We performed a comparison between Microsoft Defender for Endpoint and Sophos EPP Suite based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The stability is very good."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The product detects and blocks threats and is more proactive than firewalls."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The setup is pretty simple."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"The solution was relatively easy to deploy."
"This is stable and scalable."
"I enjoy using the live response feature, which allows me to remotely access different endpoints and investigate malicious files, such as malware that people may have downloaded, and other related issues."
"The virus scanning capability is excellent, and it feeds all the logs into the Microsoft 365 Defender portal, making them easy to search for."
"Technical support is good."
"The technical support from Microsoft is very good. We are part of the Microsoft Suite, and from being part of this we have consistent news regarding Microsoft Defender for Endpoint."
"The most valuable feature is that we can use the solution right out of the box without too much configuration."
"The antivirus is the most valuable feature."
"The most important feature is the way it monitors the threats and blocks them. About 10 days ago, we were implementing SOC for a particular client. The SOC was not yet implemented, but they had Microsoft Defender. That organization was hit by some ransomware, but the hacker could not succeed. Because of the EDR, the hacker could not install the hacking tools. They were trying to do that, but Microsoft Defender completely blocked that. The hacker could log into the system, but they could not install anything."
"The features I have found most valuable are the ransomware and malware protection. The solution detects malware live and whenever it detects suspicious activity, it quarantines it."
"This product is quite stable and there are no problems with it."
"The solution's setup is straightforward and doesn't take much time to complete."
"The product’s selling point is its ability to protect against zero-day threats and its integration with the firewall."
"The solution is useful for security purposes."
"The performance and scalability are impressive. We can install it on various computers."
"The most valuable feature is the ability to centrally manage the total security environment, including the firewall."
"The anti-malware and web filtering are the solutions most valuable aspects."
"The solution's most valuable aspect, for us, is the DLP portion of the product."
"FortiEDR can be improved by providing more detailed reporting."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"We'd like to see more one-to-one product presentations for the distribution channels."
"I haven't seen the use of AI in the solution."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The central management console should be improved because it provides limited options to configure Windows Defender."
"I would like to see online updates for patches for this solution. I would also like to see online information about what is trending in the market in terms of spams, viruses, or trojans. It takes some time to understand how this solution works. A few things are unclear at the beginning, such as whether it actually restricts the virus or spam at the initial stage, or when there is a security update, how will we come to know and how will it get synchronized. It would be really helpful if there is some kind of knowledge base in the form of video, audio, or document that can explain in a user-friendly way the setup, features, risks, and process to mitigate the risks. Currently, I have installed endpoint security for every individual system. I could not install it like other endpoint solutions where we have a server and a client. It would be really helpful if Microsoft Windows Defender has a server-client based model so that I can save some bandwidth when it downloads or uploads features. It will be helpful if we have a LAN-based or WAN-based controlling system."
"Defender is free for one year. Once that year is over, we will switch to Kaspersky."
"It's not easy to create special allowances for certain groups of users. It can be a little heavy-handed in some areas where Microsoft has decided to lock a feature out, meaning they make it hard to make an exception... One company we work with needed to use about 20 different thumb drives for about 20 users. To make that exception for them was very difficult. In fact, you can't really make an exception. But what you can do is allow them to use it and, while it will still alert, you can actually suppress those alerts."
"The time to generate certain alerts on our dashboard can take between 45 minutes to an hour, and I am unsure of the factors that influence this duration."
"The solution could always be more secure."
"The profiling method currently in use is not very user-friendly and has ample scope for improvement."
"Phishing and Malware detection could be better."
"If you are not an IT expert, the solution is difficult to use."
"The solution could be more stable."
"The solution needs to perform better or update its anti-ransomware and anti-malware engines to keep up with the latest hacking techniques."
"One area for improvement in Sophos EPP Suite is the support response time, particularly of the management team. It could be faster because I only got a response from the manager after a few days. If you open a case directly from the website, the response from the technical support agent may have been faster. I didn't open the request from the website, so that could be the reason why the response time took longer."
"We use cloud services quite a bit. Therefore, I would like to see integration with other security tools besides endpoint so that I'm not managing different tools separately. I would prefer to have a single security solution for my laptop and for managing other security things like passwords."
"There could be an equipment inventory feature for the solution."
"The solution could improve on the resource management, it is a bit heavy on the resources."
"Configuring notifications is lagging a bit behind the curve as the product should be able to direct exactly where any notification type is sent."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while Sophos EPP Suite is ranked 27th in Endpoint Protection Platform (EPP) with 52 reviews. Microsoft Defender for Endpoint is rated 8.0, while Sophos EPP Suite is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Sophos EPP Suite writes "The solution provides endpoint detection and response with a nice-looking dashboard". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and ESET Endpoint Protection Platform, whereas Sophos EPP Suite is most compared with Trend Micro Deep Security, Seqrite Endpoint Security, Trellix Endpoint Security, Coro and Xprotect . See our Microsoft Defender for Endpoint vs. Sophos EPP Suite report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.