We performed a comparison between Azure Bastion and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."As an Azure consultant, for me, it is the best way to give the administrator access as you can manage the permission - including who can access Bastion."
"Azure Bastion makes it easy to provide quick virtual machine access to our customers."
"The ability to operate the product with scripting is excellent."
"The connection to virtual machines is very useful."
"The interface is available in the edit portal."
"The most significant advantage lies in its runbook features, particularly beneficial for our infrastructure team."
"The product's setup is easy."
"It provides all the security to us. Without getting on the internet, we can access our servers. We can access our desktop through our web browser. We don't need to run the mstsc command and login to the VM. All those things are not required."
"The in-built SOAR of Sentinel is valuable. Kusto Query Language is also valuable for the ease of writing queries and ease of getting insights from the logs. Schedule-based queries within Sentinel are also valuable. I found these three features most useful for my projects."
"You can fine-tune the SOAR and you'll be charged only when your playbooks are triggered. That is the beauty of the solution because the SOAR is the costliest component in the market today... but with Sentinel it is upside-down: the SOAR is the lowest-hanging fruit. It's the least costly and it delivers more value to the customer."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"Sentinel pricing is good"
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"The main benefit is the ease of integration."
"The most valuable feature is the performance because unlike legacy SIEMs that were on-premises, it does not require as much maintenance."
"The analytic rule is the most valuable feature."
"There are some challenges because Bastion is more compatible with Edge but not with the other browsers. As an organization, it doesn't make sense that we have to use only Edge. We should be able to access Bastion over Chrome, Mozilla, or Opera. It should be our choice."
"You are charged for retrieving your own data."
"When you have a boot issue on Windows, you cannot use Azure Bastion to fix it. You have to use the Azure console or the VM console, and it is very limited."
"The protocol speed could be faster."
"We are not able to copy and paste files directly into the server over the patch host. We have to transfer files over to Azure Storage."
"The solution breaks down sometimes."
"While general support is valuable, having a detailed breakdown of the specific issues would contribute to a more streamlined and efficient resolution process."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"We are invoiced according to the amount of data generated within each log."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
Azure Bastion is ranked 17th in Microsoft Security Suite with 8 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Azure Bastion is rated 8.8, while Microsoft Sentinel is rated 8.2. The top reviewer of Azure Bastion writes "Has good scalability and provides secure access to the virtual machines ". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Azure Bastion is most compared with Azure Firewall, Azure Front Door, TeamViewer Remote Management, Microsoft Entra Verified ID and Microsoft Defender for Cloud Apps, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Azure Bastion vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
