We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"One of the best features of AMP is its cloud feature. It doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taken their laptops home. You don't have to be VPNed into the environment for AMP to work. AMP will work anywhere in the world, as long as it has an Internet connection. You get protection and reporting with it. No matter where the device is, AMP has still got coverage on it and is protecting it. You still have the ability to manage and remediate things. The cloud feature is the magic bullet. This is what makes the solution a valuable tool as far as I'm concerned."
"The most valuable feature is signature-based malware detection."
"It is a very stable program."
"The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"The most valuable features are the solution's thorough detection and ease of use."
"The most valuable feature for me is the ability to whitelist, blacklist, and be very granular as to what I blocked, what apps I blocked, and what websites I block. I think that's probably the most valuable feature."
"The installation is straightforward."
"Great protection against malware, ransomware, and any other forms of malicious software."
"We like the dashboard, the console, the reporting. It's very easy to deploy."
"The Ultra is a valuable feature."
"The performance is great."
"With Bitdefender GravityZone Ultra, we don't have to worry about our endpoints or attacks. Our security has become stronger. This has been a reliable solution for our company."
"We are quite security-focused. Blackberry Protect as an endpoint solution for our service really delivers what we are expecting."
"The solution is extremely scalable. It's got the hybrid functionality, it's got the system functionality and cloud functionality as well."
"I like the AI and mathematical components that they use."
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"It does a good job of protecting us."
"You can manage all the threats and everything from a centralized dashboard."
"I find the actual overall endpoint malware protection the most valuable feature of CylancePROTECT."
"It is extremely simple to manage and deploy."
"The connector updates are very easily done now, and that's improving. Previously, the connector had an issue, where almost every time it needed to be updated, it required a machine reboot. This was always a bit of an inconvenience and a bug. Because with a lot of software now, you don't need to do that and shouldn't need to be rebooting all the time."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"The technical support is very slow."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"The GUI needs improvement, it's not good."
"I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"The graphical user interface for EDR could be improved."
"I would like to see the capability for remote installation added, in particular for servers."
"Occasionally websites are unnecessarily blocked due to monitoring software on those sites."
"Bitfender could improve their modules on the server. For example, Bitdefender doesn't have content filters or firewall modules on the server. It would be great if it had a networking module and a content filter module at the workstations."
"Using this product requires quite a bit of training, which is hard to get."
"The reporting is much too simple."
"The only problem we have, and I don't know if maybe it's the package we bought, is that it lacks the parts of data protection and application blacklisting."
"The software itself is solid. It would be better if it was more of a real-time solution, like SentinelOne. The one thing that holds me back on the SentinelOne side is that I can blacklist websites and stuff like that, but it's not as granular as Bitdefender. With Bitdefender, I feel like I have more control over what I can whitelist and blacklist."
"It should have better support for Windows and Mac."
"The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."
"The product does not do a lot of reporting on what it is taking care of. Enhanced reporting would be a welcome improvement."
"The OPTICS component could be made more user-friendly with respect to giving people more information."
"We would like to see secure integration and multi-factor authentication to be able to access the administration dashboard."
"While you are working, you are finding these things that were supposed to be waived have come back to being blocked. That's frustrating."
"It's a good solution but some features just need to be updated."
"It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus."
"The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."
"We have a license for 3,000 users and if we get up to 3,100 users, it doesn't stop working, but on the next renewal date you're supposed to go in there and add that extra 100 licenses. It's really good that they let you grow and expand and then pay for it. Sometimes, with other products, you overuse a license and they just don't work."
"The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost."
"There is also the Cisco annual subscription plus my management time in terms of what I do with the Cisco product. I spend a minimal amount of time on it though, just rolling out updates as they need them and monitoring the console a couple of times a day to ensure nothing is out of control. Cost-wise, we are quite happy with it."
"There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization."
"The pricing and licensing are reasonable. The cost of AMP for Endpoints is inline with all the other software that has a monthly endpoint cost. It might be a little bit higher than other antivirus type products, but we're only talking about a dollar a month per user. I don't see that cost as being an issue if it's going to give us the confidence and security that we're looking for. We have had a lot of success and happiness with what we're using, so there's no point in changing."
"Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection."
"Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc."
"There are different packages available that vary in terms of licensing fees."
"Price-wise, we have a better licensing agreement with Bitdefender than we did with competing vendors."
"As I am on a different model, my clients pay me on a monthly basis."
"The solution is not expensive but there are cheaper options in the market. In terms of competitiveness, the price is reasonable with no other additional costs besides the licensing fees."
"Bitdefender GravityZone Ultra is less expensive than other solutions, such as CrowdStrike. We had a really good deal because it was their year-end and they were trying to do a lot of sales that week. We bought a three-year contract from them and the cost was approximately $17 per endpoint, per year. It is was a very good price. I have spoken to other people who have purchased CrowdStrike at approximately $60 per endpoint, per year. I have no complaints about the price of this solution."
"We pay our license on a yearly basis and have just renewed for two years."
"I think that the price we are paying is good for what it is."
"This cost of the license is approximately $5 USD monthly per user."
"The product cost is about $5, per user, per month."
"The monthly fee is $55 USD per user."
"It's not so heavily priced; rather, it's average and decent."
Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.
Bitdefender GravityZone's ENDPOINT SECURITY TOOLS intelligent security agent assesses the host machine at installation to self-configure to optimal form, and adapts its behavior according to endpoint accessibility. Security administrators allocate resources to security tasks through policies per groups of machines. They can set security tools to work on a local machine, or they can decide to rely more on Bitdefender Global Protective Network, or totally offload security to security servers.
BlackBerry® Protect is an artificial intelligence (AI) based endpoint protection platform (EPP) that prevents breaches and provides added controls for safeguarding against sophisticated cyberthreats—no human intervention, Internet connections, signature files, heuristics or sandboxes required.
Bitdefender GravityZone Ultra is ranked 8th in Endpoint Detection and Response (EDR) with 14 reviews while Blackberry Protect is ranked 16th in Endpoint Protection for Business (EPP) with 17 reviews. Bitdefender GravityZone Ultra is rated 8.8, while Blackberry Protect is rated 8.0. The top reviewer of Bitdefender GravityZone Ultra writes "Great security with excellent standard policies and extremely stable". On the other hand, the top reviewer of Blackberry Protect writes "An outstanding product that is pretty spot on and easy to deploy and use". Bitdefender GravityZone Ultra is most compared with SentinelOne, Sophos Intercept X, CrowdStrike Falcon, Microsoft Defender for Endpoint and Fortinet FortiEDR, whereas Blackberry Protect is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Carbon Black CB Defense and Cybereason Endpoint Detection & Response. See our Bitdefender GravityZone Ultra vs. Blackberry Protect report.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.