We performed a comparison between Microsoft Defender for Endpoint and WatchGuard Threat Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product detects and blocks threats and is more proactive than firewalls."
"The solution was relatively easy to deploy."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Fortinet is very user-friendly for customers."
"It is stable and scalable."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The setup is pretty simple."
"The patch management is very easy, as it can be done automatically or added to a schedule."
"Microsoft Defender for Endpoint is scalable. Currently, we have 600,000 users in our organization."
"The most important feature is the way it monitors the threats and blocks them. About 10 days ago, we were implementing SOC for a particular client. The SOC was not yet implemented, but they had Microsoft Defender. That organization was hit by some ransomware, but the hacker could not succeed. Because of the EDR, the hacker could not install the hacking tools. They were trying to do that, but Microsoft Defender completely blocked that. The hacker could log into the system, but they could not install anything."
"Real-time detection and cloud-based delivery of detections are highly efficient."
"One of the main features is the solution is very light on resources and we do not have any problems with it."
"The most valuable feature is that we can use the solution right out of the box without too much configuration."
"Technical support is good."
"Microsoft Defender for Endpoint is easy to load and it runs quietly in the background, unlike other solutions."
"The basic functionality is fantastic. It has been performing well. I generated a report on one machine, using that as the deployment machine. When scanning the network, it discovered machines on the network and deployed the same endpoint protection from that one machine I have on my network."
"The interface is very good."
"WatchGuard is very user-friendly. It provides us with all of the security services we need."
"When you download the executable file from the internet, it automatically sandboxes to make sure it's not doing anything incorrectly."
"I like WatchGuard's network segmentation features. It's easy to configure user policies."
"The protection that it provides from ransomware is valuable. The awareness that it has is also valuable. It didn't have a central console earlier, but now it has a central console, which is pretty good."
"The analytics are important because if there is an abnormality then it provides that information to us."
"The solution is very easy to use."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Cannot be used on mobile devices with a secure connection."
"The solution should address emerging threats like SQL injection."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"It takes about two business days for initial support, which is too slow in urgent situations."
"One thing that was lacking in Defender was web filtering. Its web filtering wasn't as comprehensive. Sophos was a little bit better than Defender for blocking URLs or installing programs."
"I think Microsoft needs to improve some of the security aspects of Defender. The email part, in particular, needs to be improved in terms of security effectiveness."
"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."
"They can improve it on the online protection front since people nowadays are moving online and working from home."
"The solution needs to improve its ransomware. It's not so good. It could also use some general performance optimization for the computers the solution operates on, to ensure it does not slow down the devices."
"Reporting could be improved. I would like to see how many security incidents occurred in the last six months, how many devices were highly exposed to security risks, and how many devices were actually compromised."
"I would like to see the next generation of the tool improved to work with other operating systems, like Linux."
"A challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy."
"The ease of detecting where an issue is should be improved."
"It can have a couple of false positives, but after you add them to your allow list, it works fine. It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good."
"I'd like a few extra features, especially around threat severity assessment."
"The website must provide more information on the product."
"The interface is not the best."
"WatchGuard should offer more visibility into user activity. For example, we should have more details when WatchGuard denies a user access to a port."
"The administrative UI/UX could be significantly improved."
"The solution is a bit confusing and there are unusual complications with setup."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
More WatchGuard Threat Detection and Response Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while WatchGuard Threat Detection and Response is ranked 27th in Endpoint Detection and Response (EDR) with 12 reviews. Microsoft Defender for Endpoint is rated 8.0, while WatchGuard Threat Detection and Response is rated 8.2. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of WatchGuard Threat Detection and Response writes "Offers deployment simplicity, especially for firewalls and firewall configuration and good documentation available ". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Fortinet FortiClient, whereas WatchGuard Threat Detection and Response is most compared with CrowdStrike Falcon, SentinelOne Singularity Complete, Darktrace, Bitdefender GravityZone EDR and Trellix Endpoint Security (ENS). See our Microsoft Defender for Endpoint vs. WatchGuard Threat Detection and Response report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
