No more typing reviews! Try our Samantha, our new voice AI agent.

Azure Firewall Manager vs Microsoft Defender for Identity comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Azure Firewall Manager
Ranking in Microsoft Security Suite
25th
Average Rating
8.6
Reviews Sentiment
5.4
Number of Reviews
9
Ranking in other categories
Firewall Security Management (11th)
Microsoft Defender for Iden...
Ranking in Microsoft Security Suite
5th
Average Rating
8.8
Reviews Sentiment
6.8
Number of Reviews
28
Ranking in other categories
Advanced Threat Protection (ATP) (8th), Identity Threat Detection and Response (ITDR) (3rd)
 

Mindshare comparison

As of July 2026, in the Microsoft Security Suite category, the mindshare of Azure Firewall Manager is 1.2%, up from 0.5% compared to the previous year. The mindshare of Microsoft Defender for Identity is 3.6%, down from 6.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Microsoft Security Suite Mindshare Distribution
ProductMindshare (%)
Microsoft Defender for Identity3.6%
Azure Firewall Manager1.2%
Other95.2%
Microsoft Security Suite
 

Featured Reviews

Sikkander  Batcha - PeerSpot reviewer
DevOps Engineer at CloudIQ
Has managed traffic effectively but lacks visibility and advanced control features
Azure Firewall is typically behind other vendor firewalls because we don't see what kind of traffic is traveling through it. That is one drawback. The main drawback is that we need log support from Azure Firewall, which can be quite costly. There is no login feature in Azure Firewall because only the IAM feature is available in the Azure site; we manage it only through the Azure portal, not through any other portal. Other vendors, such as Palo Alto, provide GUI or CLI interfaces to manage their firewalls, whereas we only manage Azure Firewall through the Azure portal. In the future, I would like to see additional features in Azure Firewall Manager to make it more competitive, such as technologies like App-ID and User-ID that Palo Alto has. Azure Firewall currently only allows traffic based on layer four and sometimes layer seven, so they need to improve in those areas compared to other vendors.
Peter Arabomen - PeerSpot reviewer
Security Engineer at Fidelity Bank Plc
Has supported hybrid identity management while integrating well with cloud directory services
The only challenge I have with Microsoft Defender for Identity is the latency. I may not put that entirely on Microsoft, because latency could be network related. At times when trying to authenticate, the prompt is delayed. We tried implementing passwordless authentication, especially for on-premises workloads, but we haven't been able to achieve that. Passwordless authentication is part of the identity functionalities, particularly when it comes to enforcing passwordless for on-premises workloads. In terms of improvements, you can't create OUs on Azure AD. Regarding giving users privileges on what they can do across different OUs, I haven't seen that feature on Microsoft Defender for Identity. Microsoft Defender for Identity needs to be able to plug into third-party applications that are not Microsoft. For instance, with a human resource application used to manage users and leave requests, when staff leaves the organization, they are first exited from that application before AD. Integration between Azure AD and third-party applications would allow automatic syncing when removing staff. The initial setup of Microsoft Defender for Identity is not hard. However, setup is one thing, and getting value from the application end-to-end is another. It can be set up and running from the first day but not functioning optimally. Initially, when we did the setup, it wasn't optimal. Over time, with continuous improvement, which we're still doing, we've gotten to a comfortable level, but there's still room for improvement.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Azure Firewall Manager centralizes network security management with a hub and spoke architecture."
"We are utilizing Azure Entra ID for group labeling, so Active Directory, or now it is Entra ID, securing our application for everyone who accesses it, and Azure Firewall Manager is definitely securing our projects and all its features are fine."
"I would definitely recommend the solution to my clients, especially if one is using Azure Cloud."
"The solution is very easy to set up."
"The most valuable feature of Azure Firewall Manager is the testing and configuration."
"The most valuable feature is the web firewall, as it is easy to install and does not require any plugins for your browser."
"It has helped us in multiple ways; for example, we don't require different spaces to manage it, we can do a lot of automation integrations into the code, we could integrate it into the DevOps pipeline, and it has helped us with our time-to-market for a very specific product when we are actually deploying or upgrading."
"From a traffic management perspective, it's a good firewall because it's automatically scalable based on the traffic availability."
"The solution’s alerting is fairly efficient."
"In the security portfolio that we manage, Microsoft Defender for Identity is very important because it is the professional service that we sell the most."
"It is easy to set up. Based on the number of devices you would like to set up, you can use scripts, Group Policy, etc. It takes five minutes to set up."
"The most valuable features of Microsoft Defender for Identity include real-time information for threat detection, its inclusion of behavioral analytics, and vulnerability management."
"It gives you a holistic view of everything happening in your organization, and you can use it to do a lot of monitoring."
"One of our users had the same password for every personal and company account. That was a problem because she started receiving phishing emails that could compromise all of her accounts. Defender told us that the user was not changing their password."
"The most valuable aspect is its connection to Microsoft Sentinel and Defender for Endpoint, and giving exact timelines for incidents and when certain events occured during an incident."
"The most valuable feature is its hybrid artificial intelligence, which gathers forensic data to track and counteract security threats, much like the CSI series in effect."
 

Cons

"There should be a simple one-click deployment for a firewall, rather than a set of setup instructions that include steps such as the DNS configuration, et cetera."
"The price is okay. This said, the solution is certainly expensive in comparison with other cloud services."
"The cost is a significant concern because we are in a region where the dollar is not our default currency, and converting to dollars makes it very expensive."
"For Azure Firewall Manager, the learning curve for new people is a bit challenging, but the integration should be more straightforward for configuring a centralized system."
"Azure charges for many aspects including scaling, automated scaling deployment, and traffic management, which leads to higher costs."
"The configuration and settings require substantial time for learning, particularly for new users. Improvements in ease of configuration would benefit users significantly."
"The solution can improve the integration with open-source tools."
"The tool's security features need to improve. It needs also to include a monitoring system for logs. It is also complicated to find a query on the Azure firewall."
"There are issues with the alerts in Microsoft Defender for identity-related intra-protection detection anomalies. The alerts are missing some data, which makes it difficult to determine the exact sign-in event associated with the alert."
"I can't say that I've seen a return on investment since we have Microsoft Defender for Identity because we also have another security solution in place."
"One potential area for improvement could be exploring flexibility in the installation of Microsoft Defender for Identity agents."
"Defender for Identity gives us visibility, but we often get false positives from Azure that take us down the garden path. We go through 30 incidents each day and most of those are false positives or benign positive alerts. Occasionally, we get true positive alerts."
"Microsoft should look at what competing vendors like CrowdStrike and Broadcom are doing and incorporate those features into Sentinel and Defender. At the same time, I think the intelligence inside the product is improving fast. They should incorporate more zero-trust and hybrid trust approaches. They need to build up threat intelligence based on threats and methods used in attacks on other companies."
"The solution could be better at using group-managed access and they could replace it with broad-based access controls."
"When the data leaves the cloud, there are security issues."
"The impact of the sensors on the domain controllers can be quite high depending on your loads. I don't know if there's any room for improvement there, but that's one of the things that might be improved."
 

Pricing and Cost Advice

"The solution is certainly expensive in comparison with other cloud services."
"The price of the solution is reasonable but it is reasonable for the features."
"You won't be able to change your tenants from where you deploy them. For example, if you select Canada, they will charge you based on Canadian pricing. If you are also in London, when you deploy in Canada, the pound is higher than Canadian dollars, but your platform resources are billable in Canadian dollars. Using your pounds to pay for any of these things will be cheaper. Or, if you deploy in London, they will charge you based on your local currency."
"The product is costly, and we had multiple discussions with accounting to receive a discounted rate. However, on the open market, the tool is expensive."
"Microsoft Defender for Identity comes as part of the Microsoft E5 licensing stack."
"Defender for Identity is a little more expensive than other Microsoft products. Identity and Microsoft Defender for Cloud are both a bit costly."
"It is very affordable considering that other SIEM solutions are much more expensive and have many more licensing restrictions and fees."
report
Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
11%
Construction Company
11%
Educational Organization
9%
Computer Software Company
9%
Financial Services Firm
13%
Computer Software Company
10%
Manufacturing Company
10%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise2
Large Enterprise2
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise5
Large Enterprise15
 

Questions from the Community

What is your experience regarding pricing and costs for Azure Firewall Manager?
The pricing for Azure Firewall Manager is expensive. In our project, we have used both Palo Alto Firewall and Azure Firewall. Azure charges for many aspects including scaling, automated scaling dep...
What needs improvement with Azure Firewall Manager?
Azure Firewall is typically behind other vendor firewalls because we don't see what kind of traffic is traveling through it. That is one drawback. The main drawback is that we need log support from...
What is your primary use case for Azure Firewall Manager?
My customers are using Azure Firewall Manager, so I'm learning from both documentation and practical knowledge. I usually recommend Azure Firewall Manager for projects such as an animal hospital pr...
What needs improvement with Microsoft Defender for Identity?
I really would have to sit down to think about how Microsoft Defender for Identity can be improved. I didn't take stock in what needs to be improved because I appreciated having the tools right the...
What is your primary use case for Microsoft Defender for Identity?
My main use cases for Microsoft Defender for Identity include Conditional Access, checking risky users, remediating risky users, and user sign-ins. I can easily remediate or determine what the user...
What advice do you have for others considering Microsoft Defender for Identity?
I don't really use Microsoft Defender for Identity a lot because my new role doesn't allow me to take time to do so. I don't really use the threat intelligence feature of Microsoft Defender for Ide...
 

Also Known As

No data available
Azure Advanced Threat Protection, Azure ATP, MS Defender for Identity
 

Overview

 

Sample Customers

Information Not Available
Microsoft Defender for Identity is trusted by companies such as St. Luke’s University Health Network, Ansell, and more.
Find out what your peers are saying about Azure Firewall Manager vs. Microsoft Defender for Identity and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.