We performed a comparison between Azure Firewall and Microsoft Defender for Cloud Apps based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is threat intelligence. It is based on filtering and can identify multiple threats."
"The solution is stable."
"It's helped us improve our security posture."
"It is easy for me to protect certain ports or even the IP addresses, as well as do whitelisting, blacklisting, and the FQDN when we want virtual machines connected and to protect certain websites."
"Microsoft's technical support is very good. They're quite knowledgable and responsive."
"We use the solution for application and server deployment."
"The firewall policy control, URL content control, and antivirus are all the most valuable aspects. Threat prevention is as well quite good."
"I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system."
"Better logging allows us to find problems and take appropriate steps to lock them out."
"The solution does not affect a user's workflow."
"I like the alert policies because they are quite robust. It has some built-in templates that we can easily pick up. One of them is the alert for mass downloads, when a particular user is running a massive download on your SharePoint site."
"It is very easy to use, which is what we look for in these types of solutions."
"The product helps us with privileged identity management to control who has access to what and for how long."
"It does a great job of monitoring and maintaining a security baseline. For us, that is a key element. The notifications are pretty good."
"I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with."
"The ability to prevent users from using certain applications is one of the most valuable features. It doesn't require any configuration for implementation from the client perspective. It just works right away and gives you the information you need."
"Azure Firewall definitely needs a broader feature base. It should be able to go all the way up to layer 7 when looking at applications and things like that."
"For large organizations, a third-party firewall would be an added advantage, because it would have more advanced features, things that are not in Azure Firewall."
"It would be much easier if the on-premises, firewall rules, had some kind of export-import possibility in place, which is not the case right now."
"Currently, it only supports IP addresses, so you have to be specific about the IPs that are in your environment."
"You have to have a defined IP range within your network to associate it with your network. The problem is you have to plan ahead of time if you expect to use the firewall in the future so that you don't have to reconfigure your subnets or that specific IP range. Other than that, I don't any issues. I use it for basic configuration for a single application, so I really don't try to leverage it for multiple applications where I might find some complexity or challenges."
"Azure has new versions including a premium firewall. But I would like to see them not put the premium features on Azure Firewall Premium alone because it is quite expensive."
"The interface could be improved, it's not very user friendly."
"They can improve the pricing of Azure Firewall."
"There are some features, such as user navigation content filtering, that are disabled by default, and it probably makes sense to enable them by default."
"Defender could integrate better with multi-cloud and hybrid environments. It requires some additional configuration to ingest data from non-Azure environments and integrate it with Sentinel."
"I would like more customization of notifications. Currently, you either get everything or you get limited information. I would like to have something in between where we can customize the data that is included in notifications."
"It takes some time to scan and apply the policies when there is some sensitive information. After it applies the policies, it works, but there is a delay. This is something for which we are working with Microsoft."
"This service would be better if it had a separate license, only for this service, that could be used to track usage."
"Defender for Cloud Apps could come with more configured policies out of the box. Also, integration could be easier. Integration is moderately difficult because Microsoft hasn't developed a solution that unifies device onboarding and management. You have to use Intune to manage devices and Defender for Endpoint to enforce policies. They need to fix their integration, but I believe they will straighten it out by the end of the year."
"I believe it's only set to be integrated with Microsoft Defender for identity and identity protection. I would like to see it available for use with something like Office 365 Defender. I don't think it's integrated with that yet."
"They need to improve the attack surface reduction (ASR) rules. In the latest version, you can implement ASR rules, which are quite useful, but you have to enable those because if they're not enabled, they flag false positives. In the Defender portal, it logs a block for WMI processes and PowerShell. Apparently, it's because ASR rules are not configured. So, you generally have to enable them to exclude, for example, WMI queries or PowerShell because they have a habit of blocking your security scanners. It's a bit weird that they have to be enabled to be configured, and it's not the other way around."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Azure Firewall is ranked 14th in Microsoft Security Suite with 33 reviews while Microsoft Defender for Cloud Apps is ranked 10th in Microsoft Security Suite with 30 reviews. Azure Firewall is rated 7.2, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Azure Firewall writes "Easy to use and configure but could be more robust". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Azure Firewall is most compared with Fortinet FortiGate-VM, Palo Alto Networks NG Firewalls, Microsoft Defender for Cloud, Palo Alto Networks VM-Series and Fortinet FortiGate, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR. See our Azure Firewall vs. Microsoft Defender for Cloud Apps report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.