No more typing reviews! Try our Samantha, our new voice AI agent.

Azure Firewall Manager vs Microsoft Sentinel comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Azure Firewall Manager
Ranking in Microsoft Security Suite
25th
Average Rating
8.6
Reviews Sentiment
5.4
Number of Reviews
9
Ranking in other categories
Firewall Security Management (11th)
Microsoft Sentinel
Ranking in Microsoft Security Suite
6th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
108
Ranking in other categories
Security Information and Event Management (SIEM) (4th), Security Orchestration Automation and Response (SOAR) (2nd), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

As of July 2026, in the Microsoft Security Suite category, the mindshare of Azure Firewall Manager is 1.2%, up from 0.5% compared to the previous year. The mindshare of Microsoft Sentinel is 4.9%, down from 5.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Microsoft Security Suite Mindshare Distribution
ProductMindshare (%)
Microsoft Sentinel4.9%
Azure Firewall Manager1.2%
Other93.9%
Microsoft Security Suite
 

Featured Reviews

Sikkander  Batcha - PeerSpot reviewer
DevOps Engineer at CloudIQ
Has managed traffic effectively but lacks visibility and advanced control features
Azure Firewall is typically behind other vendor firewalls because we don't see what kind of traffic is traveling through it. That is one drawback. The main drawback is that we need log support from Azure Firewall, which can be quite costly. There is no login feature in Azure Firewall because only the IAM feature is available in the Azure site; we manage it only through the Azure portal, not through any other portal. Other vendors, such as Palo Alto, provide GUI or CLI interfaces to manage their firewalls, whereas we only manage Azure Firewall through the Azure portal. In the future, I would like to see additional features in Azure Firewall Manager to make it more competitive, such as technologies like App-ID and User-ID that Palo Alto has. Azure Firewall currently only allows traffic based on layer four and sometimes layer seven, so they need to improve in those areas compared to other vendors.
Kallamuddin Ansari - PeerSpot reviewer
Cyber Security Consultant at HR Software Solution
Centralized monitoring has improved threat response but cost control still needs refinement
Based on real operations used in our corporate IT environment, the key features include log correlation and incident view. Microsoft Sentinel's biggest strength is how it correlates multiple related alerts into a single incident. This significantly reduces alert noise and helps the SOC focus on real threats instead of isolated events. Another valuable feature is KQL-based threat hunting with Kusto Query Language. The flexibility of this language allows us to build custom hunting queries based on our environment's behavior. This is extremely useful for detecting low and slow threats or hidden threats that default rules may miss. Cloud-native scalability and stability is another important feature. Being cloud-native, Microsoft Sentinel scales well for medium to large corporate environments without infrastructure management. Stability has been solid in day-to-day production. SOAR automation using playbooks is a feature we highly recommend. Microsoft Sentinel's SOAR functionality helps automate repetitive SOC tasks like alert enrichment and notification. This saves analyst time and improves response consistency.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is very easy to set up."
"Azure Firewall Manager centralizes network security management with a hub and spoke architecture."
"The solution has improved our organization with its firewall."
"The most valuable feature is the web firewall, as it is easy to install and does not require any plugins for your browser."
"The most valuable feature of Azure Firewall Manager is the testing and configuration."
"The tool's support is good."
"From a traffic management perspective, it's a good firewall because it's automatically scalable based on the traffic availability."
"It has helped us in multiple ways; for example, we don't require different spaces to manage it, we can do a lot of automation integrations into the code, we could integrate it into the DevOps pipeline, and it has helped us with our time-to-market for a very specific product when we are actually deploying or upgrading."
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"Microsoft Sentinel provides me with a unified set of tools to detect, investigate, and respond to incidents, which is something I greatly value."
"The solution saves us time by 75%."
"We have no complaints about the features or functionality."
"The UI-based analytics are excellent."
"In terms of Sentinel, it's a best-in-class solution."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"The dashboard that allows me to view all the incidents is the most valuable feature."
 

Cons

"The configuration and settings require substantial time for learning, particularly for new users. Improvements in ease of configuration would benefit users significantly."
"With Azure Firewall, the problem is that the NAT-ing still has to be improved."
"For Azure Firewall Manager, the learning curve for new people is a bit challenging, but the integration should be more straightforward for configuring a centralized system."
"We could do only one-way NAT-ing, where the traffic comes from outside to internal, to Azure, which is fine. However, when we actually do NAT-ed traffic to hit the firewall, that way is not working."
"Microsoft was unable to fully solve the problem with email phishing and spamming."
"The cost is a significant concern because we are in a region where the dollar is not our default currency, and converting to dollars makes it very expensive."
"The tool's security features need to improve. It needs also to include a monitoring system for logs. It is also complicated to find a query on the Azure firewall."
"Azure charges for many aspects including scaling, automated scaling deployment, and traffic management, which leads to higher costs."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Microsoft Sentinel is definitely costly. If we factor in the cost of other services, MCAS, MDI, and Microsoft Defender for Cloud, it gets seriously costly, to the extent that we cannot enable it across the organization."
"Azure Sentinel is very costly, or at least it appears to be very costly."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"With non-Microsoft products, there are definitely integration issues. Exporting the logs is very difficult, and the API calls are not being generated frequently from the Microsoft end."
"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."
"I think the number one area of improvement for Sentinel would be the cost."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
 

Pricing and Cost Advice

"The price of the solution is reasonable but it is reasonable for the features."
"The solution is certainly expensive in comparison with other cloud services."
"I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
"Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
"Sentinel can be expensive. When you ingest data from sources that are outside of the cloud, you're paying a fair amount for that data ingestion. When you're ingesting data sources from within the cloud, depending on what your retention periods are, it's not that expensive."
"Microsoft Sentinel requires an E5 license."
"It is priced fairly given the value that you get from the use of the product. The biggest mistake people make with Microsoft Sentinel is not understanding the pricing model and the amount of data that they are going to be running through the tool because you are paying based on the flow. You are paying based on the amount of data that is moving through the tool. People do not plan, and therefore, they get surprised by the cost associated with using the tool. They connect everything because they want to know everything, but connecting everything is very expensive."
"It is consumption-based pricing. It is an affordable solution."
"I don't know yet because they gave us a 30-day test window for free."
"The product is costly compared to Splunk."
report
Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
11%
Construction Company
11%
Educational Organization
9%
Computer Software Company
9%
Financial Services Firm
11%
Manufacturing Company
11%
Computer Software Company
10%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise2
Large Enterprise2
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise24
Large Enterprise46
 

Questions from the Community

What is your experience regarding pricing and costs for Azure Firewall Manager?
The pricing for Azure Firewall Manager is expensive. In our project, we have used both Palo Alto Firewall and Azure Firewall. Azure charges for many aspects including scaling, automated scaling dep...
What needs improvement with Azure Firewall Manager?
Azure Firewall is typically behind other vendor firewalls because we don't see what kind of traffic is traveling through it. That is one drawback. The main drawback is that we need log support from...
What is your primary use case for Azure Firewall Manager?
My customers are using Azure Firewall Manager, so I'm learning from both documentation and practical knowledge. I usually recommend Azure Firewall Manager for projects such as an animal hospital pr...
Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?
Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...
What is a better choice, Splunk or Azure Sentinel?
It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...
Which is better - Azure Sentinel or AWS Security Hub?
We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...
 

Also Known As

No data available
Azure Sentinel
 

Overview

 

Sample Customers

Information Not Available
Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
Find out what your peers are saying about Azure Firewall Manager vs. Microsoft Sentinel and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.