What is our primary use case?
It is an advanced anti-malware solution. Our clients replace the existing traditional antivirus with this solution. We are an implementer. We sell this solution, and then I go and understand the existing environment to deploy it.
What is most valuable?
It is a major anti-malware solution. It can stop zero-day attacks and ransomware attacks. There are so many features in CrowdStrike.
It is lightweight on the endpoints. It doesn't have any scanning mechanism. It works on artificial intelligence, static analysis, and dynamic analysis. There is no signature available on this.
It is a pretty easy solution. It is cloud-based, so there is no driver maintenance or anything like that. You can go anywhere in the world. If you have internet, you'll get connected to the cloud and the policies that it contains. It is pretty simple.
What needs improvement?
Its support should be improved. The product is amazing, but the problem is that their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.
It should have more reporting. Reports are not that customizable. We need customizable reports for our customers, but they not there in CrowdStrike as well as SentinelOne.
For how long have I used the solution?
I have been providing this solution for three years.
What do I think about the stability of the solution?
It is a 100% reliable solution. We had some small glitches with it, but we were able to rectify those issues by tuning it.
What do I think about the scalability of the solution?
It is pretty good. We have four customers, and there are a total of 15,000 to 20,000 users.
One of our clients has been using this for over a year now, and they have acquired more companies. They will possibly buy more. They really like the product and are happy with the product.
How are customer service and technical support?
The first level of support is with us. If I'm not able to solve an issue, then I'll raise a case to Falcon with the help of the customer. I get guidance from the customer to raise the ticket about the issue and everything. As a partner or a vendor, we cannot raise a case for another customer.
Their support team is overconfident about the product. If something happens, they don't listen. They keep arguing with the customer.
Which solution did I use previously and why did I switch?
I have got experience with SentinelOne Vigilance. The major difference between SentinelOne Vigilance and CrowdStrike Falcon is the pricing. CrowdStrike is more expensive. Otherwise, both work in almost the same manner. They are cloud-based, and they are next-generation endpoints. They block cyber attacks.
How was the initial setup?
Its initial setup is straightforward. It is pretty simple. It is a very powerful product that doesn't take much time to be set up. Unlike traditional antivirus, you don't need to create a lot of policies and build up the server. I have a link, and I enable the license and download the agent. That's it. It is pretty fast.
The deployment duration depends on the environment and the number of clients. It could take from three days to one week depending upon the number of agents. In most cases, the customer will opt to deploy for 50 machines. A customer has around 6,000 endpoints, and I have also deployed for only 50. It depends upon the customer.
What about the implementation team?
We are a team of two. I and my colleague do the deployment.
It definitely needs upgrade, fine-tuning, and exclusions. No security product is 100% accurate, so we need fine-tuning. I am responsible for the maintenance for our clients. They have something called an Annual Maintenance Contract (AMC). Every quarter, I need to do a health check of their endpoints. After that, I send a report to them about the fine-tuning findings and the fine-tuning steps that need to be performed.
What was our ROI?
Our clients have definitely seen ROI. They were attacked with ransomware, but CrowdStrike blocked it. They reported to us, and we reported to CrowdStrike.
What's my experience with pricing, setup cost, and licensing?
CrowdStrike is more expensive than SentinelOne. Licensing works on the number of agents and the modules you buy. CrowdStrike has different modules, such as Falcon, Falcon Overwatch, Falcon Complete, etc. The pricing depends upon the module that the customer wants. They have different Incident Response (IR) teams, which are very expensive.
What other advice do I have?
We definitely need to move to the next-generation solutions because these days attacks are pretty intense, and the traditional antivirus solutions are not going to stop them. CrowdStrike gives a proper security block. It is a 100% protector.
There was a customer who was impacted by ransomware. We put SentinelOne over there, and we were able to catch the file that their antivirus couldn't. These solutions are 100% reliable and definitely good for any company that wants their enterprise to be protected on the endpoints.
I would rate CrowdStrike Falcon Complete an eight out of ten.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer