We performed a comparison between BigFix and NetWitness XDR based on real PeerSpot user reviews.
Find out in this report how the two EPP (Endpoint Protection for Business) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The setup is pretty simple."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The product detects and blocks threats and is more proactive than firewalls."
"Before we had BigFix, we had problems with some malware. BigFix allows us to immediately patch all instances of endpoints that were vulnerable to antivirus and initiate scans. That's key."
"The most valuable point is when you deploy an application, you have to make sure that the application has been deployed to all computers and that is working perfectly. This solution works well at deployments."
"We are able to go from patching thousands of machines by twenty to thirty people to one person."
"It has plugins development options, which are great."
"BigFix has always been easier to use when managing servers, especially when you deal with so many servers. We have 7,000. That's a lot of services to manage, and it's convenient to patch them all at once."
"Servers are patched more consistently than they have been previously."
"It allows us to quickly deploy capabilities that we need, whether it be security or non-security. We use it to keep systems up to date, deploy new drivers, find the information we need in the case of security incidents. The capability allows us to gather a lot of information very quickly and it also allows us to have a centralized reporting feature and a centralized deployment capability which is nice."
"The most valuable aspect of BigFix is its ability to patch desktops. While we have complete control over servers and can easily push patches to them, desktops pose a greater risk for leaks and vulnerabilities if patches are not installed in a timely manner. By using BigFix, we have significantly improved our ability to patch desktops, whether they are laptops, desktops, or other mobile devices used by end-users."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"The interface of this solution is very flexible and easy to use."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"It is stable. We have been using it for some time, without any issues."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"The log correlation is good."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Making the portal mobile friendly would be helpful when I am out of office."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The SIEM could be improved."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The only minor concern is occasional interference with desired programs."
"The self-service application seems to need some work to replace the client UI. There are a lot of pop-ups if you use a baseline as the object that you're setting to a workstation. Unless you're using web UI, the message is not customizable in the user notification."
"I would like to see API connectivity, built-in API connectors to the standard toolsets, whether it's for your ServiceNow or your Qualys. More API connectivity to make it easier to integrate to other tools."
"The deployment has room for improvement and can be more streamlined."
"BigFix can improve the way machines report back to the console. In the external relay management environment, it has become more of a hybrid environment with most of the machines not being on-site. The need of having public-facing reporting items interconnected is becoming more and more crucial. In general, the reporting could use some enhancement."
"In order to derive maximum benefit from BigFix, it is essential that we configure all of its features and implement them effectively. If the automation could be improved we would be able to mitigate the risks associated with zero-day threats."
"The reporting structure could be a little more simplistic. Currently, it throws too many vulnerabilities. Some of them are not needed because they are only informational and limitations, and they are not of much help. It doesn't need to show us these things."
"Around the scalability concern, I would like to see the ability to run teamed, clustered, or hierarchical root servers, in order to provide a more robust, high availability system. The single monolithic root server model does somewhat bother me."
"Its pricing should be improved. It is too costly."
"Threat detection could be better."
"We would like to see the hunting and investigation features of this solution improved, in order to provide better visibility of issues."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The initial setup requires a high level of skill."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
BigFix is ranked 16th in EPP (Endpoint Protection for Business) with 91 reviews while NetWitness XDR is ranked 41st in EPP (Endpoint Protection for Business) with 15 reviews. BigFix is rated 8.6, while NetWitness XDR is rated 8.0. The top reviewer of BigFix writes "Very stable and easy to deploy with excellent patch compliance". On the other hand, the top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". BigFix is most compared with Microsoft Intune, Microsoft Configuration Manager, Microsoft Windows Server Update Services, Tanium and Red Hat Ansible Automation Platform, whereas NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, Microsoft Defender for Endpoint and SentinelOne Singularity Complete. See our BigFix vs. NetWitness XDR report.
See our list of best EPP (Endpoint Protection for Business) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.