We performed a comparison between Azure Bastion and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It provides all the security to us. Without getting on the internet, we can access our servers. We can access our desktop through our web browser. We don't need to run the mstsc command and login to the VM. All those things are not required."
"The interface is available in the edit portal."
"Azure Bastion makes it easy to provide quick virtual machine access to our customers."
"As an Azure consultant, for me, it is the best way to give the administrator access as you can manage the permission - including who can access Bastion."
"The product's setup is easy."
"The connection to virtual machines is very useful."
"The most significant advantage lies in its runbook features, particularly beneficial for our infrastructure team."
"The ability to operate the product with scripting is excellent."
"Sentinel has an intuitive, user-friendly way to visualize the data properly. It gives me a solid overview of all the logs. We get a more detailed view that I can't get from the other SIEM tools. It has some IP and URL-specific allow listing"
"The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"The Log analytics are useful."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"Free ingestion for Azure logs (with E5 licence)"
"There are some challenges because Bastion is more compatible with Edge but not with the other browsers. As an organization, it doesn't make sense that we have to use only Edge. We should be able to access Bastion over Chrome, Mozilla, or Opera. It should be our choice."
"While general support is valuable, having a detailed breakdown of the specific issues would contribute to a more streamlined and efficient resolution process."
"You are charged for retrieving your own data."
"The solution breaks down sometimes."
"The protocol speed could be faster."
"When you have a boot issue on Windows, you cannot use Azure Bastion to fix it. You have to use the Azure console or the VM console, and it is very limited."
"We are not able to copy and paste files directly into the server over the patch host. We have to transfer files over to Azure Storage."
"The only thing is sometimes you can have a false positive."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"It would be good to have some connectors for third-party SIEM solutions. Many customers are struggling with the integration of Azure Sentinel with their on-premise SIEM. Microsoft is changing the log structure many times a year, which can corrupt a custom integration. It would be good to have some connectors developed by Microsoft or supply vendors, but they are not providing such functionality or tools."
"The reporting could be more structured."
"I would like Microsoft Sentinel to enhance its SOAR capabilities."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
Azure Bastion is ranked 17th in Microsoft Security Suite with 8 reviews while Microsoft Sentinel is ranked 5th in Microsoft Security Suite with 86 reviews. Azure Bastion is rated 8.8, while Microsoft Sentinel is rated 8.2. The top reviewer of Azure Bastion writes "Has good scalability and provides secure access to the virtual machines ". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Azure Bastion is most compared with Azure Firewall, Azure Front Door, TeamViewer Remote Management, Microsoft Entra Verified ID and Microsoft Defender for Cloud Apps, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Wazuh, Microsoft Defender for Cloud and Elastic Security. See our Azure Bastion vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.