I'm just looking for a few extra features, which are likely included in XDR and the other additional software services. Mainly the FortiEDR system. If I go through the computer status and look at the risk, it's a very basic assessment. 

Compared to Rapid7, which is a highly rated vulnerability scanner,  WatchGuard is more limited. Rapid7 can give me vulnerabilities like autorun being enabled and provide solutions to fix them. It can also reassess vulnerabilities. 

However, the EDR Core I'm using only gives me basic information, like "File full of fire and execution detection" as a high vulnerability. It doesn't tell me how to fix it, just that it's a risk. It's very minimal in terms of risk assessment. Rapid7 would say, "This software is outdated," or "You're using an older version of SQL." It's much more detailed, whereas EDR Core is more scaled-down and doesn't provide a full assessment.

So, I'd like a few extra features, especially around threat severity assessment.

The solution is a bit confusing and there are unusual complications with setup. 

The interface is not the best. I do not like it. The reports must also be improved.

The website must provide more information on the product. The tool must be promoted more.

One area of improvement is the deployment process; it is not intuitive.

The centralized administration and management, as well as the cloud-based interface, specifically the user interface (UI), menus, and module configurations. The administrative UI/UX could be significantly improved.

Compared to other solutions, I would say it's not a complete solution in certain settings. The centralized administration and XDR capabilities need improvement. One aspect that many firewall and network security manufacturers fail to understand or integrate well is the endpoint, XDR, or EDR solutions. For example, Cisco has its own endpoint solution, which is not very good, and other manufacturers like Check Point or Palo Alto have their own EDR solutions. The primary issue is that they haven't effectively integrated these solutions with other manufacturers to create a more comprehensive and cohesive offering. It's important to have a solution that integrates anti-malware and antivirus XDR features. In terms of mobile device management, that's a feature I haven't seen.

WatchGuard should offer more visibility into user activity. For example, we should have more details when WatchGuard denies a user access to a port. 

This product needs to be fully integrated with the firewall. Currently, it only sends logs to the cloud and asks the firewall to correlate them. If it were fully integrated with WatchGuard Firebox then it would make sense.

It can have a couple of false positives, but after you add them to your allow list, it works fine.

It could have better Mac support. I am pretty sure it doesn't have much support for Mac. It can be installed on a Mac, but it is not that good.

The ease of detecting where an issue is should be improved. It would be helpful if when an issue is detected, the system can send us an SMS message to our phones. This would allow us to immediately respond.

When it comes to live monitoring, the user interface could be improved to make things easier.

The solution isn't as efficient as a product like Palo Alto.

The pricing is expensive. Even compared to Palo Alto, it's quite costly.

Palo Alto provides more signature detections than this solution. WatchGuard TDR needs to be able to detect threats a bit better.

The reporting isn't so good. If they worked to improve this aspect of the solution, it would be much stronger.