Mark BonnamyTechnical Director at Ridgewall Ltd
Anonymous UserSecurity Analyst at a tech services company
Mike ParsonsSenior CyberSecurity Architect and Mentor at BlueTeamAssess LLC
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable features of this solution are the IPS and the integration with ISE."
"The simplicity of use is its most valuable feature. You can very clearly see things."
"The stability of the solution is perfect. I believe it's the most stable solution on the market right now."
"I am really satisfied with the technical support."
"It is a very stable program."
"The solution's integration capabilities are excellent. It's one of the best features."
"It doesn't impact the devices. It is an agent-based solution, and we see no performance knock on cell phones. That was a big thing for us, especially in the mobile world. We don't see battery degradation like you do with other solutions which really drain the battery, as they're constantly doing things. That can shorten the useful life of a device."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Ability to get forensics details and also memory exfiltration."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client."
"It is a practically maintenance free intelligent system that independently protects environments from malicious attacks."
"All of the features are very important for anyone who is supporting a large number of computers."
"After that, the client switched to Sophos to get the protection they lacked. It either works or it doesn’t and Sophos works."
"The most valuable features are the range and restriction."
"The forensics within the solution are quite good. The ransomware mitigation is also impressive."
"There are products that are technically stronger. However, this product has everything in one solution, which makes it a strong endpoint option."
"It is not just a simple virus scanning product. It handles more advanced needs."
"In the next version of this solution, I would like to see the addition of local authentication."
"The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device."
"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"The reporting and analytics areas of the solution need to be improved."
"I would like more seamless integration."
"The technical support is very slow."
"I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Detections could be improved."
"The SIEM could be improved."
"The initial setup was not very user-friendly."
"The product defends very well on its own but could possibly use enhancement in giving users more controls."
"The price of this solution can be improved."
"They might want to offer an MSP model for licensing, to offer the solution as a software as a service."
"To be a perfect product, the price would have to be a bit better."
"The ADR functionalities feel like they aren't mature enough. It hasn't been a long time since Sophos has offered reproduction. Due to the fact that it's so young, it has fewer functionalities than other and more mature ADR solutions."
"This product does not handle USB drives well."
"The pricing could be a bit lower to match the normal retail pricing."
"The costs of 50 licenses of AMP for three years is around $9,360."
"The price is very good."
"The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost."
"Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc."
"In our case, it is a straightforward annual payment through our Enterprise Agreement."
"Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection."
"There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization."
"The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."
"There are no issues with the pricing."
"The price is pretty good."
"When you start going to the EDR technologies and the MTR, it is a little bit expensive. It's a very good technology, and obviously, you're going to pay for it, but the pricing could do a little bit of work."
"We were able to eliminate the ransomware using the one-month, full-featured trial license."
"Licensing is based on the number of users. They give a discount for editors who are considered as important members. From what I know, Sophos products are not expensive. If you have a license extension, you just need to contact the editor or partner to change the mode of licensing or extend the license to cover more people."
"Intercept X for endpoints is around $35 per user per year. The server version is $95 per server per year."
"I find the pricing to be a little bit expensive, although it is acceptable, for now."
"The price of this product should be reduced because it is a little high."
"The pricing is average for software like this, but you can purchase additional services if you wish."
Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.
Advanced attacks can take just minutes, if not seconds, to compromise the endpoints. First-generation endpoint detection and response (EDR) tools simply cannot keep pace. They require manual triage and responses that are not only too slow for fast moving threats but they also generate a huge volume of indicators that burden already overstretched security teams. Further, legacy EDR tools drive up the cost of security operations and can slow processes, negatively impacting business.
FortiEDR delivers advanced, real-time threat protection for endpoints both pre- and post-infection. It proactively reduces the attack surface, prevents malware infection, detects and defuses potential threats in real time, and can automate response and remediation procedures with customizable playbooks. FortiEDR helps organizations stop breaches in real-time automatically and efficiently, without overwhelming security teams with a slew of false alarms or disrupting business operations.
Sophos Intercept X stops the widest range of attacks with a unique combination of deep learning malware detection, exploit prevention, anti-ransomware, and more.
Fortinet FortiEDR is ranked 11th in Endpoint Detection and Response (EDR) with 4 reviews while Sophos Intercept X is ranked 6th in Endpoint Detection and Response (EDR) with 45 reviews. Fortinet FortiEDR is rated 8.2, while Sophos Intercept X is rated 8.6. The top reviewer of Fortinet FortiEDR writes "Straightforward, easy to maintain, and works as per our expectations". On the other hand, the top reviewer of Sophos Intercept X writes "Great reporting and good training with a pretty straightforward setup". Fortinet FortiEDR is most compared with Fortinet FortiClient, SentinelOne, CrowdStrike Falcon, Microsoft Defender for Endpoint and Webroot Business Endpoint Protection, whereas Sophos Intercept X is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security, Carbon Black CB Defense and Fortinet FortiClient. See our Fortinet FortiEDR vs. Sophos Intercept X report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.