Azure Firewall vs Microsoft Sentinel comparison

Azure Firewall and Microsoft Sentinel are both solutions in the Microsoft Security Suite category. Azure Firewall is ranked #10 with an average rating of 8.1, while Microsoft Sentinel is ranked #6 with an average rating of 8.3. Azure Firewall holds a 4.2% mindshare in Microsoft Security Suite, compared to Microsoft Sentinel’s 5.1% mindshare. Additionally, 79% of Azure Firewall users are willing to recommend the solution, compared to 93% of Microsoft Sentinel users who would recommend it.

Azure Firewall

Read 40 Azure Firewall reviews

2,980 Views
2,469 Comparison Views

79% willing to recommend

Microsoft Sentinel

Read 93 Microsoft Sentinel reviews

5,277 Views
3,193 Comparison Views

93% willing to recommend

Azure Firewall

Microsoft Sentinel

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Azure Firewall and Microsoft Sentinel based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Azure Firewall vs. Microsoft Sentinel Report (Updated: April 2025).

Buyer's Guide

Azure Firewall vs. Microsoft Sentinel

April 2025

Download the complete report

Helped 850,028 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Azure Firewall

Ranking in Microsoft Security Suite

10th

Average Rating

7.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Firewalls (14th)

Microsoft Sentinel

Ranking in Microsoft Security Suite

6th

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (3rd), Security Orchestration Automation and Response (SOAR) (1st), AI-Powered Cybersecurity Platforms (5th)

Mindshare comparison

As of May 2025, in the Microsoft Security Suite category, the mindshare of Azure Firewall is 4.2%, down from 5.1% compared to the previous year. The mindshare of Microsoft Sentinel is 5.1%, down from 6.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Microsoft Security Suite

Featured Reviews

AnvarSadique

Information Technology Architect at GMS INC

Easy setup and effective traffic routing enhance security

In terms of improvements, I think the price could be a concern as Azure ( /products/microsoft-azure-reviews ) services are often more expensive compared to other firewalls. However, the functional aspects of Azure Firewall met our needs. While I found the interface not particularly user-friendly, this is a common issue across vendors.

Read full review

KrishnanKartik

Cyber Security Consultant at Inspira Enterprise

Every rule enriched at triggering stage, easing the job of SOC analyst

It's a Big Data security analytics platform. Among the unique features is the fact that it has built-in UEBA and analytical capabilities. It allows you to use the out-of-the-box machine learning and AI capabilities, but it also allows you to bring your own AI/ML, by bringing in your own IPs and allowing the platform to accept them and run that on top of it. In addition, the SOAR component is a pay-per-use model. Compared to any other product, where customization is not available, you can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today. Other vendors charge heavily for the SOAR, but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer. The SOAR engine also uniquely helps us to automate most of the incidents with automated enrichment and that cuts out the L1 analyst work. And combining M365 with Sentinel, if you want to call it integration, takes just a few clicks: "next, next finish." If it is all M365-native, it is a maximum of three or four steps and you'll be able to ingest all the logs into Sentinel. That is true even with AWS or GCP because most of the connectors are already available out-of-the-box. You just click, put in your subscription details, include your IAM, and you are finished. Within five to six steps, you can integrate AWS workloads and the logs can be ingested into Sentinel. When it comes to a third party specifically, such as log sources in a data center or on-premises, we need a log collector so that the logs can be forwarded to the Sentinel platform. And when it comes to servers or something where there is an agent for Windows or Linux, the agent can collect the logs and ship them to the Sentinel platform. I don't see any difficulties in integrating any of the log sources, even to the extent of collecting IoT log sources. Microsoft Defender for Cloud has multiple components such as Defender for Servers, Defender for PaaS, and Defender for databases. For customers in Azure, there are a lot of use cases specific to protecting workloads and PaaS and SaaS in Azure and beyond Azure, if a customer also has on-premises locations. There is EDR for Windows and Linux servers, and it even protects different kinds of containers. With Defender for Cloud, all these sources can be seamlessly integrated and you can then track the security incidents in Microsoft's XDR platform. That means you have one more workspace, under Azure, not Defender for Cloud, where you can see the security incidents. In addition, it can be integrated with Sentinel for EDR deep-dive analytics. It can also protect workloads in AWS. We have customers for whom we are protecting their AWS workloads. Even EKS, Elastic Kubernetes Service, on AWS can be integrated, as can the GKE (Google Kubernetes Engine). And with Defender for Cloud, security alert ingestion is free

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"It's helped us improve our security posture."

"The SIEM that Azure Firewall provides us is very robust."

"Among the most valuable features are the DDoS protection that protects your virtual machines, the threat intelligence, and traffic filtering."

"It provided ease of maintenance. If a new firewall was needed, we only had to run the pipelines for this. So, the maintenance was very easy."

"The most valuable features of Azure Firewall for me are its URL-based internet access control and DDoS protection for incoming traffic."

"Performance and stability are the key features of this product."

"We use the solution for application and server deployment."

"The feature that I have found the most valuable is the control over the network permissions and the network."

More Azure Firewall pros

"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."

"While Microsoft Sentinel provides a log of security events, its true power lies in its integration with Microsoft Defender."

"The UI of Sentinel is very good and easy to use, even for beginners."

"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."

"Custom workbooks are valuable. It is one of the crucial points in dealing with potential security threats in an automated way without requiring too much manpower."

"Microsoft Sentinel enables you to ingest data from the entire ecosystem and that connection of data helps you to monitor critical resources and to know what's happening in the environment."

"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."

"We didn't have anything similar. So, it really provides value from the incidents and automation point of view. The overview of the security fabric is most valuable."

More Microsoft Sentinel pros

Cons

"The product pricing could be more competitive."

"The solution should incorporate features similar to competitors like split tunneling."

"When we started deploying the solution, it was not a mature product at times."

"Azure has new versions including a premium firewall. But I would like to see them not put the premium features on Azure Firewall Premium alone because it is quite expensive."

"Right now, with Azure Firewall, we cannot have a normal inbound traffic flow. For inbound, Microsoft suggests using application gateways, so the options are very limited. I cannot use this firewall as an intermediate firewall because of the limitations, and I cannot point routing to another firewall. So if I want to use back-to-back firewall architecture in my environment, I cannot use Azure Firewall for that type of configuration either."

"The solution doesn't offer the same capabilities of Fortinet. It should offer intrusion prevention and advance filtering. These are two very useful features offered on Fortinet that Azure lacks."

"In my experience, Azure Firewall is quite expensive, with a high cost. I would rate its pricing a two out of ten."

"The development area and QA area could be improved. With those improvements, we can improve projects and take even less time to implement them."

More Azure Firewall cons

"The solution could improve the playbooks."

"The AI capabilities must be improved."

"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."

"The playbook is a bit difficult and could be improved."

"From a client perspective, they'd like to see more cost savings."

"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."

"We'd like to see more connectors."

"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."

More Microsoft Sentinel cons

Pricing and Cost Advice

"Azure Firewall comes with Azure native services. We did not buy any kind of license for it. Whether you have a free subscription or a pay-as-you-go model, you can deploy the Azure Firewall service... The amount that you use will determine how much you pay."

"The solution is cheaper than other brands. My company has an enterprise contract and we finally got a good price with Azure."

"It is pay-as-you-go. So, you pay based on the usage. If I remember it well, there is a basic fee, and there is a traffic fee. It is not per month. It is per hour or something like that. It is not so expensive."

"Azure Firewall is expensive."

"It is expensive, especially with the premium functions. For one of the clients, it was very expensive. You have to use it more at an enterprise level, and there, it was not at an enterprise level. So, it was very costly, but security-wise, it was a very wise decision to use it that way."

"Before choosing this solution, we evaluated others, and we found this to be the most cost-effective."

"I rate the product pricing a five out of ten."

"The licensing module is good."

More Azure Firewall pricing and cost advice

"No license is required to make use of Sentinel, but you need to buy products to get the data. In general, the price of those products is comparable to similar products."

"The pricing is based on how much you ingest, so it's pretty straightforward. There are no tiers, and you pay for what you use unlike with other types of SIEM solutions that are usually based on tiers."

"Sentinel is a pay-as-you-go solution. To use it, you need a Log Analytics workspace. This is where the logs are stored and the cost of Log Analytics is based on gigabytes... On top of that, there is the cost of Sentinel, which is about €2 per gigabyte. If a customer has an M365 E5 license, the logs that come from Microsoft Defender are free."

"Microsoft can enhance the licensing side. I feel there is confusion sometimes... They should have a single license in which we have the opportunity to use the EDR or CASB solution."

"I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."

"In comparison to other security solutions, Microsoft Sentinel offers a reasonable price for the features included."

"Sentinel's pricing is on the higher side, but you can get a discount if you can predict your usage. You have to pay ingestion and storage fees. There are also fees for Logic Apps and particular features. It seems heavily focused on microtransactions, but they may be slightly optional. By contrast, Splunk requires no additional fee for their equivalent of Logic. You have a little more flexibility, but Sentinel's costs add up."

"I am not involved on the financial side, but from an enterprise-wide use perspective, I think the price is good enough."

More Microsoft Sentinel pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.

See recommendations

850,028 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

16%

Government

10%

Financial Services Firm

10%

Manufacturing Company

Computer Software Company

16%

Financial Services Firm

11%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What is a better choice, Azure Firewall or Palo Alto Networks NG Firewalls?

Azure Firewall Vs. Palo Alto Network NG Firewalls Both solutions provide stellar stability and security. Azure Firewall is easy to use and provides excellent support. Valuable features include int...

See all answers

How does Azure Firewall compare with Palo Alto Networks VM Series?

Both products are very stable and easily scalable. The setup of Azure Firewall is easy and very user-friendly and the overall cost is reasonable. Azure Firewall offers a solid threat awareness, can...

See all answers

Which would you recommend - FortiGate VM or Azure Firewall?

Both of these solutions are excellent options that provide flexible scalability and solid security. Fortinet Fortigate VM integrates well and has excellent centralized reporting. It is very easy to...

See all answers

Is there a common threat intelligence tool that aggregates multiple threat intelligence sources?

Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and its Threat Hunting functionality with AI available as templates or customized ...

See all answers

What is a better choice, Splunk or Azure Sentinel?

It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for ingestion of anything, but the charge per GB/Day Indexed and it gets expensive as log ...

See all answers

Which is better - Azure Sentinel or AWS Security Hub?

We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is auto-scaling - you will not have to worry about performance impact, you will...

See all answers

Comparisons

Fortinet FortiGate-VM vs Azure Firewall

Compared 19% of the time

Palo Alto Networks NG Firewalls vs Azure Firewall

Compared 16% of the time

Palo Alto Networks VM-Series vs Azure Firewall

Compared 6% of the time

Check Point NGFW vs Azure Firewall

Compared 5% of the time

Microsoft Defender for Cloud vs Azure Firewall

Compared 5% of the time

More Azure Firewall Competitors

AWS Security Hub vs Microsoft Sentinel

Compared 21% of the time

IBM Security QRadar vs Microsoft Sentinel

Compared 8% of the time

Cortex XSIAM vs Microsoft Sentinel

Compared 8% of the time

Wazuh vs Microsoft Sentinel

Compared 5% of the time

Google Chronicle Suite vs Microsoft Sentinel

Compared 5% of the time

More Microsoft Sentinel Competitors

Product Reports

Buyer's Guide

Azure Firewall

April 2025

Download Azure Firewall product report

Buyer's Guide

Microsoft Sentinel

April 2025

Download Microsoft Sentinel product report

Also Known As

No data available

Azure Sentinel

Overview

Azure Firewall is a user-friendly, intuitive, cloud-native firewall security solution that provides top-of-the-industry threat protection for all your Azure Virtual Network resources. Azure Firewall is constantly and thoroughly analyzing all traffic and data packets, making it a very valuable and secure fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall allows users to create virtual IP addresses and provides for secure DDoS protection for the virtual machines on your network. It also provides fast and efficient east-west and north-south traffic security.

Azure Firewall is a managed, cloud-based network security service built to protect your Azure Virtual Network resources. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.

Azure Firewall has two significant offerings, Standard and Premium.

Azure Firewall Standard works directly with Microsoft Cyber Security and supplies excellent L3-L7 filtering and threat awareness. The proactive real-time threat awareness will quickly alert you and immediately deny all traffic to and from any known problematic or suspicious domains or IP addresses. Microsoft Cyber Security is updated continually to protect against all new and known potential threats at all times. To learn more about Azure Firewall Standard, click here.

Azure Firewall Premium provides everything the standard version does, and additionally adds extra levels of data encryption, network intrusion detection, extended URL filtering, and Web category filters. To learn more about the added features of Azure Firewall Premium, click here.

Key Benefits and Features of Azure Firewall:

High availability - You do not need load balancers with Azure Firewall; it's already built in and ready to go.
Self-scalability - Azure Firewall is intuitive and will auto-scale as needed based on traffic flow to be ready for peak traffic times.
Threat awareness - Using Microsoft Cyber Security to filter traffic, Azure Firewall will deny any known problematic threats to keep your network safe.
Additional IP addresses - You can securely add up to 250 public IP addresses with Azure Firewall
Improved web category filtering - You can set up specific protocols to allow or deny categories within websites that are deemed inappropriate for use within your network. You have the ability to organize categories based on a defined set of descriptions.

What our real users have to say:

Many PeerSpot users found Azure Firewall to be very user-friendly and easy to use. They liked that it offers seamless integration to the cloud and were especially pleased with the threat filtering options.

Regarding integration and threat intelligence, our users wrote:

“The most valuable feature is the integration into the overall cloud platform.”

“The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats.”

“I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system.”

Microsoft

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

Microsoft

Sample Customers

Information Not Available

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

Buyer's Guide

Azure Firewall vs. Microsoft Sentinel

April 2025

Free Report: Azure Firewall vs. Microsoft Sentinel

Find out what your peers are saying about Azure Firewall vs. Microsoft Sentinel and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,028 professionals have used our research since 2012.

See our Azure Firewall vs. Microsoft Sentinel report.

See our list of best Microsoft Security Suite vendors.

We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.