FortiEDR could enhance cloud environment creation. My experience shows that managing FortiEDR through cloud platforms, unlike SaaS solutions, could be streamlined, especially when integrated with FortiGate firewalls.

Another area of improvement is the support. The response time could be faster. 

Our problem with the EDR platform is that another company manages it. We don't manage it. We give them the infrastructure, and they give us the information in return as a service. Once, we had an event that was locked and blocked, but information about it came to us two or three days later. That isn't the way it should be. We see blocked functions and events but don't get information about them. You ask why something doesn't work before checking and seeing that EDR has blocked an event, but why is it blocked? This information is not accessible by our company as we are customers. We want a solution that works in our network and only in our network. We have to have all the information, such as what happened, when it happened, and why it happened, and that information should be provided at the moment, not two days later.

The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices. 

The stability could be better.

The scalability could be improved a bit.

We find the solution to be a bit expensive. 

In terms of what could be improved, I would say everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation.

A classic example of that would be products like FortiMail where you're basically acting as a mail relay. So say you're on a support call and I'm sending you a mail with document that you expect to come to you immediately, or within 30 - 60 seconds, could take up to 45 minutes because of the load on the cloud services. This can result in trouble tickets and other customer side issue.

In the next release I would like to see more investment in their cloud services. Additionally, they definitely need better integration into their FortiSIEM and FortiSOAR solutions.

They should continue to improve that and possibly include a managed threat hunting feature, an MDR solution.

There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors. Delays in resolving integration challenges can impact project timelines and collaboration efforts, as experienced during our partnership with a fintech company. While the EDR's mitigation and tracking capabilities are commendable, there are concerns regarding vulnerability detection and database updates. In comparison to Trend Micro, our EDR solution seems to lag in addressing new vulnerabilities, necessitating workaround strategies to minimize risks. Therefore, enhancing real-time vulnerability detection capabilities is essential to maintain competitiveness and ensure user security.

The only minor concern is occasional interference with desired programs, although it's a necessary trade-off. Otherwise, I have no suggestions for improvement.

Another area of improvement is support. It could be faster. 

In future releases, maybe some extra features could be added to make it better, and maybe the events and history could be made a little bit clearer.

Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR.

FortiEDR can be improved by providing more detailed reporting.

We'd like to see more one-to-one product presentations for the distribution channels. You must know the technical issues and technical possibilities of this solution very well. It would be nice to have some sort of help to explain the potential of the product.

I would like to improve the integration process because a big selling point was the ease of integration within the Fortinet ecosystem. I would expect more built-in collaboration to allow for easier threat mitigation across Fortinet systems.

The strength of FortiEDR lies in its overall ability to protect us from new threats. We have encountered issues with it as well.

We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team. I would like to see improved heuristics so the system better understands what's legitimate and doesn't keep blocking it after minor updates.

The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location.

The dashboard isn't easy to access and manage. The SSA management should be improved. In addition, they should enhance the deployment in the next release.

Right now, my company focuses on the on-premises version of the product since the cloud competencies offered by the tool are comparatively a bit less. I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers.

ZTNA can improve latency. I believe that a lot of the focus is on SD-WAN.

The SIEM could be improved. I would have liked to see that you could access the same SIEM or Fortinet EDR dashboard from the same login, but I heard that they were different, which was a bit of a letdown.

They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller.

To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced.

I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components. 

FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things. 

If I'm scanning assets from the backend, I should be able to tell from my end if any malicious files were installed onto the server. It may be any server like Windows Server or the operating system for an endpoint laptop or desktop. 

I haven't seen the use of AI in the solution. In the future, I am interested to see the use of AI in Fortinet FortiEDR.

I've never tried the solution in mixed environments. I'm not sure if it would work well in an environment with Palo Alto or Cisco.

The support needs improvement. 

It is not a good product for smaller organizations or organizations under 500 endpoints. 

Having a fully integrated team would be nice. Recently, we had to use a third-party team. 

We'd like to be able to put this on our mobile devices and make secure connections to our network. It would be great if we could bring this product in a single MDM application for mobiles, Androids, and for IOSs. It's complicated to administer so I'd like one application for all these things. 

Fortinet FortiEDR should include some of the new features and better pricing. The solution should address emerging threats like SQL injection. It would be good if the solution detects ransomware files.

When the Fortinet FortiEDR is enabled sometimes our applications stop. The solution causes our applications to crash. There is room for better integration to prevent stability.

The exception handling for the on-prem version has a cap compared to the cloud version and can be improved.

We've encountered challenges during API deployment, occasionally resulting in unstable environments. Deployment can be a bit tricky at times. In terms of pricing, EDR tends to be more costly than FortiClient. In some cases, we opt for FortiClient because clients may not have the resources or time to invest in EDR.

The engineering team continues to add useful features, like the ability to search for files and hashes across the environment. At the moment, I am very happy with the product. Not a deal killer, but making the portal mobile friendly would be helpful when I am out of office.

Comparatively, it works fine, but the amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions. The ability to make certain changes or investigate is also limited.

Also, the investigation and the details, which I would get when I'm looking into it, and the ways I could configure or white list or black list a few things are also limited. It is not up to an extent where it can give me granular options to do that.

Clients want to be in a hybrid mix and match mode. The security needs to be relevant in that way as well. It has to be online, on the cloud and on-premises. This is the customer's mindset. They don't want to go for user applications on the cloud. They think it will fail and the data will be inaccessible. They don't want to go to the cloud platform. The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud. 

Detections could definitely be improved. It's still detecting some things that it shouldn't be like Microsoft Intune and 365 devices as well.

I'd like to see an improvement in the reporting. There are currently no reporting capabilities so I would definitely want to see that.