Azure Firewall Manager vs Microsoft Defender for Identity comparison

Azure Firewall Manager and Microsoft Defender for Identity are both solutions in the Microsoft Security Suite category. Azure Firewall Manager is ranked #26 with an average rating of 9.3, while Microsoft Defender for Identity is ranked #4 with an average rating of 8.8. Azure Firewall Manager holds a 0.8% mindshare in Microsoft Security Suite, compared to Microsoft Defender for Identity’s 6.0% mindshare. Additionally, 85% of Azure Firewall Manager users are willing to recommend the solution, compared to 100% of Microsoft Defender for Identity users who would recommend it.

Azure Firewall Manager

Read 9 Azure Firewall Manager reviews

852 Views
349 Comparison Views

85% willing to recommend

Microsoft Defender for Iden...

Read 28 Microsoft Defender for Identity reviews

6,417 Views
3,594 Comparison Views

100% willing to recommend

Azure Firewall Manager

Microsoft Defender for Iden...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Azure Firewall Manager and Microsoft Defender for Identity based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Azure Firewall Manager vs. Microsoft Defender for Identity Report (Updated: December 2025).

Buyer's Guide

Azure Firewall Manager vs. Microsoft Defender for Identity

December 2025

Download the complete report

Helped 881,082 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Azure Firewall Manager

Ranking in Microsoft Security Suite

26th

Average Rating

8.6

Reviews Sentiment

4.8

Number of Reviews

Ranking in other categories

Firewall Security Management (10th)

Microsoft Defender for Iden...

Ranking in Microsoft Security Suite

4th

Average Rating

8.8

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Advanced Threat Protection (ATP) (8th), Identity Threat Detection and Response (ITDR) (3rd)

Mindshare comparison

As of January 2026, in the Microsoft Security Suite category, the mindshare of Azure Firewall Manager is 0.8%, up from 0.5% compared to the previous year. The mindshare of Microsoft Defender for Identity is 6.0%, down from 7.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Microsoft Security Suite Market Share Distribution
Product	Market Share (%)
Microsoft Defender for Identity	6.0%
Azure Firewall Manager	0.8%
Other	93.2%

Microsoft Security Suite

Featured Reviews

Sikkander Batcha

DevOps Engineer at CloudIQ

Has managed traffic effectively but lacks visibility and advanced control features

Azure Firewall is typically behind other vendor firewalls because we don't see what kind of traffic is traveling through it. That is one drawback. The main drawback is that we need log support from Azure Firewall, which can be quite costly. There is no login feature in Azure Firewall because only the IAM feature is available in the Azure site; we manage it only through the Azure portal, not through any other portal. Other vendors, such as Palo Alto, provide GUI or CLI interfaces to manage their firewalls, whereas we only manage Azure Firewall through the Azure portal. In the future, I would like to see additional features in Azure Firewall Manager to make it more competitive, such as technologies like App-ID and User-ID that Palo Alto has. Azure Firewall currently only allows traffic based on layer four and sometimes layer seven, so they need to improve in those areas compared to other vendors.

Read full review

Ram-Krish

Cloud Security & Governance at a financial services firm with 10,001+ employees

Protect on-premises and hybrid environments with advanced threat detection and seamless integration

Our Active Directory implementation is a hybrid one. The advanced threat protection is one of the strengths of Microsoft Defender for Identity, as it utilizes user and entity analytics and can detect indicative attacks. It identifies lateral movements, privilege escalations, and alerts on potential attacks. The tool is also used for security posture assessment. The seamless integration with other Microsoft solutions within our Microsoft-centric environment is also a major advantage.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"From a traffic management perspective, it's a good firewall because it's automatically scalable based on the traffic availability."

"The solution is very easy to set up."

"The solution has improved our organization with its firewall."

"We are utilizing Azure Entra ID for group labeling, so Active Directory, or now it is Entra ID, securing our application for everyone who accesses it, and Azure Firewall Manager is definitely securing our projects and all its features are fine."

"The tool's support is good."

"Azure Firewall Manager centralizes network security management with a hub and spoke architecture."

More Azure Firewall Manager pros

"The feature I like the most about Defender for Identity is the entity tags. They give you the ability to identify sensitive accounts, devices, and groups. You also have honeytoken entities, which are devices that are identified as "bait" for fraudulent actors."

"I would rate Microsoft Defender for Identity at nine out of ten."

"The best feature is security monitoring, which detects and investigates suspicious user activities. It can easily detect advanced attacks based on the behavior. The credentials are securely stored, so it reduces the risk of compromise. It will monitor user behavior based on artificial intelligence to protect the identities in your organization. It will even help secure the on-premise Active Directory. It syncs from the cloud to on-premise, and on-premise modifications will be reflected in the cloud."

"It automates routine testing and helps automate the finding of high-value alerts."

"Defender for Identity has not affected the end-user experience."

"The solution offers excellent visibility into threats."

"All the integration it has with different Microsoft packages, like Teams and Office, is good."

"The solution’s alerting is fairly efficient."

More Microsoft Defender for Identity pros

Cons

"The configuration and settings require substantial time for learning, particularly for new users."

"Azure charges for many aspects including scaling, automated scaling deployment, and traffic management, which leads to higher costs."

"There should be a simple one-click deployment for a firewall, rather than a set of setup instructions that include steps such as the DNS configuration, et cetera."

"The configuration and settings require substantial time for learning, particularly for new users. Improvements in ease of configuration would benefit users significantly."

"For Azure Firewall Manager, the learning curve for new people is a bit challenging, but the integration should be more straightforward for configuring a centralized system."

"The solution can improve the integration with open-source tools."

"The cost is a significant concern because we are in a region where the dollar is not our default currency, and converting to dollars makes it very expensive."

More Azure Firewall Manager cons

"Defender for Identity gives us visibility, but we often get false positives from Azure that take us down the garden path. We go through 30 incidents each day and most of those are false positives or benign positive alerts. Occasionally, we get true positive alerts."

"Microsoft should look at what competing vendors like CrowdStrike and Broadcom are doing and incorporate those features into Sentinel and Defender. At the same time, I think the intelligence inside the product is improving fast. They should incorporate more zero-trust and hybrid trust approaches. They need to build up threat intelligence based on threats and methods used in attacks on other companies."

"The technical support needs significant improvement. Documentation for more minor issues in the form of guides or walkthroughs could help to resolve this issue. The number of tickets raised would decrease, removing some pressure from the support team and making it easier to clear the remaining tickets."

"The documentation provided by Microsoft is often seen as a waste of time."

"They should improve the automation for impossible travel detection. When connected to Wi-Fi and then to VPN, the system sometimes interprets the IP address change as impossible travel."

"Microsoft Defender for Identity does not save me time, but I think it is the way that I secure the data."

"I would like to be able to do remediation from the platform because it is just a scanner right now. If you onboard a device, it shows you what is happening, but you can't use it to fix things. You need to go into the system to fix it instead."

"The areas of Microsoft Defender for Identity that can be improved include its cost, which is quite expensive when integrated into Sentinel. Additionally, there is room for improvement in its integration with non-Microsoft applications and systems."

More Microsoft Defender for Identity cons

Pricing and Cost Advice

"The price of the solution is reasonable but it is reasonable for the features."

"The solution is certainly expensive in comparison with other cloud services."

"It is very affordable considering that other SIEM solutions are much more expensive and have many more licensing restrictions and fees."

"Microsoft Defender for Identity comes as part of the Microsoft E5 licensing stack."

"Defender for Identity is a little more expensive than other Microsoft products. Identity and Microsoft Defender for Cloud are both a bit costly."

"You won't be able to change your tenants from where you deploy them. For example, if you select Canada, they will charge you based on Canadian pricing. If you are also in London, when you deploy in Canada, the pound is higher than Canadian dollars, but your platform resources are billable in Canadian dollars. Using your pounds to pay for any of these things will be cheaper. Or, if you deploy in London, they will charge you based on your local currency."

"The product is costly, and we had multiple discussions with accounting to receive a discounted rate. However, on the open market, the tool is expensive."

See which vendors are best for you

Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.

See recommendations

881,082 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

21%

Computer Software Company

18%

Educational Organization

Retailer

Financial Services Firm

13%

Computer Software Company

12%

Manufacturing Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	2
Large Enterprise	2

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	4
Large Enterprise	14

Questions from the Community

What do you like most about Azure Firewall Manager?

The most valuable feature of Azure Firewall Manager is the testing and configuration.

See all answers

What is your experience regarding pricing and costs for Azure Firewall Manager?

The pricing for Azure Firewall Manager is expensive. In our project, we have used both Palo Alto Firewall and Azure Firewall. Azure charges for many aspects including scaling, automated scaling dep...

See all answers

What needs improvement with Azure Firewall Manager?

See all answers

What needs improvement with Microsoft Defender for Identity?

I really would have to sit down to think about how Microsoft Defender for Identity can be improved. I didn't take stock in what needs to be improved because I appreciated having the tools right the...

See all answers

What is your primary use case for Microsoft Defender for Identity?

My main use cases for Microsoft Defender for Identity include Conditional Access, checking risky users, remediating risky users, and user sign-ins. I can easily remediate or determine what the user...

See all answers

What advice do you have for others considering Microsoft Defender for Identity?

I don't really use Microsoft Defender for Identity a lot because my new role doesn't allow me to take time to do so. I don't really use the threat intelligence feature of Microsoft Defender for Ide...

See all answers

Comparisons

FortiGate Cloud-Native Firewall (FortiGate CNF) vs Azure Firewall Manager

Compared 22% of the time

Azure Firewall vs Azure Firewall Manager

Compared 16% of the time

AlgoSec vs Azure Firewall Manager

Compared 14% of the time

Palo Alto Networks Panorama vs Azure Firewall Manager

Compared 11% of the time

FireMon Security Manager vs Azure Firewall Manager

Compared 9% of the time

More Azure Firewall Manager Competitors

Microsoft Purview Insider Risk Management vs Microsoft Defender for Identity

Compared 14% of the time

Microsoft Entra ID Protection vs Microsoft Defender for Identity

Compared 12% of the time

CrowdStrike Falcon vs Microsoft Defender for Identity

Compared 11% of the time

Microsoft Defender for Endpoint vs Microsoft Defender for Identity

Compared 6% of the time

BloodHound Enterprise vs Microsoft Defender for Identity

Compared 6% of the time

More Microsoft Defender for Identity Competitors

Product Reports

Buyer's Guide

Azure Firewall Manager

January 2026

Download Azure Firewall Manager product report

Buyer's Guide

Microsoft Defender for Identity

January 2026

Download Microsoft Defender for Identity product report

Also Known As

No data available

Azure Advanced Threat Protection, Azure ATP, MS Defender for Identity

Overview

Azure Firewall Manager is a security management service that provides central security policy and route management for cloud-based security perimeters.

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft

Microsoft Defender for Identity offers real-time threat detection and protection for hybrid Active Directory environments. It integrates with Microsoft 365 components for seamless security and monitors advanced behaviors, enhancing identity protection across cloud and on-premises environments.

Microsoft Defender for Identity provides detailed threat insights and user behavior analytics to detect unauthorized access and notify anomalies. It allows setting custom detection rules, enhancing threat response automation. While it needs improvements in cloud security, SIEM integration, and access controls, users leverage its ability to mitigate identity threats like suspicious logins and ransomware. Enhanced integration with Microsoft security products ensures a coordinated threat response for identity control and privilege management.

What are the key features of Microsoft Defender for Identity?

Active Directory Federation: Seamlessly integrates with Microsoft 365 for comprehensive security.
Real-time Security Monitoring: Provides immediate insights into advanced user behaviors and potential threats.
Threat Insights: Delivers detailed analysis of threats with the ability to customize detection rules.
User Behavior Analytics: Analyzes user activities to detect anomalies and potential risks.
Identity Protection: Offers comprehensive protection in both cloud and on-premises environments.

What benefits should users expect from reviews of Microsoft Defender for Identity?

Unauthorized Access Prevention: Identifies potential unauthorized activities with advanced detection mechanisms.
Anomaly Notification: Alerts users to unexpected activities within their environments.
Threat Response Automation: Facilitates rapid response to threats with automated solutions.
Enhanced Cloud Security: Strengthens identity management across hybrid and cloud frameworks.

In specific industries, organizations implement Microsoft Defender for Identity to secure on-premises and hybrid Active Directory environments through user and entity behavior analytics, malicious activity detection, and integration with Microsoft security tools. This approach enhances security posture assessment and helps mitigate identity threats like identity harvesting and unauthorized access.

Microsoft

Sample Customers

Information Not Available

Microsoft Defender for Identity is trusted by companies such as St. Luke’s University Health Network, Ansell, and more.

Buyer's Guide

Azure Firewall Manager vs. Microsoft Defender for Identity

December 2025

Free Report: Azure Firewall Manager vs. Microsoft Defender for Identity

Find out what your peers are saying about Azure Firewall Manager vs. Microsoft Defender for Identity and other solutions. Updated: December 2025.

DOWNLOAD NOW

881,082 professionals have used our research since 2012.

See our Azure Firewall Manager vs. Microsoft Defender for Identity report.

See our list of best Microsoft Security Suite vendors.

We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.