Gigamon Deep Observability Pipeline and Microsoft Defender for Identity compete in network security and threat detection. Microsoft Defender for Identity seems to have the edge due to its advanced threat detection capabilities, which are critical for organizations focusing on cybersecurity.
Features: Gigamon Deep Observability Pipeline provides comprehensive network visibility, packet-level analytics, and seamless integration with existing IT infrastructures. Microsoft Defender for Identity excels in sophisticated threat detection, real-time alerts, and integration with the Microsoft security ecosystem.
Room for Improvement: Gigamon could enhance its threat detection and user experience, focusing on reducing complexity and integration time. Microsoft Defender for Identity may improve by reducing false positives, enhancing user interface intuitiveness, and expanding threat intelligence features.
Ease of Deployment and Customer Service: Microsoft Defender for Identity offers a cloud-friendly deployment model and strong customer support, simplifying integration within Microsoft environments. Gigamon Deep Observability Pipeline may pose deployment challenges due to its complexity but offers detailed network oversight tailored to varied environments.
Pricing and ROI: Gigamon requires a higher initial investment but offers ROI through enhanced network management. Microsoft Defender for Identity has more competitive setup costs and provides ROI by minimizing threat incidents through integrated security solutions.
Generally, the support is more effective than other providers like Oracle.
The quality of support is very good, but troubleshooting can take time due to complex setups and the need to provide many logs.
In a Microsoft-centric organization, especially with Azure infrastructure and Office 365, Microsoft Defender for Identity is scalable.
Microsoft Defender for Identity is quite robust and built on Azure hyperscale infrastructure, with a 99% availability.
Having recently started using it, reliability is affirmed, but manual investigation is often performed to verify if alerts identified by auto-remediation are accurate.
If Microsoft could develop a feature that indicates when impossible travel is caused by VPN connections, it would prevent unnecessary password resets and session disruptions, especially for VIP users in organizations.
One improvement I would recommend is the integration of an admin application within Teams, allowing easy access to attack information on a mobile platform.
Reducing false positives is something we've been working on with Microsoft.
If they can reduce the costs, organizations will be happy, and it will compensate for using the Azure environment, which is more expensive on the infrastructure as a service side.
From an organization perspective, using E5 licenses is value for money, especially if Azure and Office 365 are already in use.
the Microsoft Defender Suite is quite expensive, especially when integrated into Sentinel.
We receive an advance report of risky users, allowing us to take preemptive action before an attack causes damage to organization details.
I find the most valuable features in Microsoft Defender for Identity to be the conditional access and the rule-based access control to give users their actual role-based permission to work.
The integration into the Microsoft Defender ecosystem is the most valuable feature of Microsoft Defender for Identity.
Gigamon Deep Observability Pipeline is a comprehensive network visibility solution that provides real-time insights into network traffic. It offers SSL inspection and mobile network monitoring for traffic monitoring purposes. The solution optimizes networks, aids in security inspection, and improves firewall performance. It is praised for its performance, power, straightforward integration, stability, and ease of initial setup.
With Gigamon, organizations can gain complete visibility into their network traffic, identify potential threats, and take proactive measures to prevent them. The solution is ideal for organizations of all sizes, including enterprises, service providers, and government agencies.
Microsoft Defender for Identity integrates with Microsoft tools to monitor user activity, providing advanced threat detection and analysis using AI. It enhances proactive threat response and security visibility, making it essential for securing on-premises and cloud environments like Active Directory.
Microsoft Defender for Identity offers comprehensive monitoring and AI-driven user behavior analysis. It detects threats through real-time alerts and identifies lateral movements and entity tagging, ensuring robust security management. With excellent visibility via its dashboard, it supports customized detection rules and seamlessly integrates with SIEM platforms. While SecureScore and SecureScan provide robust environment security, there is room for improvement in cloud security, on-premises application integration, and remediation capabilities. Azure integration is limited, and the administrative interface could be more user-friendly. Users experience frequent false positives, affecting threat detection efficiency.
What key features stand out in Microsoft Defender for Identity?In specific industries such as education and finance, Microsoft Defender for Identity is crucial for securing on-premises Active Directory and Azure Active Directory environments. It effectively detects suspicious activities and manages conditional access policies, offering user and entity behavior analytics, endpoint detection and response capabilities. This helps prevent unauthorized access and strengthens overall security, making it an invaluable asset for organizations aiming to safeguard their digital infrastructure.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
