Azure Firewall Manager vs Microsoft Defender for Identity comparison

Azure Firewall Manager vs. Microsoft Defender for Identity

Download the complete report

Helped 860,592 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Azure Firewall Manager

Ranking in Microsoft Security Suite

28th

Average Rating

8.6

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Firewall Security Management (11th)

Microsoft Defender for Iden...

Ranking in Microsoft Security Suite

5th

Average Rating

8.8

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Advanced Threat Protection (ATP) (5th), Identity Threat Detection and Response (ITDR) (3rd)

Mindshare comparison

As of July 2025, in the Microsoft Security Suite category, the mindshare of Azure Firewall Manager is 0.5%, up from 0.5% compared to the previous year. The mindshare of Microsoft Defender for Identity is 6.9%, up from 6.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Microsoft Security Suite

Featured Reviews

MuhammadShakeel

Senior System Engineer at Confiz Solutions

Manages multiple firewalls effortlessly but faces challenges with cost efficiency

Azure Firewall Manager is good most of the time, but it could be improved regarding cost. The cost is a significant concern because we are in a region where the dollar is not our default currency, and converting to dollars makes it very expensive. Microsoft should calculate and show the products in local currencies, such as PKR or Bangladesh currency, and also introduce Indian currency similarly for Pakistan. The technical support could be improved. When a resource is assigned, that resource should follow the ticket and respond swiftly, including sending an email to inform me that an agent has been assigned. I still find myself waiting for an agent to connect with me and resolve my issues. I have not been integrating Azure Firewall Manager with Azure Virtual WAN.

Read full review

ROBERT-CHRISTIAN

CTO at kyndryl

Integration within the ecosystem enhances collaboration and automates functionalities

The integration into the Microsoft Defender ecosystem is the most valuable feature of Microsoft Defender for Identity. It fits very nicely with all the other Defender tools, allowing for excellent collaboration among them. It also fits seamlessly into Microsoft Sentinel SIEM. Furthermore, Microsoft security solutions can save time as they allow the automation of numerous functionalities, and the reporting inside the Microsoft ecosystem is commendable.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The best feature of Azure Firewall Manager is that it is easy to maintain and configure."

"Azure Firewall Manager centralizes network security management with a hub and spoke architecture."

"The solution is very easy to set up."

"It is easy to install and does not require any plugins for your browser."

"The solution has improved our organization with its firewall."

"The most valuable feature of Azure Firewall Manager is the testing and configuration."

"Azure Firewall Manager centralizes network security management with a hub and spoke architecture."

"The tool's support is good."

More Azure Firewall Manager pros

"The advanced threat protection is one of the strengths of Microsoft Defender for Identity, as it utilizes user and entity analytics and can detect indicative attacks."

"The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors."

"All the integration it has with different Microsoft packages, like Teams and Office, is good."

"The most valuable aspect is its connection to Microsoft Sentinel and Defender for Endpoint, and giving exact timelines for incidents and when certain events occured during an incident."

"It automates routine testing and helps automate the finding of high-value alerts."

"This solution has advanced a lot over the last few years."

"The basic security monitoring at its core feature is the most valuable aspect. But also the investigative parts, the historical logging of events over the network are extremely interesting because it gives an in-depth insight into the history of account activity that is really easy to read, easy to follow, and easy to export."

"The most valuable feature is its hybrid artificial intelligence, which gathers forensic data to track and counteract security threats, much like the CSI series in effect."

More Microsoft Defender for Identity pros

Cons

"The configuration and settings require substantial time for learning, particularly for new users."

"The price is okay. This said, the solution is certainly expensive in comparison with other cloud services."

"The configuration and settings require substantial time for learning, particularly for new users. Improvements in ease of configuration would benefit users significantly."

"There should be a simple one-click deployment for a firewall, rather than a set of setup instructions that include steps such as the DNS configuration, et cetera."

"The cost is a significant concern because we are in a region where the dollar is not our default currency, and converting to dollars makes it very expensive."

"For Azure Firewall Manager, the learning curve for new people is a bit challenging, but the integration should be more straightforward for configuring a centralized system."

"The tool's security features need to improve. It needs also to include a monitoring system for logs. It is also complicated to find a query on the Azure firewall."

"We could do only one-way NAT-ing, where the traffic comes from outside to internal, to Azure, which is fine. However, when we actually do NAT-ed traffic to hit the firewall, that way is not working."

More Azure Firewall Manager cons

"Feedback on sync issues with the Microsoft portal highlighted its slow nature, with syncs sometimes taking eight hours."

"The tracking instance needs to be configured appropriately."

"One improvement I would recommend is the integration of an admin application within Teams, allowing easy access to attack information on a mobile platform to promptly alert affected users and their friends."

"Microsoft should look at what competing vendors like CrowdStrike and Broadcom are doing and incorporate those features into Sentinel and Defender. At the same time, I think the intelligence inside the product is improving fast. They should incorporate more zero-trust and hybrid trust approaches. They need to build up threat intelligence based on threats and methods used in attacks on other companies."

"The technical support needs significant improvement. Documentation for more minor issues in the form of guides or walkthroughs could help to resolve this issue. The number of tickets raised would decrease, removing some pressure from the support team and making it easier to clear the remaining tickets."

"The areas of Microsoft Defender for Identity that can be improved include its cost, which is quite expensive when integrated into Sentinel. Additionally, there is room for improvement in its integration with non-Microsoft applications and systems."

"There is no option to remedy an issue directly from the console. If we see an alert, we can't fix it from the console. Instead, we must depend on other Microsoft products, such as MDE. That is a significant drawback. It simply works as a scanner, which can sometimes put enough load on the sensors. Immediate actions should be possible from the dashboard because. It can prevent issues from spreading further."

"The impact of the sensors on the domain controllers can be quite high depending on your loads. I don't know if there's any room for improvement there, but that's one of the things that might be improved."

More Microsoft Defender for Identity cons

Pricing and Cost Advice

"The price of the solution is reasonable but it is reasonable for the features."

"The solution is certainly expensive in comparison with other cloud services."

"You won't be able to change your tenants from where you deploy them. For example, if you select Canada, they will charge you based on Canadian pricing. If you are also in London, when you deploy in Canada, the pound is higher than Canadian dollars, but your platform resources are billable in Canadian dollars. Using your pounds to pay for any of these things will be cheaper. Or, if you deploy in London, they will charge you based on your local currency."

"Microsoft Defender for Identity comes as part of the Microsoft E5 licensing stack."

"The product is costly, and we had multiple discussions with accounting to receive a discounted rate. However, on the open market, the tool is expensive."

"Defender for Identity is a little more expensive than other Microsoft products. Identity and Microsoft Defender for Cloud are both a bit costly."

"It is very affordable considering that other SIEM solutions are much more expensive and have many more licensing restrictions and fees."

See which vendors are best for you

Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.

See recommendations

860,592 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

21%

Computer Software Company

20%

Manufacturing Company

Government

Computer Software Company

15%

Financial Services Firm

13%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Azure Firewall Manager?

The most valuable feature of Azure Firewall Manager is the testing and configuration.

What is your experience regarding pricing and costs for Azure Firewall Manager?

The pricing for Azure Firewall Manager seems okay compared to its good features. Although extra expenses are incurred for additional services, these are not directly related to the firewall, and th...

What needs improvement with Azure Firewall Manager?

What do you like most about Microsoft Defender for Identity?

Microsoft Defender for Identity provides excellent visibility into threats by leveraging real-time analytics and data intelligence.

What needs improvement with Microsoft Defender for Identity?

For improvement, I need to complete the testing. We are currently in the initial phase. Improvement insights will be shared post the thorough testing phase. We have just started using it a month ag...

What is your primary use case for Microsoft Defender for Identity?

We are performing testing under Microsoft Defender for Identity ( /products/microsoft-defender-for-identity-reviews ). The implementation is very recent, as we started using it about a month ago.We...

Azure Firewall vs Azure Firewall Manager

Comparisons

Compared 35% of the time

FortiGate Cloud-Native Firewall (FortiGate CNF) vs Azure Firewall Manager

Compared 28% of the time

Palo Alto Networks Panorama vs Azure Firewall Manager

Compared 15% of the time

AlgoSec vs Azure Firewall Manager

Compared 12% of the time

AWS Firewall Manager vs Azure Firewall Manager

Compared 9% of the time

More Azure Firewall Manager Competitors

Microsoft Entra ID Protection vs Microsoft Defender for Identity

Compared 22% of the time

Microsoft Purview Insider Risk Management vs Microsoft Defender for Identity

Compared 13% of the time

CrowdStrike Falcon vs Microsoft Defender for Identity

Compared 10% of the time

BloodHound Enterprise vs Microsoft Defender for Identity

Compared 7% of the time

Microsoft Defender for Endpoint vs Microsoft Defender for Identity

Compared 6% of the time

More Microsoft Defender for Identity Competitors

Product Reports

Firewall Security Management

Download Azure Firewall Manager product report

Microsoft Defender for Identity

Download Microsoft Defender for Identity product report

Also Known As

No data available

Azure Advanced Threat Protection, Azure ATP, MS Defender for Identity

Overview

Azure Firewall Manager is a security management service that provides central security policy and route management for cloud-based security perimeters.

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft

Microsoft Defender for Identity integrates with Microsoft tools to monitor user activity, providing advanced threat detection and analysis using AI. It enhances proactive threat response and security visibility, making it essential for securing on-premises and cloud environments like Active Directory.

Microsoft Defender for Identity offers comprehensive monitoring and AI-driven user behavior analysis. It detects threats through real-time alerts and identifies lateral movements and entity tagging, ensuring robust security management. With excellent visibility via its dashboard, it supports customized detection rules and seamlessly integrates with SIEM platforms. While SecureScore and SecureScan provide robust environment security, there is room for improvement in cloud security, on-premises application integration, and remediation capabilities. Azure integration is limited, and the administrative interface could be more user-friendly. Users experience frequent false positives, affecting threat detection efficiency.

What key features stand out in Microsoft Defender for Identity?

Integration with Microsoft Tools: Ensures comprehensive protection across environments.
AI-driven Behavior Analysis: Uses artificial intelligence to analyze user actions.
Real-time Threat Detection: Provides immediate alerts to potential threats.
Lateral Movement Identification: Detects unusual lateral access among users.
Dashboards with Visibility: Offers insights into security issues with customization options.
SIEM Integration: Works seamlessly with security information and event management systems.

What benefits should users look for when reviewing Microsoft Defender for Identity?

Enhanced Threat Prioritization: Helps in effective identification and tackling of threats.
Improved Proactive Responses: Facilitates a prompt and efficient response mechanism.
Security Across Environments: Protects both on-premises and cloud-based infrastructures.
Optimized Conditional Access: Manages policies to enhance security protocol efficacy.

In specific industries such as education and finance, Microsoft Defender for Identity is crucial for securing on-premises Active Directory and Azure Active Directory environments. It effectively detects suspicious activities and manages conditional access policies, offering user and entity behavior analytics, endpoint detection and response capabilities. This helps prevent unauthorized access and strengthens overall security, making it an invaluable asset for organizations aiming to safeguard their digital infrastructure.

Microsoft

Sample Customers

Information Not Available

Microsoft Defender for Identity is trusted by companies such as St. Luke’s University Health Network, Ansell, and more.

Azure Firewall Manager vs. Microsoft Defender for Identity