We performed a comparison between Azure Bastion and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Azure Bastion makes it easy to provide quick virtual machine access to our customers."
"As an Azure consultant, for me, it is the best way to give the administrator access as you can manage the permission - including who can access Bastion."
"The interface is available in the edit portal."
"The product's setup is easy."
"The most significant advantage lies in its runbook features, particularly beneficial for our infrastructure team."
"The ability to operate the product with scripting is excellent."
"It provides all the security to us. Without getting on the internet, we can access our servers. We can access our desktop through our web browser. We don't need to run the mstsc command and login to the VM. All those things are not required."
"The connection to virtual machines is very useful."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"The solution offers a lot of data on events. It helps us create specific detection strategies."
"Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"We are not able to copy and paste files directly into the server over the patch host. We have to transfer files over to Azure Storage."
"You are charged for retrieving your own data."
"There are some challenges because Bastion is more compatible with Edge but not with the other browsers. As an organization, it doesn't make sense that we have to use only Edge. We should be able to access Bastion over Chrome, Mozilla, or Opera. It should be our choice."
"The protocol speed could be faster."
"While general support is valuable, having a detailed breakdown of the specific issues would contribute to a more streamlined and efficient resolution process."
"The solution breaks down sometimes."
"When you have a boot issue on Windows, you cannot use Azure Bastion to fix it. You have to use the Azure console or the VM console, and it is very limited."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Microsoft Sentinel is relatively expensive, and its cost should be improved."
"They should integrate it with many other software-as-a-service providers and make connectors available so that you don't have to do any sort of log normalization."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
Azure Bastion is ranked 17th in Microsoft Security Suite with 8 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Azure Bastion is rated 8.8, while Microsoft Sentinel is rated 8.2. The top reviewer of Azure Bastion writes "Has good scalability and provides secure access to the virtual machines ". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Azure Bastion is most compared with Azure Firewall, Azure Front Door, TeamViewer Remote Management, Microsoft Entra Verified ID and Microsoft Defender for Cloud Apps, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Azure Bastion vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.