We performed a comparison between Azure Firewall Manager and Microsoft Defender for Cloud based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution has improved our organization with its firewall."
"The solution is very easy to set up."
"The tool's support is good."
"It is easy to install and does not require any plugins for your browser."
"The most valuable feature of Azure Firewall Manager is the testing and configuration."
"DSPM is the most valuable feature."
"The entire Defender Suite is tightly coupled, integrated, and collaborative."
"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
"The solution is very easy to deploy."
"The vulnerability reporting is helpful. When we initially deployed Defender, it reported many more threats than we currently see. It gave us insight into areas we had not previously considered, so we knew where we needed to act."
"There should be a simple one-click deployment for a firewall, rather than a set of setup instructions that include steps such as the DNS configuration, et cetera."
"The price is okay. This said, the solution is certainly expensive in comparison with other cloud services."
"We could do only one-way NAT-ing, where the traffic comes from outside to internal, to Azure, which is fine. However, when we actually do NAT-ed traffic to hit the firewall, that way is not working."
"The tool's security features need to improve. It needs also to include a monitoring system for logs. It is also complicated to find a query on the Azure firewall."
"The solution can improve the integration with open-source tools."
"Consistency is the area where the most improvement is needed. For example, there are some areas where the UI is not uniform across the board."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
"I would suggest building a single product that addresses endpoint server protection, attack surface, and everything else in one solution. That is the main disadvantage with the product. If we are incorporating some features, we end up in a situation where this solution is for the server, and that one is for the client, or this is for identity, and that is for our application. They're not bundling it. Commercially, we can charge for different licenses, but on the implementation side, it's tough to help our end-customer understand which product they're getting."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"You cannot create custom use cases."
"They could always work to make the pricing a bit lower."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
Azure Firewall Manager is ranked 29th in Microsoft Security Suite with 5 reviews while Microsoft Defender for Cloud is ranked 2nd in Microsoft Security Suite with 46 reviews. Azure Firewall Manager is rated 7.8, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Azure Firewall Manager writes "Useful testing, simple configuration, and scales well". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Azure Firewall Manager is most compared with Azure Firewall, Palo Alto Networks Panorama, AWS Firewall Manager and FortiGate Cloud-Native Firewall (FortiGate CNF), whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint. See our Azure Firewall Manager vs. Microsoft Defender for Cloud report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
