CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents, hardware, scheduled scans, firewall exceptions or admin credentials.
$59.99
per endpoint/month (minimum number of endpoints applies)
Ivanti Endpoint Manager
Score 7.8 out of 10
N/A
Ivanti Endpoint Manager increases user and IT productivity by helping IT administrators gather detailed device data, automate software and OS deployments, and quickly fix user issues.
N/A
Pricing
CrowdStrike Falcon
Ivanti Endpoint Manager
Editions & Modules
Falcon Go (Small Business)
$59.99
per endpoint/month (minimum number of endpoints applies)
Falcon Go (Small Business)
$59.99
Falcon Pro
$99.99
per endpoint/month (for 5-250 endpoints, billed annually)
Falcon Enterprise
$184.99
per endpoint/month (minimum number of endpoints applies)
No answers on this topic
Offerings
Pricing Offerings
CrowdStrike Falcon
Ivanti Endpoint Manager
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
EPM is licensed per device (endpoint) in a subscription model. Each license allows for managing one endpoint.
I have evaluated Cortex XDR and SentinelOne Singularity alongside CrowdStrike Falcon, and while all three are capable enterprise-grade solutions, Falcon ultimately stood out due to its cloud-native architecture, broader modular coverage, and stronger identity-focused detection. …
It was just a legacy AV program onboarded during initial setup days. As the org. As it expanded, its threat landscape also grew, and we needed a next-gen solution to protect against evolving threat vectors. Falcon EDR was the one that solved all these in a single place.
Depends on your network architecture.. NDR can be very expensive. EDR works on almost all network architectures, even those segmented networks. However if you rely on centralized switch and older style of network architecture, NDR should be asses and considered, especially if …
It stacks on top. We love the ease of use, the third-party integration, having AI, and the CrowdStrike team was way more helpful with our team, so that adoption was within a couple of months. We also compared prices, and the value was higher, with a faster ROI, which helps our …
There really wasn't a question. CrowdStrike is best in class and really doesn't have an equal in this space, any other threat protection vendor is a compromise in some area, and even though we are paying for the premier service, we can feel comfortable and protected with our …
Sentinelone is bit complicated language use in there console in compare to CrowdStrike Falcon. CrowdStrike Falcon have much big modules and features but sentinelone don't. CrowdStrike Falcon have one single unified agent and in sentinelone bit confused in selection of agent …
CrowdStrike is by far the superior product as we have had zero problems since installing compared to Trend where is positively failed us. We switched and again have had zero issues with the product and it protects our environment as it should without much interaction.
CrowdStrike Falcon is way ahead of Symantec, and covers features that defender XDR doesn't, even if you purchase all the addons. I think the only real competitors are Sentinel One, maybe Palo Alto or Huntress, or Carbon Black.
In my opinion, CrowdStrike Falcon provides superior detection and prevention capabilities over Jamf Protect. At the time we purchased (2017) CrowdStrike Falcon was more advanced than SentinelOne and Microsoft Defender for Endpoint.
CrowdStrike Falcon is an industry leader in this sector and is superior in its low overhead agent, having minimal impact on end-users. We plan to migrate our macOS fleet when our existing contract expires.
Advance detection capability.Overwatch threat hunt team which proactively hunts your environment Interactive sandbox. Reduced false positives & ease of whitelisting to granular level.AI and ML can analyze events to identify subtle patterns that might indicate malicious …
In my opinion, CrowdStrike Falcon does a better job of detection than Carbon black in all forms. Compared to SentinelOne XDR, CrowdStrike Falcon does a better job of finding potential threats even though the machine learning based detection cause more False Positives than the …
It is superior on the following two: Advanced threat detection because AI and ML can analyze vast amounts of data to identify subtle patterns that might indicate malicious activity, even zero-day attacks (previously unknown threats).Reduced false positives because it can help …
At the time of purchase CrowdStrike provided the best featureset and value proposition for the organisation. The cloud first nature of the product and the mix of heuristic and behaviour based detection technologies was better than anything else that we looked at.
Ivanti was the best option at that time, as we were a completely on-premises company, and compared to the others, Ivanti was the only one covering all Operational Systems.
Ivanti Endpoint Manager was good at Automated Patch Management and has a efficient Software Distribution methodologies. It is also has powerful Remote Control for Support and good inventory management
Ivanti's all-in-one concept is easier to standup, manage, and use than SCCM. Although SCCM requires Teamviewer for remote assistance, it is more reliable than Ivanti Remote Assistance. That being said, Ivanti provides a more robust solution that gives much greater granularity …
There is no silver bullet or perfect endpoint management tool but, after evaluating 17 different products for our organization, I found that Ivanti checked the majority of the boxes we needed. Ivanti is well-positioned in the market and constantly expands its portfolio.
Better in most all categories. On-prem was not an issue for my organization. MS SCCM was lacking features. Airwatch required increasing tiers of service in order to match [Ivanti Unified Endpoint Manager (formerly LANDESK Management Suite)] features, and lacked the robust …
ManageEngine had lots of the whizbangs but couldn't tie it all in together. It was a bit clunky and you still would need other products to get the job done. All-in-all it didn't seem like a full solution that would meet our needs.
Ivanti Endpoint Manager runs in the kernel so it is more robust than Workspace Control. It is also better at capturing settings. However, Workspace Control is much easier to administer and roll out. There is one interface where you can make all settings. We really miss that …
I think that the Ivanti EPM method of collecting inventory data is much more useful that the other products. The way that queries and scopes can be generated and then used across the board in all of the features makes for very dynamic use cases.
We are currently looking and re-evaluating EPM against these competitive systems. Because our evaluation is starting again, I will come back to this question.
I think Ivanti UEM is the best product out there as everything is laid out and you can accomplish anything you need to do. You do not need to re-invent the wheel or build tasks from the ground up. You just need to implement a good strategy and plan for what you wish to …
LANDESK is more modern and has a better UI for our HD techs. It is also vastly more expandable than Remedy was when we left it (approx. two years ago). It's not really a comparison of CRM to CRM though, and if it were I'd say LANDESK is 10-25% better, but the additional …
It's a solid contender in the endpoint management scene with so many competing products that may excel with certain features you are sure to find with IEM a solid tool that covers all bases.
IEM beats our old solution due to widest solution set. It does more, and does it more successfully and more thoroughly, that any other solution out there.
We have tried SCCM it was great but was not working so much. Well then we have used the central desktop from the Zoho corporation. Finally we got LANDESK Ivanti Endpoint Manager which has done all the things [in a] the single platform. [Zoho] is new system like Intune and …
Both solutions will effectively manage Microsoft patches to devices, but Ivanti goes the extra step. With Ivanti, we can manage third party patches, where SCCM would require a third party solution (like Ivanti, who a lot of SCCM customers use for third party). Ivanti also …
SCCM integrates really well within Windows, but IEM does exceptionally well with the Big 3 (Windows, MacOS, Linux). Anything you can do in one, you can do in the other.
CrowdStrike Falcon is ideal for large, cloud-native enterprises that prioritize advanced behavioral detection and have a mature SOC to manage their intelligence. However, its cloud-reliant architecture makes it a poor fit for air-gapped or offline networks. Additionally, small organizations with limited staffing may find it difficult to manage, while teams that require integrated SOAR and vulnerability management might be discouraged by the need for additional licensing to unlock those capabilities.
You need to push O365 or some product out to your institution. If you need to build out a reboot before and after and maybe something else, [Ivanti Unified Endpoint Manager (formerly LANDESK Management Suite)] can easily do that for you. It then can also use a query to determine who needs that product in your environment and then continue using that query to watch for the machines you targeted to show up once your push succeeded. If you need to, you can use the task scheduler and schedule your software distribution for a specific not in normal business hours or on a weekend.
Software distribution - the ability to sit and provide software when a machine calls home works phenomenally well. You may also target based on certain conditions, ranging from LDAP queries down to hardware revisions of individual components.
Operating system provisioning - the range of choice in sequential execution is second to none. We migrated from MDT to Ivanti's providing with relative ease.
Patching and compliance - you're able to get extremely granular, and the rollout project templates make rolling it a particular patch from QA to Production an automated breeze
Mac support - While it's the best I've seen with cross platform support, that doesn't mean they don't have a long way to go to catch up with the functionality of other tools that focus on one specific platform.
Product coherence - Their core product, the management suite, is great but with every new acquisition the company makes, it seems like there's another product that gets shoehorned into the picture. Making all those disparate pieces work smoothly together is something they're still working on.
Documentation - They come out with a lot of great features but some are so complicated I couldn't begin to understand the various facets of it all. I realize the days of published manual are long gone but even a PDF covering the major components in detail would be better than having to bump around in the dark until you have to call support for help.
Software Licensing Management - Every major release seems to completely rewrite this tool but they keep seeming to miss the mark. Lately it's a Microsoft Silverlight program that's very slow and has way too much data to be useful.
Web Console - The web console is all but unusable. The only way to really work on administration is to use the 32bit console which is great if you're running Windows but a fully featured web console would be much preferred.
Crowdstrike has a large suite of tools built for helping the engineers triage and respond to security event whenever identified. The ability to customize the security policies and implement more granular policies to different devices based on the functionality is unmatched. Crowdstrike provides so much of ability in a decent budget which ascertains the value for money or ROI.
As Microsoft evolves Intune, SCCM, MECM and combines their features into the MS EULA, Ivanti seems to be going the opposite where they are stripping out core products in favor of an EULA + A la cart pricing model that simply is more expensive than Microsoft's pricing. A few years ago, the gap was large enough to justify the extra cost of Ivanti, today the gap has closed significantly enough that the value add just isn't there for us.
I think it is a complete and very trustful XDR platform, with very few False Positives. It is very well supported by highly skilled professionals on all levels: from pre-sales engineers, Customer Account Managers and support engineers.
Items are logically laid out and most are easy to find. The more advanced stuff can be trickier, but it is still not hard to find. There are a lot of options though, so remembering where some settings are, especially if you do not alter them often, can take a minute, but you will get to them fairly qiickly.
Support is generally pretty fast and gets right to the issue. We haven't had to use them much, fortunately, but the issues and questions we've had are usually answered quickly. The customer success manager/account manager you're assigned will also follow up with you on a regular cadence to ensure you're getting the most out of the subscription. There's not a whole lot of room to improve, other than the general confusion about what is/what is not covered in custom packages you're subscribed to. The initial purchase took much longer because of a package name changes and realignments of different modules into those packages.
TRM\TAM support has been generally very good. Getting reported bug fixes, design changes, UX problems resolved has been a pain. It is often difficult to get problems escalated beyond the TRM\TAM level. Support is fantastic when you can get it, getting it can often require more work than it should, and that is probably our biggest issue.
There is limited amount of learning that can be completed in an in-person training available. In my opinion, the self-paced learning provided by Falcon portal is more useful over in-person training. The support from Falcon is great and useful to overcome difficulties, if any.
The training provided by Crowdstrike Falcon is complete in terms of the depth of technical knowledge and teaches the users about going through with the platform. There are lots of jargons for different tools that Crowdstrike Falcon has and this training teaches them all which helps in managing the platform better. Plus, the regular knowledge checks are also very helpful for the end user.
I have evaluated Cortex XDR and SentinelOne Singularity alongside CrowdStrike Falcon, and while all three are capable enterprise-grade solutions, Falcon ultimately stood out due to its cloud-native architecture, broader modular coverage, and stronger identity-focused detection. Cortex XDR performs very well in environments already heavily invested in the Palo Alto ecosystem, particularly for network-to-endpoint correlation, but it introduces additional complexity and infrastructure overhead. SentinelOne excels in autonomous remediation and offline protection, especially with ransomware rollback, but is more endpoint-centric and comparatively limited in native identity and exposure-risk context. CrowdStrike Falcon provided the best overall balance by combining NGAV, EDR, identity protection, exposure management, threat intelligence, and managed hunting within a single lightweight agent and unified console, enabling better scalability, faster investigations, reduced tool sprawl, and stronger protection against modern identity-driven attacks, making it the most aligned choice for our security and operational objectives.
Better in most all categories. On-prem was not an issue for my organization. MS SCCM was lacking features. Airwatch required increasing tiers of service in order to match [Ivanti Unified Endpoint Manager (formerly LANDESK Management Suite)] features, and lacked the robust inventory data we needed. Meraki was very simple to use, but did not meet our needs. I would say that most Airwatch customers aren't using all the features they are paying for, and could save lots of money by using Meraki instead.
Due to some of the difficulties with Support and Sales, we are likely looking to change to another vendor. We sometimes don't feel like customers.
When the bluescreen incident occurred (worldwide outage) in July 2024, we were unable to contact support due to the high volume of calls at the same time. We had to figure out how to remediate it ourselves, which we did, and recovered before the vendor's official release of fixes. It shook my confidence in them.
The product itself performed well over the last 2 years, which has kept us safe and productive. The product is good.
Centralized IT - all in one solution that is better in some areas than traditional niche software applications. You'll probably still spend the same amount of time with users on the HD line, but you'll be able to reduce the amount of time it takes for auxiliary Help Desk tasks (ticketing, reporting, background deployment, etc.)
Cost - This is a negative of course ;) But at some point you can save some money if you ditch SCCM or your other CRM