling more things together. They can continue with the integrations and provide a better way of seeing the impact of security changes, especially on the endpoint side. Before we actually flip the switch, we should be able to see the impact of security changes on the business or business applications. It would prevent breaking any business applications."
"Integration with third-party vendors could be better. It would be better if it integrates with other protection solutions or other products outside of Microsoft. Nowadays, anti-virus protection doesn't really have to be planned as overall protection for your environment in terms of security. There are really different avenues that bad actors can take to wreak havoc on your machine."
"My main issue with the tool is that there are too many menus. This causes a steep learning curve for those without training or unfamiliar with Defender for Endpoint. From an end-user perspective, the solution is there on the machine and does its job; it works seamlessly. However, as a security professional dealing with it behind the scenes, the learning curve can be steep, but not too steep. Still, it has taken some of my analysts up to a month to get familiar with the product."
"A challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy."
"I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great."
"I would just like them to have more consistency, and that's a comment that's across the board with Microsoft. They change things a lot."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
BigFix is ranked 14th in Endpoint Protection Platform (EPP) with 91 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. BigFix is rated 8.6, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of BigFix writes "Very stable and easy to deploy with excellent patch compliance". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". BigFix is most compared with Microsoft Intune, Microsoft Configuration Manager, Microsoft Windows Server Update Services, Tanium and CrowdStrike Falcon, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Fortinet FortiClient. See our BigFix vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.