We performed a comparison between Azure DDoS Protection and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of Azure DDoS Protection is that it performs well."
"I like the user interface, documentation, and support. Azure DDoS Protection is one of the most valuable solutions for any endpoint that is publicly reachable through the internet. It will automatically secure all your endpoints from third-party attacks, cyber attacks, or phishing attacks."
"DDoS Protection is simple to deploy and integrates seamlessly with the Azure environment. Ease of deployment is a crucial feature for us."
"The most important feature is that the solution continuously monitors traffic by inbuilt rules to identify preconfigured attacks."
"Azure DDoS Protection offers superior protection against denial-of-service attacks."
"This solution is the best option for us because we use a lot of Microsoft products. So, it is easy for us to deploy or integrate any features or products."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"It has a lot of great features."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"The dashboard that allows me to view all the incidents is the most valuable feature."
"It's pretty powerful and its performance is pretty good."
"The initial setup is very simple and straightforward."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"Log aggregation and data connectors are the most valuable features."
"The visibility could be better. We would like to have better metrics, so we could see all the information in a central place."
"The reporting aspect and dashboard management monitoring need improvement."
"The UI needs to be improved."
"The implementation of Azure DDoS Protection results in a decrease in our bandwidth capacity and should be optimized to reduce resource consumption."
"Azure DDoS Protection could improve on the reporting."
"Sometimes, it is hard for our staff to keep track of changes (in the GUI) between different projects, because there are constant changes. As a result, it is hard to manage, recall, and see all the features because they have been moved from one place to another."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"I think the number one area of improvement for Sentinel would be the cost."
"I would like to see more AI used in processes."
"Sentinel should be improved with more connectors. At the moment, it only covers a few vendors. If I remember correctly, only 100 products are supported natively in Sentinel, although you can connect them with syslog. But Microsoft should increase the number of native connectors to get logs into Sentinel."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"We have been working with multiple customers, and every time we onboard a customer, we are missing an essential feature that surprisingly doesn't exist in Sentinel. We searched the forums and knowledge bases but couldn't find a solution. When you onboard new customers, you need to enable the data connectors. That part is easy, but you must create rules from scratch for every associated connector. You click "next," "next," "next," and it requires five clicks for each analytical rule. Imagine we have a customer with 150 rules."
Azure DDoS Protection is ranked 18th in Microsoft Security Suite with 6 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Azure DDoS Protection is rated 8.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Azure DDoS Protection writes "It's simple to deploy and integrates seamlessly with the Azure environment". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Azure DDoS Protection is most compared with Azure Firewall, Azure Front Door, AWS Shield, Cloudflare and Prolexic, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Azure DDoS Protection vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.