Fortinet FortiEDR Reviews

I utilize Fortinet FortiEDR for endpoint protection.

Our security posture improved since implementing Fortinet FortiEDR in terms of our overall setup, as we've experienced significant enhancements. We now have streamlined operations, better dashboards, and improved monitoring capabilities, consolidating multiple functions into a single solution. Previously, we were managing three separate vendors alongside support from our IT arm and outsourced assistance. With FortiEDR, everything is integrated under one dashboard, making our processes more efficient.

Fortinet FortiEDR effectively manages threat detection and response in our daily operations with great robustness. Previously, we had to rely on two separate Palo Alto devices for bandwidth management, both lacking real-time capabilities. Our search engine, detection engine, and database were also disjointed. However, with FortiEDR, we've achieved parity in functionality for both functions. Consequently, our bandwidth performance has seen a significant boost, providing users with a stable stream to work with.

The implementation of automation has had a significant impact on our team's workload. As we operate shared services centers across the APAC region, having this infrastructure in place has provided us with visibility across all three sites. This visibility, facilitated by automation, is particularly beneficial for higher management and decision-makers. It's a notable advancement for our operations.

FortiEDR has played a crucial role in mitigating the impact of breaches within our healthcare IT industry. Given the vast amount of data we handle and the real-time nature of data processing via APIs and centralized databases, FortiEDR has streamlined our operations. It allows us to process data at our own pace without encountering significant obstacles or requiring extensive workarounds. Essentially, it has provided us with a seamless transition between sandbox and production environments, making our workflow smoother and more efficient.

One of the most effective features of FortiEDR for our security requirements is its dashboard accessibility. Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance. This has significantly improved our response time, which is crucial given our primary focus on healthcare IT and the stringent regulations such as GDPR. The data we handle is highly sensitive, making robust agent-based active monitoring and protection, along with the mitigation setup, invaluable features that we truly appreciate.

There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors. Delays in resolving integration challenges can impact project timelines and collaboration efforts, as experienced during our partnership with a fintech company. While the EDR's mitigation and tracking capabilities are commendable, there are concerns regarding vulnerability detection and database updates. In comparison to Trend Micro, our EDR solution seems to lag in addressing new vulnerabilities, necessitating workaround strategies to minimize risks. Therefore, enhancing real-time vulnerability detection capabilities is essential to maintain competitiveness and ensure user security.

I have been using it for two years.

We transitioned all sites and infrastructure simultaneously without encountering any drawbacks. I would rate it nine out of ten.

Scalability-wise, we encountered no issues, except for integration challenges with other vendors. I would rate it eight out of ten.

I am extremely dissatisfied with the support and would like to see a faster response time. I would rate it four out of ten.

The initial setup was relatively straightforward. I would rate it eight out of ten.

The deployment across the entire APAC region, encompassing two countries and seven field SSEs, with approximately eighty-nine devices per region, involved a team of around two hundred specialists from various domains such as risk assessment, compliance, network, database, and others. In total, about two hundred ten users were working on the deployment, and the process was robust and straightforward.

The pricing is significantly high. The implementation of this solution required us to allocate additional funds beyond our initial budget. However, due to thorough testing and careful solutions, we are confident in its capabilities and scalability for the next three years. While the cost may have been high, we view it as a worthwhile investment due to Fortinet's reliability and long-term performance.

We didn't need to explore alternative products on the market, as we already had a partial setup in place.

The integration of Fortinet products significantly bolstered our security environment. Among the seven layers of integration implemented, two key integrations stand out. Firstly, integrating across several SSCs globally facilitated the aggregation of information into a single BI tool, notably Microsoft BI, streamlining reporting processes. While this integration was relatively straightforward, integrating with external vendors posed challenges due to diverse systems and solutions across the industry chain. However, with the assistance of specialized experts, these challenges were effectively addressed. 

In terms of my recommendation, I would certainly endorse its use. Overall, I would rate it eight out of ten.

It's a kind of virus defense that is looking to the future and not to the past.

The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors.

The solution is very secure compared to other vendors.

The only minor concern is occasional interference with desired programs, although it's a necessary trade-off. Otherwise, I have no suggestions for improvement.

Another area of improvement is support. It could be faster. 

In future releases, maybe some extra features could be added to make it better, and maybe the events and history could be made a little bit clearer.

We've been using it for four to five years now.

It is a stable solution. 

It is a scalable solution. There are around 6o end users using this solution. It is easy to scale. 

The customer service and support are quite okay. It could be better. 

Positive

I have used ESET. ESET is an old-style defense that has less problems with new programs, but it's not as secure as Fortinet.

We currently use both ESET and Fortinet. We have some places, especially for developers, that can't use FortiEDR because it's too restrictive.

Installation is straightforward.

The initial installation on the server side takes a bit of time, but if we consider the overall process, it could take about a week.

We require two people for deployment. The maintenance is easy. 

The pricing model is okay. It's not cheap, but it's not expensive either. It's a customized price. It's a yearly license. There are no extra costs. 

I would definitely recommend the solution. 

Overall, I would rate the solution a nine out of ten because but the only concerns I have are that it can sometimes have problems with new programs, and the support could be a bit faster.

We are primarily using the solution for endpoint detection response. It's endpoint security.

We do POCs for people who wish to purchase the product.

The performance has been fine.

It's good for the detection and response to threats.

The setup is pretty simple.

Technical support has been decent in the past.

We have seen an ROI. It is worth the cost.

The stability could be better.

The scalability could be improved a bit.

We find the solution to be a bit expensive. 

I've been using the solution for approximately one year. I haven't used it for that long just yet.

The solution is mostly stable and the performance is okay. It could be better, however.

The scalability is fine. I'd rate it eight out of ten, although it could always be better. 

We have around 2,000 users. At this time, we do not have plans to increase the number of users. 

We've used technical support several times. They were fine. I do not have any complaints about the level of service.

We did not previously use a different EDR solution. This is the first product of this nature that we have used. 

The setup is pretty simple. The deployment takes less than one month. For the most part, the setup process is pretty reasonable and not complex.

We have a few people that are able to handle the deployment and maintenance. 

We have witnessed ROI. It is worth the money. 

The pricing is a bit expensive. I'd rate it eight out of ten, with ten being very expensive. 

We're using the latest version of the solution.

I'd rate the solution eight out of ten overall. I'd recommend the solution to others. 

Clients use the solution for endpoint protection purposes.

It's easy to configure and integrate the solution with the current network because it is used by Fortinet clients.

I have been using Fortinet FortiEDR for two years.

Fortinet FortiEDR is a stable solution.

Fortinet FortiEDR is a scalable solution.

I rate the solution’s scalability ten out of ten.

The solution costs less than 10,000 for 100 users. Users have to pay additional costs to have the solution on the cloud.

Fortinet FortiEDR provides good documentation and training for its partners. I would recommend the solution to other users.

Overall, I rate the solution ten out of ten.

After experiencing issues with ransomware, the company decided to implement technology that could enhance endpoint protection. As a result, we partnered with Fortinet and chose to use FortiEDR in our environment. FortiEDR helps block USB devices, protects specific applications, prevents unauthorized software installations, and controls lateral movement within the network. This allows us to maintain greater control over third-party devices and software within our IT infrastructure.

We have a specific policy to protect most of the software our employees use on EvoraMet, whether cloud-based or installed on Microsoft machines. We enforce a security rule where any software with a security score lower than three is blocked within the network. Employees who request access to such software can open a ticket. We'll then conduct a review to determine if allowing the software or if it should remain blocked is necessary. This policy helps us maintain a secure environment by controlling the use of low-rated software.

The best feature is FortiEDR's integration with the operating system kernel. In our case, we're using it on endpoints running Microsoft Windows 11, and this integration provides enhanced protection. FortiEDR safeguards all applications, scripts, and behaviors on the machine by embedding with the OS. The key modules we rely on include Execution Prevention, Exfiltration Prevention, and Ransomware Prevention. These are the most critical protections for our devices.

The control of scripts could be improved because you use Microsoft Active Directory and unnecessary scripts to keep the roles updated with company policies. We have some filters to block potential malicious scripts on the Roast. It blocks USB devices, like storage or other devices that the company does not allow, from trying to present some malware, etc.

I have been using Fortinet FortiEDR for six to eight months. We are a partner of Fortinet.

The installation process on the host is straightforward, though Fortinet could improve it, such as allowing email distribution lists. We work around this by providing the software and installation password to the IT team, who then deploy it on the machines.

Our company has around forty employees, and they travel, the deployment generally takes about five days to complete.

Security is implemented in layers. Protecting our endpoints is essential because we relied on a Microsoft solution that didn't provide centralized management or visibility into our network's behavior. It's important to have full control over the network, like FortiGate and wireless controllers, at the endpoint level.

Overall, I rate the solution an eight out of ten.

The competition of Fortinet FortiEDR is with CrowdStrike in Sri Lanka, especially if I consider the banking and BFSI sectors, where most of the network areas are handled by Fortinet. With Fortinet FortiEDR, the customers get security and endpoint security for their networks. My company deals with Fortinet FortiEDR for our customers.

With Fortinet FortiEDR, the console is available with the product through the vendor network, which takes care of the security part while offering firewall functionalities. The product offers everything in the same console. With Fortinet, The customers do not face any issues when using other resources in the tool since they don't have to handle the consoles separately. With Fortinet, one person or one resource can handle two consoles together.

Right now, my company focuses on the on-premises version of the product since the cloud competencies offered by the tool are comparatively a bit less. I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers.

I have been using Fortinet FortiEDR for a year. My company functions as a reseller of the product.

Fortinet FortiEDR experiences a good journey in Sri Lanka if you consider the prices it offers and the competitive nature with Check Point and other vendors. Fortinet FortiEDR enjoys a good journey in Sri Lanka when compared to the other vendors. There is no need to convince the customer that Fortinet FortiEDR is good, as they already know about the advantages of the tool. Customers know about the other products in the market and know how the other tools are when compared to Fortinet FortiEDR. In general, customers have knowledge about Fortinet FortiEDR and the other products in the market. I have no complaints about the product since I don't find any disadvantages when it comes to Fortinet FortiEDR.

My company deals with around ten customers of the product that deals in the software industry. There are some customers of my company from the banking and finance sectors who prefer the product's on-premises version.

My company's engineers contact Fortinet FortiEDR's support team. When my company undertakes the process of customer onboarding, our technical team ensures that they directly handle the customer for a year with the help of support from Fortinet's team. As per my knowledge, Fortinet offers good support compared to the other vendors in the market.

The product's initial setup phase is very easy.

The solution is deployed on an on-premises model.

The time required to deploy the solution depends on the needs of our company's customers. My company's engineers handle the product's deployment area. It takes around a month to deploy the solution.

Fortinet FortiEDR is available at a very competitive price compared to the other products in the market. Customers also know about the prices of the Other products in the market, and they are aware that Fortinet FortiEDR's prices are cost-effective.

I recommend the product to those who plan to use it, but I will definitely ask them about the network security platforms they use in their environment. I would definitely recommend Fortinet FortiEDR to those who already have Fortinet products in their environment.

The integration with other Fortinet solutions has not impacted our company's security strategy.

Considering the list of complaints that my company has received regarding the product from our customers, I rate the overall product an eight out of ten.

We had some customers looking for an EDR solution for their endpoint devices based on their company's security posture and standing. So Fortinet FortiEDR was recommended to them.

Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture. Our clients are happy with the solution.

The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location.

Once it was up and running, customers didn't have any complaints about the product's stability.

Fortinet FortiEDR's scalability is okay, and we like the product.

I rate Fortinet FortiEDR a six out of ten for the ease of its initial setup. The engineers had some trouble setting up the solution, and they had to contact Fortinet to get some help.

Overall, I rate Fortinet FortiEDR a seven out of ten.

We use Fortinet firewalls for perimeter security at six to seven of our locations.

It provides extreme perimeter security, especially for VPN and application profiles, and seamless security monitoring through FortiAnalyzer.

As a firewall the solution is great, we never had any issues.

We saw time to value within three to four months of the firewall deployment.

Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great.

Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR.

I have been using Fortinet FortiEDR for almost five years.

The stability is generally good. We had one problem once, but otherwise, it has been good.

I don't think Fortinet FortiEDR is scalable with other vendors and new cloud provisionings, such as Azure or other cloud providers. I need to evaluate it further.

Technical support is good, but there are sometimes problems with reachability.

Neutral

I used Check Point and Cisco firewalls in my previous companies. At my current company, we use Fortinet, which I find to be a good firewall.

The initial deployment was complex, but that is expected in any firewall environment.

We use a migrator for the implementation and they were good.

We have seen a return on investment over the past four years. We can be assured of the perimeter security system's stability and ability to sustain itself in good conditions.

I'm not familiar with pricing, but it looks a bit costly compared to other vendors.

Fortinet FortiEDR was installed before I joined my organization but it was a good choice.

I give Fortinet FortiEDR an eight out of ten.

We are looking for max solutions from vendors. We may look at VPN solutions as well.

Attending RSA is an opportunity to network and compare products from vendors around the world which are interesting.

Attending RSA gives us the opportunity to compare products and understand the latest technology. This is something that is really valuable.

We are an incident response team, and we use Fortinet FortiEDR for our cyber protection-related activities.

Fortinet FortiEDR has helped our organization by providing reports that identify network weaknesses.

With the proper training, the solution is easy to use.

In some cases, the solution has freed up around three and a half hours of our staff's time so that they can work on other projects.

The most valuable feature is the analysis, because of the beta structure.

FortiEDR can be improved by providing more detailed reporting.

I have been using Fortinet FortiEDR for seven years.

I give the stability of the solution a seven out of ten.

FortiEDR is a scalable solution because it has a well-structured and manageable report that is easy to understand.

We previously used a different solution, but I cannot recall its name.

I give Fortinet FortiEDR an eight out of ten.

I came here to test ICS points and get some tools for VFDs. API security is becoming increasingly important, as we use a lot of APIs in our government. We need to test APIs to ensure they are secure, especially as ransomware attacks are also on the rise.

This is my fourth time coming to this RSA. I bought a new product here this time. We can see everything in one room, which makes it easy for us to understand and also make new contacts.

Our primary use cases for Fortinet FortiEDR are cash registers and endpoint, and point of sales.

The reason we originally started with FortiClient with one of our clients in the first place was that they were able to have legacy cash registers, a really old technology, which we had to get to run in a small resource space, and FortiClient, which was the predecessor, allowed us to literally pick and choose what features we wanted in the client and reduce its size, which you couldn't do with any other types of clients that were out there. That's how we started with that.

It is mostly on premise and any cloud services that we use are directly from Fortinet themselves. I would call that public cloud. We do run some of the customer's environment in private cloud, basically co-location. This has provided the services back to their dataset. I am talking about Fortinet's cloud for the public. For the private stuff it was basically out at Q9, which is the co-location provider.

Fortinet FortiEDR has the ability to customize the footprint of the client or the agents on the device and on the endpoint.

The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers. The customer has literally about 800 cash registers. That was the use case for Fortinet FortiEDR - to get that down into a tiny space. The only way to do that was to use this product because it had that ability to unbundle services that were a surplus.

In terms of what could be improved, I would say everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation.

A classic example of that would be products like FortiMail where you're basically acting as a mail relay. So say you're on a support call and I'm sending you a mail with document that you expect to come to you immediately, or within 30 - 60 seconds, could take up to 45 minutes because of the load on the cloud services. This can result in trouble tickets and other customer side issue.

In the next release I would like to see more investment in their cloud services. Additionally, they definitely need better integration into their FortiSIEM and FortiSOAR solutions.

They should continue to improve that and possibly include a managed threat hunting feature, an MDR solution.

I'm a Fortinet Gold Reseller but primarily we're a consulting company, not a product company. We tend to be agnostic with the one caveat being Fortinet, and only because I was the first guy in Canada to get certified in that, and also the first guy to sell it. There is a personal preference there. But I'm looking deeper into more enterprise security solutions that are SASE and endpoints and EDR, XDR, MDR, all that kind of stuff.

We've done work primarily with FortiGate deployments, but we've also done multiple SD-WAN projects and we've worked with FortiEDR, which is similar to their version of EDR. We've worked with FortiClient before that. As far as FortiCloud goes, we've worked with FortiMail in the cloud, we've worked with FortiManager in the cloud, but we haven't gone into CASB stuff yet.

We also do some Fortinet managed services in our customer base. So I have worked with Fortinet since 2004, 2005.

Fortinet FortiEDR has only been out for a couple of years. We've been working with it for a couple of months, primarily migrating a customer from FortiClient to FortiEDR.

We haven't done full scale deployments of FortiEDR yet, it's still fairly new.

In terms of stability, EDR is a pretty decent solution, but it's not best of breed. One of the challenges with Fortinet, and all of these vendors, is that they are doing acquisitions and doing things to retrofit into their environment, but there's a dependency on legacy or other features that Fortinet has, and Prisma from Palo Alto has. They have their own products, which are how their system is designed. It's really a suite of products. Fortinet is now FortiFabric, with Palo Alto it's Prisma, Prisma Cloud and XSOAR and all that stuff.

All these types of companies are not as flexible. I think in the future, people are not going to be interested in having these huge complex suites of products in order to take advantage of integration.

If you look at a true SASE solution, for example Zscaler, it's a product on its own. And it typically integrates with industry best of breed products first. So Zscaler would work with CrowdStrike or Microsoft Defender before it's going to work with an integrated solution like Palo Alto or Fortinet.

I'm finding more and more that these companies, Palo Alto, Fortinet, Check Point, Juniper, are all doing well right now. But I think in the next year to two, you're going to see a transition away from that type of technology.

It is actually one of Fortinet's big selling points that they're not maintenance heavy and they've got their gang leveraging all the other components. It actually updates itself automatically if you choose. And it has the ability, using FortiManager and other products, where you can push out policies very easily across multiple appliances, although that requires proper design and architecture from the beginning to make sure that you've got cookie cutter configurations across your enterprise.

Scalability is Fortinet's sweet spot, even though they're heavily focused trying to sell into enterprise, their sweet spot is still mid-size, SMB, customers.

Those products work well in an environment which is below 3000 users. It also works well in in terms of large enterprises, like a bank.

I don't see EDR really expanding. Fortinet Firewalls is another story. Firewalls can scale up to very large enterprises, including Telcos, but I don't see the EDR product deployed in those environments.

Their support is getting better.

Right now it is not that good. Fortinet was never big on technical support. I think they went by the theory that if it was hard to write, it should be hard to understand. Their technical support is getting better, but if you compare it to Cisco, it's not as good and it never was. It is one of their weak points. Its response time is not bad, but the attitude of the people on the phone is. It's the amount of information they ask for to do an RMA, for example. They can be very challenging to work for. That's an opportunity for managed security providers, because if you confront them, and take it away from the customer, it makes the customer's experience much better. So a bad support center is good for an MSSP.

The initial setup is complex compared to stuff like CrowdStrike or other products where you can just sign up and download and it, and it works.

It's a little bit more complex with FortiEDR because you're dealing with the setup and management of it, whereas in products like CrowdStrike, it's pretty automatic and it's just a question of a radio button to turn on or turn off additional features that you may want.

For example, going EDR to XDR or going EDR to MDR in CrowdStrike, you can do that in Fortinet but you have to implement FortiSOAR and all this other stuff.

Initially the setup took us a while, simply because we had to mess around with the client. We are talking weeks because we had to test and make sure that there were no performance issues and no interruptions in the flow of data, etc...

That took us probably five, six weeks to get up in a POC type environment. Once we got that, it's cookie cutter. You have an image that you deploy that already has that compiled in it, and it works pretty easily.

Fortinet FortiEDR is priced pretty competitively if you compare it to other companies that are in the same boat, like Palo Alto, who have similar product suites. It is reasonable. In the industry, they call Fortinet the Chevy of Perimeter Security and Palo Alto the Cadillac. I think that's undeserved. I think Fortinet is actually, in the long run, a better product, but it has that reputation because of their pricing. Palo Alto, right off the bat, charged a much higher premium, which created the illusion that you're getting a better product. Palo Alto products are brutally expensive.

But that's the way Palo Alto works and it works for them. Although, I've heard rumors that they're changing their channel model where they're going after enterprise customers directly, rather than forcing it through the channel. Fortinet is a 100% channel, Palo Alto is not. And that's affecting them. If you look at stock prices and earnings, Fortinet is actually doing better.

With any of these products, you need to step back and look at where the wave of technology is going in the security posture. I think that you need to step back and say, "Here's my current situation, what's the best solution two to three years from now?" If you look at that, I don't see Fortinet or Palo Alto or any of those traditional product vendors being the future state.

These companies are like system integrators. A lot of system integrators went out of business mostly because they couldn't make the paradigm shift from a product led business to a service led business. I see the same type of thing happening in the traditional Perimeter Security companies, that are not designed from the ground up. They make an acquisition of a product and they try to integrate it into their business model, and to leverage all their other products in a suite. That's not the way the industry is going.

On a scale of one to ten, I would rate Fortinet FortiEDR somewhere around a six.

It goes back to what I said that I don't think it's got a huge future. If you compare it to CrowdStrike or those type of products, it is very similar to Palo Alto's Cortex, they didn't even come out with an an EDR solution, they went directly to an XDR solution. What is XDR penetration? About 2% of the market right now. It's just not a fit to the future. That's why I give it a six.