Palo Alto Networks VM-Series and Microsoft Defender for Identity are both leaders in the cybersecurity market, with Palo Alto VM-Series offering strong features for threat management and cloud integration, while Microsoft Defender for Identity focuses on user identity protection through seamless integration with Microsoft 365. Based on a feature comparison, Palo Alto VM-Series appears to have the upper hand in cloud deployment capabilities but faces challenges in pricing and complexity.
Features: Palo Alto Networks VM-Series provides advanced threat management with user and application identification, content inspection, and seamless integration with cloud services like AWS. Its comprehensive approach to preventing data loss ensures business continuity. Microsoft Defender for Identity, integrated within the Microsoft 365 ecosystem, offers effective security posture by monitoring and securing user identities using AI-driven insights, making it a vital tool for identity protection.
Room for Improvement: Palo Alto Networks VM-Series users highlight its steep pricing model and complex interface as areas needing attention. Suggestions for enhancing scalability and cloud platform integration are common. Microsoft Defender for Identity users report false positives and indicate a need for better anomaly detection and improved administrative interfaces. Both products can benefit from better integration capabilities and refined user interfaces.
Ease of Deployment and Customer Service: Palo Alto Networks VM-Series is versatile, offering deployments across public, private, and hybrid cloud environments, though integration challenges exist. Microsoft Defender for Identity is optimized for public cloud environments, seamlessly fitting into the Microsoft ecosystem. While customer support for both products is generally praised, Palo Alto occasionally faces criticism for response times, whereas Microsoft's support is consistently praised for its efficiency.
Pricing and ROI: Palo Alto Networks VM-Series has a high price tag, justified by its extensive features and cloud capabilities, but its complex licensing model can be seen as costly compared to competitors like Fortinet and Check Point. Microsoft Defender for Identity, part of the Microsoft E5 licensing, offers competitive pricing with a strong feature set, making it a cost-effective solution for organizations seeking robust identity security.
Customers can see data within a week, indicating a quick return on investment.
Generally, the support is more effective than other providers like Oracle.
The quality of support is very good, but troubleshooting can take time due to complex setups and the need to provide many logs.
The people I normally use for support are very knowledgeable, especially when they help remote in and get to where I need to go and show me much faster and help me understand what I should be doing.
The support quality could be improved.
Resolving issues promptly.
They are responsive and provide high-quality assistance.
In a Microsoft-centric organization, especially with Azure infrastructure and Office 365, Microsoft Defender for Identity is scalable.
They are easy to upgrade, and with credit licensing, they scale effectively according to demand.
The solution is scalable and can easily handle an increase in the number of users.
It is easy to use with an excellent graphical user interface and extensive documentation, which contributes to its high scalability.
Microsoft Defender for Identity is quite robust and built on Azure hyperscale infrastructure, with a 99% availability.
We do not see any issues with the stability of Microsoft Defender for Identity.
Having recently started using it, reliability is affirmed, but manual investigation is often performed to verify if alerts identified by auto-remediation are accurate.
Hardware is generally very stable.
I have not experienced any major problems or downtime.
Perfection is unlikely as the dynamic nature of traffic and constant changes can result in occasional bugs despite regular updates.
If Microsoft could develop a feature that indicates when impossible travel is caused by VPN connections, it would prevent unnecessary password resets and session disruptions, especially for VIP users in organizations.
One improvement I would recommend is the integration of an admin application within Teams, allowing easy access to attack information on a mobile platform.
Reducing false positives is something we've been working on with Microsoft.
Integration with CSIRT across all use levels would make it easier for administrators to stay updated on the blocked entities without manual intervention.
Most customers go for partner-enabled support, which involves multiple layers, leading to delays.
Having those features missing, we are not proposing Palo Alto Networks VM-Series to all customers.
If they can reduce the costs, organizations will be happy, and it will compensate for using the Azure environment, which is more expensive on the infrastructure as a service side.
Ensuring a fair price according to market standards.
From an organization perspective, using E5 licenses is value for money, especially if Azure and Office 365 are already in use.
Palo Alto is expensive in terms of pricing, particularly when comparing features to cost.
The cost involves purchasing through a vendor, which might mark up due to the supply chain.
Pricing for Palo Alto Networks is higher than other OEMs, but considering the robustness and features, it gains customer trust.
We receive an advance report of risky users, allowing us to take preemptive action before an attack causes damage to organization details.
The most valuable feature is its hybrid artificial intelligence, which gathers forensic data to track and counteract security threats, much like the CSI series in effect.
The advanced threat protection is one of the strengths of Microsoft Defender for Identity, as it utilizes user and entity analytics and can detect indicative attacks.
We use these tools to prevent all known and unknown threats using Palo Alto Networks' Wildfire and other data filtering tools to gather information, analyze traffic, manage malicious traffic, and offer visibility, control, and attack prevention.
Palo Alto's robust threat intelligence supports new updates, and I can open cases directly with their Threat Intelligence team.
The DNS security significantly enhances security through visibility and detection, allowing control over crucial traffic like DNS, which is often exploited by ransomware.
| Product | Market Share (%) |
|---|---|
| Microsoft Defender for Identity | 4.5% |
| Palo Alto Networks VM-Series | 2.3% |
| Other | 93.2% |
| Company Size | Count |
|---|---|
| Small Business | 8 |
| Midsize Enterprise | 4 |
| Large Enterprise | 14 |
| Company Size | Count |
|---|---|
| Small Business | 29 |
| Midsize Enterprise | 17 |
| Large Enterprise | 24 |
Microsoft Defender for Identity offers real-time threat detection and protection for hybrid Active Directory environments. It integrates with Microsoft 365 components for seamless security and monitors advanced behaviors, enhancing identity protection across cloud and on-premises environments.
Microsoft Defender for Identity provides detailed threat insights and user behavior analytics to detect unauthorized access and notify anomalies. It allows setting custom detection rules, enhancing threat response automation. While it needs improvements in cloud security, SIEM integration, and access controls, users leverage its ability to mitigate identity threats like suspicious logins and ransomware. Enhanced integration with Microsoft security products ensures a coordinated threat response for identity control and privilege management.
What are the key features of Microsoft Defender for Identity?In specific industries, organizations implement Microsoft Defender for Identity to secure on-premises and hybrid Active Directory environments through user and entity behavior analytics, malicious activity detection, and integration with Microsoft security tools. This approach enhances security posture assessment and helps mitigate identity threats like identity harvesting and unauthorized access.
Palo Alto Networks VM-Series is a highly effective advanced threat protection (ATP) solution and firewall that can be hosted on cloud computing technologies designed by many different companies. It decreases the amount of time that it will take administrators to respond to threats. Users that deploy VM-series have 70% less downtime than those who use similar firewalls. Neither protection nor efficiency are concerns when this next-generation firewall is in play.
VM-Series is being deployed to protect both public and private cloud environments. This level of flexibility empowers organizations to run the environment or environments that best meet their needs without worrying that they are going to be exposed to digital threats due to the environment that they choose.
In the public cloud, users of Palo Alto Networks VM-Series can automate their deployment and dynamically scale up their environment while experiencing a consistent level of protection. This dynamic scalability means that they also integrate their security into their DevOps workflows so that their security can keep up with their activities and requirements. Users of private cloud environments can set up security policies that can be automated to be provisioned as the need arises. Organizations don’t need to slow down when they deploy VM-Series because it makes the task of defending them so simple that they can set their defenses and forget that they are even there.
Users gain a deep level of visibility when they deploy Palo Alto Networks VM-Series. App-ID technology enables organizations to see their network traffic on the application level and spot threats that might be trying to sneak in through vulnerable points in their defenses. It also leverages Palo Alto Networks WildFire and advanced threat protection to block the threats before they can escalate.
Palo Alto Networks VM-Series Features:
Reviews from Real Users:
Palo Alto Networks VM-Series is a solution that stands out when compared to other similar solutions. Two major advantages that it offers are its ability to protect users without degrading the efficiency with which their networks perform and its centralized management system.
Jason H., the director of information technology at Tavoca Inc, writes, “There is no noticeable trade-off between security and network performance. In fact, so far, we've not seen any negative network performance with it. We're very impressed in that regard.”
An information technology manager at a tech services company says, “We use Palo Alto’s Panorama centralized management system. We have an on-prem firewall where Panorama is very good for pulling logs in from the cloud so we can see what is going on. It gives us visibility into that as well as shows us what attacks are coming in. Palo Alto’s Panorama centralized management system simplifies our security posture based on our requirements. Instead of manually pulling logs, then generating them into readable formats, it gives us the console in a readable format to view.”
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
