We performed a comparison between Azure Bastion and Microsoft Defender for Cloud Apps based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It provides all the security to us. Without getting on the internet, we can access our servers. We can access our desktop through our web browser. We don't need to run the mstsc command and login to the VM. All those things are not required."
"As an Azure consultant, for me, it is the best way to give the administrator access as you can manage the permission - including who can access Bastion."
"The product's setup is easy."
"The connection to virtual machines is very useful."
"Azure Bastion makes it easy to provide quick virtual machine access to our customers."
"The interface is available in the edit portal."
"The ability to operate the product with scripting is excellent."
"The most significant advantage lies in its runbook features, particularly beneficial for our infrastructure team."
"The most valuable feature is the ease of management. It's important."
"The most valuable feature is the alerting system."
"There are a lot of features with benefits, including discovery, investigation, and putting controls around things. You can't say that you like the investigation part but not the discovery. Everything is correlated; that's how the tool works."
"The most valuable feature of this solution is its monitoring."
"Defender helps us control which applications are being used and gain more security insight into remote and hybrid users based on user identity and log in location. You can also integrate Defender for Cloud Apps with Defender for Endpoint to extend its capabilities."
"In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."
"I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with."
"Threat detection is its key feature, and that's why we use this tool. It gives an alert if a PC is attacked or there is any kind of anomaly, such as there is a spike in sending emails or we see an unauthorized website being accessed. So, it keeps us on our toes. We get to know that there is something wrong, and we can isolate the user and find any issues with it. So, threat detection is very robust in this tool."
"The protocol speed could be faster."
"The solution breaks down sometimes."
"We are not able to copy and paste files directly into the server over the patch host. We have to transfer files over to Azure Storage."
"When you have a boot issue on Windows, you cannot use Azure Bastion to fix it. You have to use the Azure console or the VM console, and it is very limited."
"You are charged for retrieving your own data."
"While general support is valuable, having a detailed breakdown of the specific issues would contribute to a more streamlined and efficient resolution process."
"There are some challenges because Bastion is more compatible with Edge but not with the other browsers. As an organization, it doesn't make sense that we have to use only Edge. We should be able to access Bastion over Chrome, Mozilla, or Opera. It should be our choice."
"Microsoft Defender for Cloud Apps' initial setup was quite technical but we were prepared. The time of the implementation depends on the job and how many users are being set up."
"We would like to get more information from the endpoint. I don't get enough detailed information right now on why something failed. There is not enough visibility."
"There are challenges with detection and there are challenges with false-positive rates."
"Generally, the pricing can always be improved along with the management system."
"I want them to enhance in-session policy."
"Sometimes the support is actually lacking."
"I would like for it to be available on Mac and for it to support all of the features of Microsoft financing products. It is really for Windows."
"They need to improve the attack surface reduction (ASR) rules. In the latest version, you can implement ASR rules, which are quite useful, but you have to enable those because if they're not enabled, they flag false positives. In the Defender portal, it logs a block for WMI processes and PowerShell. Apparently, it's because ASR rules are not configured. So, you generally have to enable them to exclude, for example, WMI queries or PowerShell because they have a habit of blocking your security scanners. It's a bit weird that they have to be enabled to be configured, and it's not the other way around."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Azure Bastion is ranked 17th in Microsoft Security Suite with 8 reviews while Microsoft Defender for Cloud Apps is ranked 10th in Microsoft Security Suite with 30 reviews. Azure Bastion is rated 8.8, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Azure Bastion writes "Has good scalability and provides secure access to the virtual machines ". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Azure Bastion is most compared with Azure Firewall, Azure Front Door, TeamViewer Remote Management, Microsoft Sentinel and Azure Web Application Firewall, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR. See our Azure Bastion vs. Microsoft Defender for Cloud Apps report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.