We performed a comparison between BigFix and Tanium based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison results: Based on the parameters we compared, BigFix comes out ahead of Tanium. While both solutions offer valuable endpoint protection, Tanium’s challenging scalability, high price, as well as its large number of false positives leave room for improvement.
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The setup is pretty simple."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"NGAV and EDR features are outstanding."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Before we had BigFix, we had problems with some malware. BigFix allows us to immediately patch all instances of endpoints that were vulnerable to antivirus and initiate scans. That's key."
"BigFix can manage lost devices, so you can wipe them remotely to ensure the IP doesn't get out in public. Unified endpoint security is a new perspective. I know that HCL is also collaborating with IBM, but I'm not sure if there is any cooperation between them and MaaS360 or other endpoint components."
"It's easy to use, not complicated."
"DOWNLOADING-PATCHES; It has also helped to reduce network traffic when it comes to downloading patches. By only having to download the patch once to the central location and then utilizing the relay structure to then download the patch to a specific site and then everything gathering at local, it greatly reduces the bandwidth of multiple endpoints."
"Patch management, because it very much improved the patch compliance and has the capability to manage Windows and non-Windows clients."
"The older version of the tools that I use also included the connectivity aspect, and the fact that the tool now has it separate from the collection of usage data makes the deployment of these tools much easier."
"Being able to intelligently create reports, gather data, export CSVs and give that to the leadership of some of the client groups that my team supports has helped my organization."
"It is for multiple use cases. A lot of people are looking at it just for security, and that's really endpoint security. The endpoint management part of it in terms of being able to constantly do patching for Windows, Unix, macOS, Cloud, Raspberry, VMware, and all Linux flavors is important, and they are very good at that. They have support for virtually every OS on the market."
"The product is granular and can build complex roles compared to other EDR vendors."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"The interrogation piece was the most valuable feature because it was very detailed."
"Tanium’s linear-chain architecture is valuable."
"Threat hunting is a very good feature on Tanium. We have just started using it and have not used it extensively."
"I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in parallel."
"The security features are very valuable."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The SIEM could be improved."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The solution should address emerging threats like SQL injection."
"Cannot be used on mobile devices with a secure connection."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The dashboard isn't easy to access and manage."
"I'd like to see better integration, with the different applications within BigFix. Instead of sometimes feeling like four or five different applications, they need to be integrated a little better within themselves."
"Relay selection and availability needs improvement as an incorrect relay selected can cause network chokes."
"We need a much better multi-tenant option."
"The reporting structure could be a little more simplistic. Currently, it throws too many vulnerabilities. Some of them are not needed because they are only informational and limitations, and they are not of much help. It doesn't need to show us these things."
"I want to see a solution for being able to deploy automated software to a Mac running OS X 10.13, something that's going to deal with kernel exceptions and answering prompts for user permissions for data folders and whatnot. They need to really streamline and automate the Mac software deployment."
"I would like to see improvements in the Web UI program and also a BigFix console for Mac OS."
"The only thing that I don't like about BigFix is that it does not support other devices such as printer firmware, router firmware, and things like that. I will be happy if I can control everything and get everything else in there, even if it is just a line item. They can do some enhancements to the Web UI. I am trying to get customers to be able to manage their environment by using Web UI, and it would be good if we can delete endpoints by using Web UI. We should also be able to generate Excel content or data tables from the Web UI without having to go to the console. It is small stuff, and it drives me crazy that I have to go to another console to do these things."
"The new EDR (Endpoint Detection and Response) feature, Detect, is new and still needs a few updates."
"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"They could improve the UI."
"The solution lacks mobility."
"The solution can give a lot of false positives."
"The reporting could be improved."
"Most of the time, agent-relative issues have to be more equipped with self-healing features. At times, the agent is there, but for some reason, it doesn't report a status. It gives certain problems that are obviously agent-based."
"The most painful thing is the interface. It's a bit unclear sometimes."
BigFix is ranked 14th in Endpoint Protection Platform (EPP) with 91 reviews while Tanium is ranked 36th in Endpoint Protection Platform (EPP) with 15 reviews. BigFix is rated 8.6, while Tanium is rated 7.4. The top reviewer of BigFix writes "Very stable and easy to deploy with excellent patch compliance". On the other hand, the top reviewer of Tanium writes "Useful tool for vulnerability management and deploying applications, needing improvement in its OS upgrade". BigFix is most compared with Microsoft Intune, Microsoft Configuration Manager, Microsoft Windows Server Update Services, Red Hat Ansible Automation Platform and ManageEngine Patch Manager Plus, whereas Tanium is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Microsoft Configuration Manager, Qualys VMDR and Tenable Security Center. See our BigFix vs. Tanium report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.