We performed a comparison between CrowdStrike Falcon and Sangfor Endpoint Secure based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is stable and scalable."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The most valuable feature is the analysis, because of the beta structure."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Ability to get forensics details and also memory exfiltration."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The UI is simple and self-explanatory. Everything is easy to understand."
"It's given me a level of confidence that my network is secure."
"There's almost no maintenance required. It's very low if there's any at all."
"CrowdStrike Falcon's most valuable features are the lightweight agent which has absolutely zero performance issues. There is no performance deterioration on the laptop on the network. It is a signature-less antivirus and anti-malware solution, it doesn't depend on signatures which better protects the systems."
"Because it is security product and acts like an AIML smart product, not merely based on daily/weekly updates and signatures."
"The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting. Vulnerability assessment is another valuable feature."
"Their endpoint is pretty flawless. There is no lag on the machines at all. Even though I have a good overview of all the machines, that's pretty much the most valuable feature of CrowdStrike Falcon."
"Falcon's best feature is its detection and blocking of threats."
"What stands out to me is the dual-end user interface they provide."
"The most valuable feature I have found in the system is its comprehensive end-to-end protection."
"The product's initial setup phase was straightforward."
"The tool's most valuable features are control access, endpoint security, and load balancing of ISPs."
"Sangfor Endpoint Secure has some good policy certificates."
"The user-friendliness of Sangfor Endpoint Secure is particularly impressive. Even with basic technical knowledge, users can easily navigate the system, make changes, and implement updates."
"We use the product for network protection from any malicious threat."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The SIEM could be improved."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"They need to strengthen the forensic capabilities of this product, for e-discovery."
"If we have a dashboard capability to uninstall agents, I think that would be great."
"There are some aspects of the UI that could use some improvement, e.g., working in groups. I build a group, then I have to manually assign prevention policies, update policies, etc., but there is no function to copy that group. So, if I wanted to make a subgroup for troubleshooting or divide workstations into groups of laptops and desktops, then I have to manually build a brand new group. I can't just copy a build from one to another. Additionally, in order to do any work within a group, I have to first do the work on the respective prevention policy page or individual policy page, then remove the group if the group is assigned to a different prevention policy, remove the prevention policy, and then add the new one in. So, it can get a little hectic. It would be easier if I could add and remove things from the group page rather than having to go into the policy pages to do it."
"I would like them to improve the correlation of data in the search algorithms. When we run an investigation, malware, phishing, etc., I want to look at multiple endpoints at once to correlate that data to see the likenesses, e.g., how are they not alike or what systems and processes are running across those systems? I don't want to have to run the same search in their Spotlight module five, 10, 15, or 100 times to get 100 different results, copy that data out, and then correlate it on my own. In a very simple way, I want to be able to load up a comma-delimited list giving me the spotlight data on these X amount of hosts, letting me search for it quickly. We have had to go back to CrowdStrike, and say, "Our search are taking far too long for even one host." They did bump up the cores and that did improve performance, but it is still kind of slow to get that Spotlight data. That is probably our biggest pain point. I think that needs some help. I understand this kind of information access is probably not the easiest thing to do. It is probably a big ask depending on how their back-end is setup."
"CrowdStrike should add support for ransomware protection."
"We sometimes get false positives."
"Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."
"There is room for improvement in managing multiple customer IDs."
"There are a few areas for improvement. We have encountered licensing issues on occasion, and sometimes updates don't apply properly."
"Sometimes, the VPN is not secure and doesn't work properly in Sangfor Endpoint Secure."
"It is complicated to establish a tunnel due to technical issues in the VPN system."
"It would be much more convenient if the migration tool could be installed directly on the customer's VMs, enabling a smoother migration process to the new infrastructure, with potential restrictions addressed accordingly."
"Currently, the tool lacks reporting functionalities."
"Sangfor Endpoint Secure performs poorly."
"I believe Sangfor Endpoint Secure could improve in terms of its user interface and management capabilities."
CrowdStrike Falcon is ranked 3rd in Endpoint Detection and Response (EDR) with 105 reviews while Sangfor Endpoint Secure is ranked 30th in Endpoint Detection and Response (EDR) with 7 reviews. CrowdStrike Falcon is rated 8.8, while Sangfor Endpoint Secure is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Sangfor Endpoint Secure writes "Provides a unified and multi-layer security solution". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Sangfor Endpoint Secure is most compared with Kaspersky Endpoint Detection and Response, SentinelOne Singularity Complete, Open EDR, Bitdefender GravityZone EDR and Trend Micro Apex One. See our CrowdStrike Falcon vs. Sangfor Endpoint Secure report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
