Azure Firewall vs Microsoft Defender for Cloud Apps comparison

Azure Firewall vs. Microsoft Defender for Cloud Apps

Download the complete report

Helped 849,686 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Azure Firewall

Ranking in Microsoft Security Suite

10th

Average Rating

7.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Firewalls (14th)

Microsoft Defender for Clou...

Ranking in Microsoft Security Suite

13th

Average Rating

8.4

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Cloud Access Security Brokers (CASB) (5th), Advanced Threat Protection (ATP) (12th)

Mindshare comparison

As of May 2025, in the Microsoft Security Suite category, the mindshare of Azure Firewall is 4.2%, down from 5.1% compared to the previous year. The mindshare of Microsoft Defender for Cloud Apps is 2.8%, up from 1.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Microsoft Security Suite

Featured Reviews

AnvarSadique

Information Technology Architect at GMS INC

Easy setup and effective traffic routing enhance security

In terms of improvements, I think the price could be a concern as Azure ( /products/microsoft-azure-reviews ) services are often more expensive compared to other firewalls. However, the functional aspects of Azure Firewall met our needs. While I found the interface not particularly user-friendly, this is a common issue across vendors.

Read full review

Jagadeesh Gunasekaran

Cyber security engineer at a tech services company with 10,001+ employees

Saves us time, has good visibility, and a single dashboard

The solution is user-friendly and provides great visibility into threats. There are easy options available for specific workflow inspections. We can also get support by going through the Microsoft documentation, which is straightforward. Microsoft Defender for Cloud Apps helps us prioritize threats across our enterprise. It covers us from a compliance perspective and protects our organization's data. Data protection is a very important aspect of any new organization, as we need to protect our data from both external attacks and insider threats. Microsoft Defender for Cloud Apps helps us monitor for abnormal activity by insiders, which is one of the most important access points for attackers today. Additionally, the different cloud apps that Defender for Cloud Apps supports provide us with much more visibility into potential threats and activities on the internet. We have integrated Microsoft Defender for Cloud Apps alerts with Sentinel. The integration is straightforward. We can find the configuration details on Microsoft's official documentation website. If we are familiar with how Microsoft products work, we will be able to follow the instructions clearly. Microsoft Defender for Cloud Apps and Sentinel work natively together to deliver coordinated detection and response across our environment. Our integrated Microsoft solutions provide comprehensive threat protection, covering most of the tactics and techniques relevant to the MITRE ATT&CK framework. Sentinel allows us to ingest data from our entire ecosystem. When implementing an SIEM solution, there are always prerequisites such as Active Directory logs, security logs, firewall logs, and DNS logs. These are important logs that need to be ingested into the environment. Sentinel has many third-party connectors available that make integrations straightforward. Microsoft provides the configuration details in the Sentinel platform. It is important to integrate all relevant log sources into the SIEM solution so that we can detect and be alerted to any type of threat factor, whether it is from an internal or external source. Integrating third-party solutions into the platform requires a separate configuration, but Microsoft provides the necessary information. However, we need to have the appropriate permissions to execute these setups. Sentinel provides a centralized dashboard that covers threat management and configuration. It gives us complete insight into what entities are accessing, as well as full details for investigation. We can see how the alerts and threats are relevant to suspicious activities, whether they are related to malicious IP addresses, suspicious ASHAs, or any other indicators of compromise. All of this relevant data can be seen in a single pane. Recently, Microsoft introduced a new investigation experience in a single pane. This means that we can now get a lot of details in a single pane, without having to go there and execute a query. There are a lot of new insights being developed in the Sentinel platform these days. It has software intelligence. They recently introduced Microsoft Defender Threat Intelligence, which covers almost all IOCs. This protects organizational assets from threats and suspicious traffic associated with IOCs. If a match is found, alerts are generated. This is a very interesting feature. Another great feature is automation and logic apps. We can create a number of operations, such as posting in a team's channel if a severe incident occurs or sending an email notification. There are many operations available, so we can automate a lot of tasks. Microsoft Defender for Cloud Apps helps us stay compliant. It has predefined mechanisms in place to prevent attacks. For example, if an external user tries to access our SharePoint folders or files, an attack will be blocked. This is why it is important to give appropriate access to guest users. Microsoft Defender for Cloud Apps has many features and benefits. It provides a number of policies that can be configured to meet the specific needs of our security team. These policies can be used to customize cloud applications so that only authorized users can access them and perform operations that benefit the organization. In terms of safety and security, Microsoft Defender for Cloud Apps is top-notch. Using the solution's automation features, we can suppress false positive alerts. We can also close alerts, lower their severity from "high" to "low" or "informational," or close them immediately with the appropriate commands. This will depend on the configuration automation rule and the perspective from which we are testing. Microsoft Defender for Cloud Apps provides a single console. We are also provided with Microsoft templates to enable workbooks instantly. Alternatively, we can build our own customized workbooks to provide better insights and improve our SOC efficiency and overall performance. Consolidating all of our security data into one dashboard has saved our security operations team a significant amount of time. From an analyst's perspective, it is now much easier to correlate events, investigate alerts, and visualize specific entities. For example, an analyst can quickly see all of the alerts associated with a particular IP address, or they can view all of the activity for a specific entity over the past 24 hours or 7 days. This level of detail and insight would not be possible if our data were siloed in multiple dashboards. The single dashboard saves our operations approximately 20 hours per week by eliminating the need to access multiple consoles and tabs. Microsoft Defender for Cloud Apps threat intelligence can help us prepare for potential threats before they happen. However, it depends on how we develop the policies for the database to block or ignore things in our environment.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"In terms of the reporting, it's beautiful. It integrates with Azure monitoring and with Azure policies. That piece is a big help. You can set governing policies and you can use the application firewall, as well as the Azure Firewall, to enforce those policies."

"I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system."

"All its features are good. That's why we recommend it."

"I can easily configure it."

"It's auto-scalable, which is a great feature."

"I find the solution to be very stable, and would rate it a ten out of ten in terms of stability."

"The solution has many useful features. For example, the solution allows users to create virtual IP addresses."

"The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats."

More Azure Firewall pros

"Microsoft Defender for Cloud Apps is very comprehensive, providing a complete 360-degree view of applications within an organization."

"The most valuable feature of Microsoft Defender for Cloud Apps is to stop shadow IT."

"It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications are pretty good."

"Defender's integration with our identity solutions is critical in our current setup."

"We have become more aware of what services our users are using, how often they are using them, and what data is being sent out of the organization and to which services. So, it is really a lot about visibility and helping us make decisions based on that. It drives some of our policy decisions for adding extra security controls."

"Defender for Cloud Apps has given us good visibility regarding what we've allowed in our environment until now. It helps us to know our inventory, understand what our customers are using, and steer them toward safer practices."

"The most valuable feature is its policy implementation."

"I like the alert policies because they are quite robust. It has some built-in templates that we can easily pick up. One of them is the alert for mass downloads, when a particular user is running a massive download on your SharePoint site."

More Microsoft Defender for Cloud Apps pros

Cons

"The solution doesn't offer the same capabilities of Fortinet. It should offer intrusion prevention and advance filtering. These are two very useful features offered on Fortinet that Azure lacks."

"The tool needs to improve the onboarding and transition process for on-prem users."

"For large organizations, a third-party firewall would be an added advantage, because it would have more advanced features, things that are not in Azure Firewall."

"The threat intelligence aspect of this particular firewall is not at par with other providers."

"The product could be made more customizable."

"The interface could be improved, it's not very user friendly."

"When we started deploying the solution, it was not a mature product at times."

"Azure Firewall is an expensive solution. On a scale from one to ten, where one is not affordable, I would rate the price as a three."

More Azure Firewall cons

"Sometimes the support is actually lacking."

"We are having trouble with our continuous reporting configuration and struggling with configuring the collector properly with our log parsing. We've also faced difficulties getting support for this issue. It's taken us months to figure this out after going through a couple of different support channels."

"We are having trouble with our continuous reporting configuration and struggling with configuring the collector properly with our log parsing."

"The documentation could be improved as it is not updated immediately when Microsoft makes changes. Users must wait a few weeks for the changes to be reflected in the documentation."

"This service would be better if it had a separate license, only for this service, that could be used to track usage."

"I would like for it to be available on Mac and for it to support all of the features of Microsoft financing products. It is really for Windows."

"Sometimes, we'll get false positive alarms. For example, when a SharePoint path has no file sharing, but there is an external user, it will trigger an alarm that the file has been shared with an external user... the alerting mechanism should be more precise when giving you an alert about what activity has been done with the file..."

"It doesn't actually decrease the time to respond. This has been an issue with Microsoft recently. Sometimes, there is a delay when it comes to getting an alert policy email... Sometimes it takes two or three hours for that email to be sent."

More Microsoft Defender for Cloud Apps cons

Pricing and Cost Advice

"Azure Firewall is more expensive. If Microsoft can make Azure Firewall cheaper, I can see that all clients will think of using it. One client used FortiGate because it is much cheaper. Some clients ask me for Cisco, but in the cloud estimate, I found its cost is the same as Azure Firewall."

"Azure Firewall is expensive."

"It is expensive, especially with the premium functions. For one of the clients, it was very expensive. You have to use it more at an enterprise level, and there, it was not at an enterprise level. So, it was very costly, but security-wise, it was a very wise decision to use it that way."

"The licensing module is good."

"Azure Firewalls operate on a pay-as-you-go model, similar to cloud services."

"Azure Firewall comes with Azure native services. We did not buy any kind of license for it. Whether you have a free subscription or a pay-as-you-go model, you can deploy the Azure Firewall service... The amount that you use will determine how much you pay."

"It is pay-as-you-go. So, you pay based on the usage. If I remember it well, there is a basic fee, and there is a traffic fee. It is not per month. It is per hour or something like that. It is not so expensive."

"Before choosing this solution, we evaluated others, and we found this to be the most cost-effective."

More Azure Firewall pricing and cost advice

"It has pretty good pricing."

"The pricing is a little bit high but right now, we are okay with it because of the compatibility with Office 365, Teams, and Azure AD."

"Our clients normally use the Microsoft E1 licensing, which is renewed yearly."

"It is a little bit expensive. When you want to have the complete package with Office 365, Defender, and everything else, it is expensive."

"The E5 license offers everything bundled. People are moving to Microsoft because you buy one license and it gives you everything."

"The cost could be improved when you need to pay for anything. For example, refreshing files takes time to load, though it may be my Internet. To improve the refresh time, Microsoft says that we need to pay for a Premium license, and I don't like paying for things that help make a solution better."

"Where we are right now, this is an acceptable pricing. I would like to see more transparency given to the end user. The end user given to us is via the cloud service provider. There are different programs and license models. Some include this, and some include that. It is all over the place. There can be a little more consistency or simplification in the pricing so that your parts list is not ten pages long, and you are not trying to determine, "If I have an E3, does this cover that?", or "Do I need to pay separately for the license?" Simplification would probably be better."

"The pricing is fair."

More Microsoft Defender for Cloud Apps pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.

See recommendations

849,686 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Government

10%

Financial Services Firm

10%

Manufacturing Company

Computer Software Company

16%

Financial Services Firm

12%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firewall is easy to use and provides excellent support. Valuable features include int...

How does Azure Firewall compare with Palo Alto Networks VM Series?

Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the overall cost is reasonable. Azure Firewall offers a solid threat awareness, can...

Which would you recommend - FortiGate VM or Azure Firewall?

Both of these solutions are excellent options that provide flexible scalability and solid security. Fortinet Fortigate VM integrates well and has excellent centralized reporting. It is very easy to...

Which is the better security solution - Cisco Umbrella or Microsoft Cloud App Security?

Cisco Umbrella is an integral component of the Cisco SASE architecture. It integrates security in a single, cloud-native solution, unifying multiple features like DNS-layer security, threat intelli...

What do you like most about Microsoft Cloud App Security?

It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications are pretty good.

What is your experience regarding pricing and costs for Microsoft Cloud App Security?

The pricing for Microsoft Defender for Cloud Apps is acceptable. If a product is of high quality, it justifies the expense.

Fortinet FortiGate-VM vs Azure Firewall

Comparisons

Compared 19% of the time

Palo Alto Networks NG Firewalls vs Azure Firewall

Compared 16% of the time

Palo Alto Networks VM-Series vs Azure Firewall

Compared 6% of the time

Check Point NGFW vs Azure Firewall

Compared 5% of the time

Azure Firewall Manager vs Azure Firewall

Compared 2% of the time

More Azure Firewall Competitors

Zscaler Internet Access vs Microsoft Defender for Cloud Apps

Compared 21% of the time

Cisco Umbrella vs Microsoft Defender for Cloud Apps

Compared 15% of the time

Netskope vs Microsoft Defender for Cloud Apps

Compared 12% of the time

Prisma Access by Palo Alto Networks vs Microsoft Defender for Cloud Apps

Compared 6% of the time

Microsoft Intune vs Microsoft Defender for Cloud Apps

Compared 2% of the time

More Microsoft Defender for Cloud Apps Competitors

Product Reports

Azure Firewall

Download Azure Firewall product report

Microsoft Defender for Cloud Apps

Download Microsoft Defender for Cloud Apps product report

Microsoft Defender for Cloud Apps report

Also Known As

No data available

MS Cloud App Security, Microsoft Cloud App Security

Overview

Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.

Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.

Azure Firewall has two significant offerings, Standard and Premium.

Azure Firewall Standard works directly with Microsoft Cyber Security and supplies excellent L3-L7 filtering and threat awareness. The proactive real-time threat awareness will quickly alert you and immediately deny all traffic to and from any known problematic or suspicious domains or IP addresses. Microsoft Cyber Security is updated continually to protect against all new and known potential threats at all times. To learn more about Azure Firewall Standard, click here.

Azure Firewall Premium provides everything the standard version does, and additionally adds extra levels of data encryption, network intrusion detection, extended URL filtering, and Web category filters. To learn more about the added features of Azure Firewall Premium, click here.

Key Benefits and Features of Azure Firewall:

High availability - You do not need load balancers with Azure Firewall; it's already built in and ready to go.
Self-scalability - Azure Firewall is intuitive and will auto-scale as needed based on traffic flow to be ready for peak traffic times.
Threat awareness - Using Microsoft Cyber Security to filter traffic, Azure Firewall will deny any known problematic threats to keep your network safe.
Additional IP addresses - You can securely add up to 250 public IP addresses with Azure Firewall
Improved web category filtering - You can set up specific protocols to allow or deny categories within websites that are deemed inappropriate for use within your network. You have the ability to organize categories based on a defined set of descriptions.

What our real users have to say:

Many PeerSpot users found Azure Firewall to be very user-friendly and easy to use. They liked that it offers seamless integration to the cloud and were especially pleased with the threat filtering options.

Regarding integration and threat intelligence, our users wrote:

“The most valuable feature is the integration into the overall cloud platform.”

“The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats.”

“I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system.”

Microsoft

Microsoft Defender for Cloud Apps is a comprehensive security solution that provides protection for cloud-based applications and services. It offers real-time threat detection and response, as well as advanced analytics and reporting capabilities. With Defender for Cloud Apps, organizations can ensure the security of their cloud environments and safeguard against cyber threats. Whether you're running SaaS applications, IaaS workloads, or PaaS services, Microsoft Defender for Cloud Apps can help you secure your cloud environment and protect your business from cyber threats.

Microsoft Defender for Cloud Apps Benefits:

Provides comprehensive security for cloud applications
Integrates with other Microsoft security tools
Easy to use and deploy
Provides real-time threat detection and response
Strong protection against phishing attacks and other common threats
Highly customizable to meet specific needs of different organizations

Microsoft Defender for Cloud Apps Use Cases:

Governance, authentication, security, and compliance.
Detects shadow IT and anomalous user behavior
Controls access to applications
Provides auditing and filtering setups
Used for end-user compute devices, file monitoring, user investigation, and activity
Used for data governance, threat detection, and getting visibility over cloud applications
Used to identify information about applications beyond organizational boundaries
Prevent exfiltration and data filtration of corporate data
Used to deal with spam emails and detect shadow IT

Reviews from Real Users

Ram-Krish, Cloud Security & Governance at a financial services firm, says that Microsoft Defender for Cloud Apps "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need".

PeerSpot user, Senior Cloud & Security Consultant at a tech services, writes that Microsoft Defender for Cloud Apps "Great for monitoring user activity and protecting data while integrating well with other applications".

Simon Burgess,Infrastructure Engineer at SBITSC, states that Microsoft Defender for Cloud Apps is "A fluid, intelligent product for great visibility, centralized management, and increased uptime".

Microsoft

Sample Customers

Information Not Available

Customers for Microsoft Defender for Cloud Apps include Accenture, St. Luke’s University Health Network, Ansell, and Nakilat.

Azure Firewall vs. Microsoft Defender for Cloud Apps