We performed a comparison between Microsoft Defender for Endpoint and SonicWall Capture Client based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Ability to get forensics details and also memory exfiltration."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"It is stable and scalable."
"The most valuable feature is the analysis, because of the beta structure."
"The product's initial setup phase is very easy."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The product detects and blocks threats and is more proactive than firewalls."
"Defender is stable, I haven't had any problems with viruses when using it, and it's easy to update."
"I like the process visibility. This ability to visualize how something was executed is valuable, and the fact that Defender ATP is also linked to the threat intelligence that they have is also valuable. So, even if you have something that doesn't have a conventional signature, the fact that you get this strange execution means that you can detect things that are normally not visible."
"The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN."
"The best thing I like about it is its interaction with the other Defender products. It provides the ability to push telemetry up. It gives me endpoint visibility and allows me to take automated actions."
"Easy to understand and easy to set up endpoint security solution. It's a multifeatured product with web content filtering and automated investigation features. It also has a fantastic vulnerability management dashboard."
"It does not make Windows slow, as compared to all of the third part antiviruses."
"It can reach our applications and PC activities in the cloud."
"We had Norton Antivirus before, and with Norton, we didn't have a way to centrally manage a lot of features. Defender allowed us to deploy it from our Office 365 admin console. That is probably the biggest thing that made us go with Defender."
"SonicWall Capture Client's scalability is nice."
"Overall, what I love the most about SonicWall Capture Client is its management console. SonicWall Capture Client also has the intelligence to tell you which computer is online, what OS it uses, etc. I also found the rollback feature and SentinelOne integration valuable in SonicWall Capture Client. Rollback is a powerful feature of the solution because it's similar to locking your endpoint during an attack, so you won't have to pay the hackers, particularly during ransomware attacks. That feature in SonicWall Capture Client allows you to get back your endpoint or make your endpoint right again after an attack. I also like that it isn't complex to remove the engine error from the endpoint because you only have to provide the security key from SonicWall Capture Client, so the process is simple. It's not complex."
"The most valuable features of SonicWall Capture Client are CSC (Capture Security Center), RTDMI (Real-Time Deep Memory Inspection), and the deep memory inspection feature."
"The initial setup is straightforward."
"SonicWall Capture Client has a serial number to connect to your firewall."
"The solution serves as a very stable platform."
"Detections could be improved."
"ZTNA can improve latency."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The only minor concern is occasional interference with desired programs."
"The solution is not stable."
"It would be helpful if they included XDR features, on top of the EDR functionality."
"I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."
"Microsoft Defender for Endpoint is secure but when it comes to security all solutions could improve security."
"It needs to improve the cybersecurity for lateral movements. For example, when a hacker tries to enter a machine, they try to get the password by doing a lateral movement."
"They're in the process of pulling more things together. They can continue with the integrations and provide a better way of seeing the impact of security changes, especially on the endpoint side. Before we actually flip the switch, we should be able to see the impact of security changes on the business or business applications. It would prevent breaking any business applications."
"It makes your Surface devices hot. It is resource-intensive. It strains your CPU, not more than other file scanners around, but it also does a lot more. When you are transmitting files or data, it is continuously scanning the traffic and analyzing it bit by bit to see what's going on, and that, of course, is costly in terms of CPU. It is CPU intensive, and if you are on battery, it drains your battery fast. That's the only drawback that it has."
"Microsoft support could be more knowledgeable."
"Microsoft Defender for Endpoint could improve by providing more user-friendly dashboards. They may be complicated for some."
"The vulnerability reports need to be better. Windows Defender detected some issues that SonicWall Capture Client couldn't."
"SonicWall Capture Client could be made a little lighter than it currently is in terms of memory consumption."
"The biggest issue with SonicWall Capture Client is network latency."
"It takes technical support too long to resolve an issue."
"They should improve their user interface."
"An area for improvement in SonicWall Capture Client is TenantCloud support. Suppose you want to implement SonicWall Capture Client. You'll have to register it on MySonicWall. Then once your SonicWall Capture Client license expires and you don't want to renew it, you can't delete it from your MySonicWall account, so that's an area for improvement."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while SonicWall Capture Client is ranked 49th in Endpoint Protection Platform (EPP) with 6 reviews. Microsoft Defender for Endpoint is rated 8.0, while SonicWall Capture Client is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of SonicWall Capture Client writes "A stable solution that is used for endpoint security and to protect computers from malware". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and ESET Endpoint Protection Platform, whereas SonicWall Capture Client is most compared with SentinelOne Singularity Complete, CrowdStrike Falcon, Bitdefender GravityZone Enterprise Security, Cortex XDR by Palo Alto Networks and ESET Endpoint Protection Platform. See our Microsoft Defender for Endpoint vs. SonicWall Capture Client report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.