Fortinet FortiSandbox and Microsoft Defender for Endpoint compete in the cybersecurity category, focusing on threat detection and endpoint security solutions. Microsoft Defender seems to have the upper hand due to its seamless integration with the widespread Microsoft ecosystem, offering deep visibility and comprehensive protection features.
Features: Fortinet FortiSandbox is known for robust threat detection capabilities, especially zero-day attack detection. It integrates well with its ecosystem, such as FortiGate and FortiMail, and offers manual scan features with customizable options for a tailored sandboxing environment. Microsoft Defender for Endpoint provides comprehensive protection with built-in real-time protection. It integrates seamlessly into the Microsoft ecosystem, covering threat detection and response with deep operational visibility for a unified security solution.
Room for Improvement: Fortinet FortiSandbox faces challenges with complex integration outside of Fortinet products and needs better support for broader virtual environments. Users demand access to more machine learning and enterprise-friendly features. Microsoft Defender for Endpoint users report issues with false positives, seek a more intuitive user interface, and express a need for enhanced third-party integrations. Improved threat intelligence and reduced resource consumption are also areas for enhancement.
Ease of Deployment and Customer Service: Fortinet FortiSandbox is usually deployed on-premises with mixed reviews about its technical support; some users experience quick resolutions, while others face delays. Microsoft Defender for Endpoint is deployed across on-premises and cloud environments, praised for its integration with Microsoft's ecosystem. However, less tech-savvy users may require more support, which can sometimes be inefficient.
Pricing and ROI: Fortinet FortiSandbox is a substantial investment, appreciated for its zero-day threat detection that enhances ROI through improved protection. Its competitive pricing is noted, but multiple licenses may complicate cost management. Microsoft Defender for Endpoint is often seen as cost-effective, as it is embedded in the Microsoft ecosystem, offering comprehensive security without additional purchases for existing users. Although its bundle is generally deemed cost-efficient, pricing can be complex when scaling or integrating additional features, with broader licensing agreements aiding cost management.
Without detection and protection measures, organizations would face substantial payments and reputational damage, including the necessity to inform customers about data breaches, potentially leading to loss of business.
We have seen a return on investment when using Microsoft Defender for Endpoint, as it saves labor by reducing the need for staff to focus on it.
The biggest return on investment for me when using Microsoft Defender for Endpoint is the time saving.
Sometimes the technical engineer is very good and helpful, and sometimes we go through many processes until it gets escalated to a higher level or to another advanced technical engineer.
The Microsoft agent, who did not actually work for Microsoft, is one of the vendors that Microsoft uses for support, said, 'Just to set expectations, my lunch break is in an hour and I am going to go away then.'
The level-one support seems disconnected from subject matter experts.
I rate Microsoft support 10 out of 10.
We managed to scale it out in a short amount of time, with two months of planning and three months of implementation on 10,000 computers.
Microsoft Defender for Endpoint is scalable enough to handle various devices across environments, whether they are laptops, Android devices, or operating in hybrid environments.
Compatibility is its main feature.
Fortinet FortiSandbox works fine, is easy to manage, and functions well.
I haven't seen any outages with Microsoft.
I rate Defender 10 out of 10 for stability.
Defender for Endpoint is extremely stable.
I think Fortinet FortiSandbox could introduce more automation tools and AI tools.
Repeated interactions are necessary due to Level One's lack of tools and knowledge, hindering efficient problem-solving and negatively impacting our experience with Microsoft support.
In contrast, competing products offer reduced pricing for long-term commitments, which makes it difficult for us in that environment.
We use Microsoft partners to help govern the platform, and as part of an alliance, we want to gather data from each tenant and combine them for a complete view.
The cost is in the mid-range.
That has been the trend we have seen with Microsoft lately—it is just getting more and more expensive.
Given our extensive Microsoft licensing, transitioning to Defender for Endpoint did not affect licensing costs.
It costs $15 per VM for the P2 plan, which is seen as affordable for customers.
The smooth integrations between Fortinet FortiSandbox and other Fortinet solutions such as FortiWeb and FortiFirewall and with other Fortinet environments are what I really appreciate.
Defender for Endpoint's coverage across different platforms in our environment is pretty good. We have devices running Linux, Mac OS, Windows, iOS, and Android. It covers all of them.
Microsoft Defender for Endpoint provides a unified management interface allowing customers to manage their on-premises and hybrid infrastructures from a single pane.
One of the best features of Microsoft Defender for Endpoint is its database for identifying zero-day attacks or malware attacks.
| Product | Market Share (%) |
|---|---|
| Microsoft Defender for Endpoint | 5.7% |
| Fortinet FortiSandbox | 5.2% |
| Other | 89.1% |
| Company Size | Count |
|---|---|
| Small Business | 15 |
| Midsize Enterprise | 13 |
| Large Enterprise | 9 |
| Company Size | Count |
|---|---|
| Small Business | 80 |
| Midsize Enterprise | 40 |
| Large Enterprise | 92 |
Fortinet FortiSandbox is a behavior-based threat detection solution that prevents and detects malicious code in files transferred within the organization. It is integrated with FortiGate firewalls and FortiMail for threat protection and can be used for monitoring and reporting. The solution inspects files in a virtual environment with different types of virtual machines and can block or quarantine files based on their score.
The most valuable features include dynamic behavior analysis, manual scan features, easy management and configuration, fast scanning, scalability, customization, and ICAP protocol. The solution is cost-effective and faster than other sandbox solutions, with a good user interface.
Microsoft Defender for Endpoint is a comprehensive security solution that provides advanced threat protection for organizations. It offers real-time protection against various types of cyber threats, including malware, viruses, ransomware, and phishing attacks.
With its powerful machine-learning capabilities, it can detect and block sophisticated attacks before they can cause any harm. The solution also includes endpoint detection and response (EDR) capabilities, allowing organizations to quickly investigate and respond to security incidents. It provides detailed insights into the attack timeline, enabling security teams to understand the scope and impact of an incident.
Microsoft Defender for Endpoint also offers proactive threat hunting, allowing organizations to proactively search for and identify potential threats within their network. It integrates seamlessly with other Microsoft security solutions, such as Microsoft Defender XDR, to provide a unified and holistic security approach. With its centralized management console, organizations can easily deploy, configure, and monitor the security solution across their entire network.
Microsoft Defender for Endpoint is a robust and scalable security solution that helps organizations protect their endpoints and data from evolving cyber threats.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
