We performed a comparison between Azure Firewall and Microsoft Defender for Cloud based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The SIEM that Azure Firewall provides us is very robust."
"In terms of the reporting, it's beautiful. It integrates with Azure monitoring and with Azure policies. That piece is a big help. You can set governing policies and you can use the application firewall, as well as the Azure Firewall, to enforce those policies."
"The initial setup is straightforward; Azure Firewall does not have a complex implementation process. It is very simple; you just need to enable the service within Azure. It does not require any maintenance because it is managed by Microsoft, that is, it is a fully managed service."
"I can easily configure it."
"Azure Firewall's feature that I have found most valuable is its scalability."
"I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system."
"The feature that I have found the most valuable is the control over the network permissions and the network."
"We secure the entry point to the virtual data center with the firewall."
"When you have commissioned Defender, you have these things visible already on your dashboard. This gives the efficiency to the people to do their actual work rather than bothering about the email, sorting out the email, or looking at it through an ITSM solution, whey they have to look at the description and use cases. Efficiency increases with this optimized, ready-made solution since you don't need to invest in something externally. You can start using the dashboard and auditing capability provided from day one. Thus, you have fewer costs with a more optimized, easier-to-use solution, providing operational efficiency for your team."
"Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful."
"Most importantly, it's an integrated solution. We not only have Defender for Cloud, but we also have Defender for Endpoint, Defender for Office 365, and Defender for Identity. It's an integrated, holistic solution."
"The main feature is the security posture assessment through the security score. I find that to be very helpful because it gives us guidance on what needs to be secured and recommendations on how to secure the workloads that have been onboarded."
"It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening."
"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."
"The solution lacks artificial intelligence and machine learning. It might be in the roadmap. However, currently, it's not available."
"For large organizations, a third-party firewall would be an added advantage, because it would have more advanced features, things that are not in Azure Firewall."
"The development area and QA area could be improved. With those improvements, we can improve projects and take even less time to implement them."
"Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories."
"Azure Firewall definitely needs a broader feature base. It should be able to go all the way up to layer 7 when looking at applications and things like that."
"The threat intelligence aspect of this particular firewall is not at par with other providers."
"The product could be made more customizable."
"It would be much easier if the on-premises, firewall rules, had some kind of export-import possibility in place, which is not the case right now."
"Another thing is that Defender for Cloud uses more resources than CrowdStrike, which my current company uses. Defender for Cloud has two or three processes running simultaneously that consume memory and processor time. I had the chance to compare that with CrowdStrike a few days ago, which was significantly less. It would be nice if Defender were a little lighter. It's a relatively large installation that consumes more resources than competitors do."
"Sometimes, it's very difficult to determine when I need Microsoft Defender for Cloud for a special resource group or certain kinds of products. That's not an issue directly with the product, though."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"Azure is a complex solution. You have so many moving parts."
"The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions."
"No possibility to write or edit any capability."
"The initial setup is not actually so complex but it feels complex because there are many add-ons. There are many options and my team needs to be aware of all of these changes happening on the backend which is a distraction."
Azure Firewall is ranked 14th in Microsoft Security Suite with 33 reviews while Microsoft Defender for Cloud is ranked 2nd in Microsoft Security Suite with 46 reviews. Azure Firewall is rated 7.2, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Azure Firewall writes "Easy to use and configure but could be more robust". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Azure Firewall is most compared with Fortinet FortiGate-VM, Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Fortinet FortiGate and Check Point NGFW, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and CrowdStrike Falcon. See our Azure Firewall vs. Microsoft Defender for Cloud report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.