Fidelis Elevate Reviews

I am part of a team of analysts using Fidelis Elevate in a banking environment. As an analyst, my responsibilities include creating rules for various issues and responding to incidents or calls.

It ensures the stability of network behavior across various aspects of our network and offers responsive capabilities to address incidents promptly.

One advantage is that we can respond using various tools and scripts. There are numerous features available to identify and address incidents, including those on Windows and other platforms.

The initial aspect concerns two engines. The first one mentioned is available for searching behaviors directly. The second engine involves the Google Ade tool, which operates on the machine. The challenge arises when attempting to rectify protection rules, causing confusion. It would be beneficial to enhance Rigixs Query. I encounter difficulty removing certain entries in behavior or alerts; likewise, I am unable to add specific calls.

I have been using it for approximately six months.

I would rate its stability capabilities nine out of ten.

I would rate the scalability seven out of ten.

I am highly satisfied with the support; they are incredibly helpful. I would rate it ten out of ten.

Positive

The initial setup is straightforward.

The deployment time varies depending on the customer; the process may extend beyond the initially estimated timeframe, but typically it takes two months. I along with my colleague, have deployed it, assisted by the Fidelis agent.

We have observed a return on investment in terms of time savings, amounting to five hours per day.

I used to work with BitDefender in a different company.

I would recommend it. Overall, I would rate it eight out of ten.

My customers use it for similar things as their endpoint solution but with a network focus. Analysts rely on it for endpoint threat response, managing endpoints remotely with CMDA and live connections, and network detection and response (NDR). 

It allows the user to integrate data from various NDR and network security vendors for a unified view.

There are many valuable features. The NDR gives very good network visibility, and the endpoint module has a great feature called "Live Connect" for remote connections. They also have "Tasks" that can be run on endpoints to gather specific information or retrieve logs. 

This makes it a powerful EDR tool for remote incident response and forensics, gathering data beyond what the endpoint agent already collects. 

Additionally, network-based anomaly detection helps reduce false positives on the endpoint side, making it a valuable decision-making tool.

There is room for improvement in email security. It's a security issue. If you're aiming for XDR, covering the entire threat landscape is crucial. Email is a huge attack vector, and while they have a mailbox module, it's not as strong as the other server modules.

So, email security needs to be more robust.

I have been using this solution since 2013.  For the network, we use version 9.6.2. It's very stable and reliable.

Sometimes, the solution has updates that create minor issues, but it's very rare. I'd rate the stability an eight out of ten. My overall impression is good. 

You just need to increase the resources and license accordingly. So, I would rate the scalability a nine out of ten. 

It's good, it's easy, it's flexible. So, just increasing resources gives you the scalability you need, both up and down. 

We have around 15 customers in Jordan using this solution. We have small, medium, and even enterprise customers using it.

The support is very good. I have almost daily interactions with them for support, and they have a direct connection with us. They can log in remotely or send us solutions over email, so they're very good.

So they maintain stable communication.

Positive

It's very easy to set up. I would rate my experience with the initial setup a ten out of ten, where one is difficult, and ten is easy. 

It's straightforward. You can install the entire product in two hours at most.

Everything's easy, especially if you have the right network connections like connections and switches. Setting those up might take some time, but once it's done, installing all the modules within two hours is achievable.

You need to install the endpoint and network VMs, which total four VMs: Collector, Command Center, Decision Engine, and sensors. You can install one or more sensors and then combine them to integrate all the products together. That takes about ten minutes.

It's somehow expensive. From one to ten, I would rate it a five.  They need to improve the prices. It's very high. We lose customers for price. It's not always worth it for them.

Even for enterprise businesses. It's somehow higher than other products. It's a good product, stable, and with good support. But customers look for both price and technical features. It's just too high compared to other options. It can really scare people off.

All the products use subscription licensing, so it's mostly the same. But you have to pay the same high price every year, which is a problem.

It's a good product, but planning resources is crucial. When implementing, ensure you have the right resources on your physical servers or VMs to get the most out of its features.

Overall, I would rate the solution a nine out of ten. 

My company uses Fidelis Endpoint as an EDR solution to monitor all the behaviors from our clients' end to help us prevent fileless attacks and to have the evidence to back up how we prevented the fileless attacks.

The most valuable feature of the solution is past queries about the events.

Fidelis Endpoint is an expensive product making it one of its shortcomings that needs improvement.

I have been using Fidelis Endpoint for three to four years. I use the solution's latest version.

Stability-wise, I rate the solution a nine out of ten. Fidelis Endpoint is an agent-based solution, so sometimes you have issues with agents not installing the tool properly.

Scalability-wise, I rate the solution an eight out of ten since it takes up a lot of our resources to set it up.

Considering my company's cases, Fidelis Endpoint has 4000 users currently.

The solution is extensively used in my company.

My company has used the solution's technical support. The solution's technical support is perfect, so I rate the technical support a ten out of ten.

Positive

We have an antivirus tool from Trend Micro apart from Fidelis Endpoint in our company. We chose Fidelis Endpoint for our company since compared to Trend Micro we were using, it was much faster, had a more responsive UI, and it was easier to get our staff on board to use the solution.

The initial setup of Fidelis Endpoint is complex.

The installation process of the solution took over a week.

The deployment process can be carried out by initially deploying the solution at a small scale and gradually increasing its capacity. It is better to start with a small amount of uses initially.

The solution is deployed on-premises.

Two engineers are required for the deployment and maintenance of the solution.

The product's installation process was carried out with the help of an integrator.

I have seen a return on investment with the use of Fidelis Endpoint, so I rate the product's return on investment a nine out of ten.

Fidelis Endpoint is an expensive product. My company makes yearly payments toward the licensing cost of the solution.

Fidelis Endpoint is an overall good product.

I recommend the product's potential users conduct a pilot project to test the product. A pilot testing phase can ensure that the hardware strictly follows the recommended specifications since it is not good to cut corners when it comes to hardware, as Fidelis Endpoint is a resource-intensive product.

I rate the overall product a ten out of ten.

We like this solution for some reasons and we don't like it for other reasons. We don't like it because it's new and it has a lot of issues detection-wise; however, they are growing and they are fixing this issue. 

The detection is determined by the analyst. The analyst has to do the detection. It's not similar to FireEye Mandiant, which has pre-set detection. Still, Fidelis Elevate is improving. As of now, they are creating a lot of detection rules and tools for detecting malicious activity.

Configuration, in terms of building the collector and communicating with endpoints, is complex. There is a lot of backend software that needs to be installed on all of the hardware as well.

We have been using this solution for one year. 

I think it's quite stable — we haven't experienced that many issues. Recently, we had some issues, but they fixed them immediately. Still, I'd say it's quite stable, overall. 

Compared to similar solutions, it's quite scalable. You just need to add more storage to scale-up.

The technical support is very helpful.

The initial setup is complex — the backend is complex. You have to build multiple layers. For example, they have something called a "bridge" and something called a "collector". You have to connect all of these together in order to set up the solution properly. Overall, deployment took a couple of weeks. 

Overall, as someone who has three years of experience with this solution, on a scale from one to ten, I would give Fidelis Elevate a rating of seven. I would not recommend this solution to others. Although we're currently using it, we're looking to replace it with another solution. 

We have a lab in our company and we are service providers. 

The primary use case of this solution is for endpoint detection and response, EDR.

What I like the most about this solution is the complexity. It covers a lot of areas, unlike other solutions.

Also, I like the endpoint script execution.

One of the components of Fidelis is on the Windows Server. All the other components are on Linux. I would like to remove the Windows Server.

I have had many conversations with Fidelis representatives. A lot of time is being spent with them.

The reports in the endpoint area of Elevate can be improved.

I have been using this solution for two years.

I have not experienced any issues with stability.

It's scalable.

Technical support is very good.

The initial setup is straightforward. It was an easy POC.

It took two days to deploy.

We have two engineers to maintain this product.

It's quite expensive but we can customize it to reduce the price.

I would recommend Fidelis to others.

I would rate this product a nine out of ten.

We use it as an EDR solution for our customers.

EDR is the most valuable part of the solution.

I think the EDR, in general, can be improved. They need to work on the live response and investigative features. They also need to make the antivirus stronger. It does not have a good antivirus if you compare it to Bitdefender. We position the solution as an antivirus, but this part of the solution needs improvement. 

They need to generally enhance the features that they have, rather than adding anything new.

I've been using the solution for six months.

The stability is very good, if I was rating it out of ten, I would give it an eight.

The solution is pretty scalable. You buy a lot of features, a known product, and you want it to run in any environment, and it does. So it's scalable enough.

Technical support is good. Out of ten, I'd give it a nine.

The initial setup is very straightforward. 

The deployment of the server doesn't take so long; about a day or two max. The engine to deployment depends on the customer environment. It varies from customer to customer.

Users must understand the product well and how to position it to the customer. Customers have a lot of misunderstanding about the solution. I would advise that you make sure that the customer understands the solution in order to be able to implement it right. 

I would rate it eight out of ten.

It is used as our primary in-line IDS/IPS system, replacing FireEye NX. It catches more, looks at more ports than Fireeye NX, and is a scalable appliance, unlike our NX which was saturated and shut itself down.

Increased our ability to stop malware before it hits workstations. That ability increased by 200% due to the number of ports it monitors, over the FireEye NX product.

It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM.

IPS and reporting. It catches more inline than the FireEye NX even looked at. It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies.

Reporting has been great and it is easy to do a quick search through 45 days of data for something of interest.

Update: The interface bug issue hasn't happened in last three months. This may be solved now, we hope. Support seems better.

There was a bug issue for more than a year, but seems resolved with last patch, last reboot occured over 3 months ago.

No issues with scalability. In fact, we’ve added a datacenter, purchased new gear, and scaled out two more units for the active/standby site to take over the load, should a DR be required.

Tech support is competent, usually responds within a few hours, can escalate anything urgent to technical account rep for immediate handling.

We used a different solution. We switched due to flexibility, expandability, and cost. Limitation in old hardware appliance would not scale without major costs.

A breeze. After rack and stack, devices were up and running base configurations within two hours. As with any IPS, tuning is required to stop false positives. This is no different, but the ease of use of the interface allowed my team to start making adjustments within a few hours. With the latest version this is even easier, given the new rating system. You can tweak your environment on the fly, as your ops look at alerts to lower thresholds, raise them, or reduce false positives.

we always use 1 of 2 partner implementer. I rate our partner a 9/10.

More visibility at the north-south network layer, automation of security event/incident handling.

Company came from government space. You license by the number of days of logs you need to maintain visibility for. Forty-five days is a good solid number for a company with around a 10k user base.

Tipping Point, Cisco

The product itself works fine, support is pretty good.