Azure Firewall Manager vs Microsoft Sentinel comparison

Azure Firewall Manager and Microsoft Sentinel are both solutions in the Microsoft Security Suite category. Azure Firewall Manager is ranked #27 with an average rating of 9.0, while Microsoft Sentinel is ranked #6 with an average rating of 8.3. Azure Firewall Manager holds a 0.5% mindshare in Microsoft Security Suite, compared to Microsoft Sentinel’s 5.1% mindshare. Additionally, 100% of Azure Firewall Manager users are willing to recommend the solution, compared to 93% of Microsoft Sentinel users who would recommend it.

Azure Firewall Manager

Read 6 Azure Firewall Manager reviews

308 Views
217 Comparison Views

100% willing to recommend

Microsoft Sentinel

Read 97 Microsoft Sentinel reviews

4,776 Views
2,988 Comparison Views

93% willing to recommend

Azure Firewall Manager

Microsoft Sentinel

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Azure Firewall Manager and Microsoft Sentinel based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Azure Firewall Manager vs. Microsoft Sentinel Report (Updated: April 2025).

Buyer's Guide

Azure Firewall Manager vs. Microsoft Sentinel

April 2025

Download the complete report

Helped 850,236 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Azure Firewall Manager

Ranking in Microsoft Security Suite

27th

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Firewall Security Management (12th)

Microsoft Sentinel

Ranking in Microsoft Security Suite

6th

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (3rd), Security Orchestration Automation and Response (SOAR) (1st), AI-Powered Cybersecurity Platforms (5th)

Mindshare comparison

As of May 2025, in the Microsoft Security Suite category, the mindshare of Azure Firewall Manager is 0.5%, up from 0.4% compared to the previous year. The mindshare of Microsoft Sentinel is 5.1%, down from 6.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Microsoft Security Suite

Featured Reviews

Rashedul Khan

Senior Software Engineer at cimsolutions

Security management has improved with centralized threat detection and automation

I have been using Azure actively in my company, engaging with various technologies such as Azure SQL Server, virtual machines, and other cloud-dependent development scenarios. To secure the environment, we sometimes utilize Azure Firewall Manager. We needed to manage different individual firewalls…

Read full review

KrishnanKartik

Cyber Security Consultant at Inspira Enterprise

Every rule enriched at triggering stage, easing the job of SOC analyst

It's a Big Data security analytics platform. Among the unique features is the fact that it has built-in UEBA and analytical capabilities. It allows you to use the out-of-the-box machine learning and AI capabilities, but it also allows you to bring your own AI/ML, by bringing in your own IPs and allowing the platform to accept them and run that on top of it. In addition, the SOAR component is a pay-per-use model. Compared to any other product, where customization is not available, you can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today. Other vendors charge heavily for the SOAR, but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer. The SOAR engine also uniquely helps us to automate most of the incidents with automated enrichment and that cuts out the L1 analyst work. And combining M365 with Sentinel, if you want to call it integration, takes just a few clicks: "next, next finish." If it is all M365-native, it is a maximum of three or four steps and you'll be able to ingest all the logs into Sentinel. That is true even with AWS or GCP because most of the connectors are already available out-of-the-box. You just click, put in your subscription details, include your IAM, and you are finished. Within five to six steps, you can integrate AWS workloads and the logs can be ingested into Sentinel. When it comes to a third party specifically, such as log sources in a data center or on-premises, we need a log collector so that the logs can be forwarded to the Sentinel platform. And when it comes to servers or something where there is an agent for Windows or Linux, the agent can collect the logs and ship them to the Sentinel platform. I don't see any difficulties in integrating any of the log sources, even to the extent of collecting IoT log sources. Microsoft Defender for Cloud has multiple components such as Defender for Servers, Defender for PaaS, and Defender for databases. For customers in Azure, there are a lot of use cases specific to protecting workloads and PaaS and SaaS in Azure and beyond Azure, if a customer also has on-premises locations. There is EDR for Windows and Linux servers, and it even protects different kinds of containers. With Defender for Cloud, all these sources can be seamlessly integrated and you can then track the security incidents in Microsoft's XDR platform. That means you have one more workspace, under Azure, not Defender for Cloud, where you can see the security incidents. In addition, it can be integrated with Sentinel for EDR deep-dive analytics. It can also protect workloads in AWS. We have customers for whom we are protecting their AWS workloads. Even EKS, Elastic Kubernetes Service, on AWS can be integrated, as can the GKE (Google Kubernetes Engine). And with Defender for Cloud, security alert ingestion is free

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution has improved our organization with its firewall."

"It is easy to install and does not require any plugins for your browser."

"Azure Firewall Manager centralizes network security management with a hub and spoke architecture."

"The tool's support is good."

"The solution is very easy to set up."

"The most valuable feature of Azure Firewall Manager is the testing and configuration."

"Azure Firewall Manager centralizes network security management with a hub and spoke architecture."

"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."

"Microsoft Sentinel's ability to correlate data from multiple sources has enhanced my threat detection capabilities beyond what simple data lake solutions offer."

"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."

"A lot of the automation inside Sentinel comes with inside actually rolling out brand new Sentinel environments. We utilize that a lot and it might go beyond just Sentinel, for example, utilizing templates in Azure and templates elsewhere to actually deploy out."

"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."

"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."

"The connectivity and analytics are great."

"The standout feature of Sentinel is that, because it's cloud-based and because it's from Microsoft, it integrates really well with all the other Microsoft products. It's really simple to set up and get going."

More Microsoft Sentinel pros

Cons

"The configuration and settings require substantial time for learning, particularly for new users."

"The price is okay. This said, the solution is certainly expensive in comparison with other cloud services."

"The configuration and settings require substantial time for learning, particularly for new users. Improvements in ease of configuration would benefit users significantly."

"The solution can improve the integration with open-source tools."

"The tool's security features need to improve. It needs also to include a monitoring system for logs. It is also complicated to find a query on the Azure firewall."

"We could do only one-way NAT-ing, where the traffic comes from outside to internal, to Azure, which is fine. However, when we actually do NAT-ed traffic to hit the firewall, that way is not working."

"There should be a simple one-click deployment for a firewall, rather than a set of setup instructions that include steps such as the DNS configuration, et cetera."

"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."

"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."

"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."

"In terms of improvements, pricing, licensing, and overall cost could be better."

"The playbook is a bit difficult and could be improved."

"We are invoiced according to the amount of data generated within each log."

"Microsoft Sentinel can be improved in terms of automation or connecting with security products so that it is easier to use for general IT admins."

"I think the number one area of improvement for Sentinel would be the cost."

More Microsoft Sentinel cons

Pricing and Cost Advice

"The solution is certainly expensive in comparison with other cloud services."

"The price of the solution is reasonable but it is reasonable for the features."

"Pricing for Microsoft Sentinel could always be lower, but it's workable. The ingestion costs for the data analytics is usually the highest cost, but the licensing per Microsoft Sentinel is fairly straightforward and transparent."

"The product is costly compared to Splunk."

"It is consumption-based pricing. It is an affordable solution."

"Sentinel is expensive relative to other products of the class, so it often isn't affordable for small-scale businesses. However, considering the solution has more extensive capabilities than others, the price is not so high. Pricing is based on GBs of ingested daily data, either by a pay-as-you-go or subscription model."

"The pricing is reasonable, and we think Sentinel is worth what we pay for it."

"Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

"Microsoft Sentinel is expensive."

"The are two native advantages for customers that use M365 Security and Sentinel. The first advantage is that the log or security-event ingestion into Sentinel is free. Cost-wise, they're saving a lot and that is a major advantage."

More Microsoft Sentinel pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.

See recommendations

850,236 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

21%

Computer Software Company

18%

Government

10%

Manufacturing Company

10%

Computer Software Company

16%

Financial Services Firm

11%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Azure Firewall Manager?

The most valuable feature of Azure Firewall Manager is the testing and configuration.

See all answers

What is your experience regarding pricing and costs for Azure Firewall Manager?

The pricing for Azure Firewall Manager seems okay compared to its good features. Although extra expenses are incurred for additional services, these are not directly related to the firewall, and th...

See all answers

What needs improvement with Azure Firewall Manager?

The configuration and settings require substantial time for learning, particularly for new users. Improvements in ease of configuration would benefit users significantly.

See all answers

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?

Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

Comparisons

Azure Firewall vs Azure Firewall Manager

Compared 37% of the time

FortiGate Cloud-Native Firewall (FortiGate CNF) vs Azure Firewall Manager

Compared 23% of the time

Palo Alto Networks Panorama vs Azure Firewall Manager

Compared 19% of the time

AlgoSec vs Azure Firewall Manager

Compared 12% of the time

AWS Firewall Manager vs Azure Firewall Manager

Compared 9% of the time

More Azure Firewall Manager Competitors

AWS Security Hub vs Microsoft Sentinel

Compared 21% of the time

IBM Security QRadar vs Microsoft Sentinel

Compared 8% of the time

Cortex XSIAM vs Microsoft Sentinel

Compared 8% of the time

Wazuh vs Microsoft Sentinel

Compared 5% of the time

Google Chronicle Suite vs Microsoft Sentinel

Compared 5% of the time

More Microsoft Sentinel Competitors

Product Reports

Buyer's Guide

Firewall Security Management

April 2025

Download Azure Firewall Manager product report

Buyer's Guide

Microsoft Sentinel

April 2025

Download Microsoft Sentinel product report

Also Known As

No data available

Azure Sentinel

Overview

Azure Firewall Manager is a security management service that provides central security policy and route management for cloud-based security perimeters.

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft

Sample Customers

Information Not Available

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

Buyer's Guide

Azure Firewall Manager vs. Microsoft Sentinel

April 2025

Free Report: Azure Firewall Manager vs. Microsoft Sentinel

Find out what your peers are saying about Azure Firewall Manager vs. Microsoft Sentinel and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,236 professionals have used our research since 2012.

See our Azure Firewall Manager vs. Microsoft Sentinel report.

See our list of best Microsoft Security Suite vendors.

We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.