We performed a comparison between Azure DDoS Protection and Microsoft Sentinel based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of Azure DDoS Protection is that it performs well."
"Azure DDoS Protection offers superior protection against denial-of-service attacks."
"I like the user interface, documentation, and support. Azure DDoS Protection is one of the most valuable solutions for any endpoint that is publicly reachable through the internet. It will automatically secure all your endpoints from third-party attacks, cyber attacks, or phishing attacks."
"The most important feature is that the solution continuously monitors traffic by inbuilt rules to identify preconfigured attacks."
"This solution is the best option for us because we use a lot of Microsoft products. So, it is easy for us to deploy or integrate any features or products."
"DDoS Protection is simple to deploy and integrates seamlessly with the Azure environment. Ease of deployment is a crucial feature for us."
"It has a lot of great features."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"It is always correlating to IOCs for normal attacks, using Azure-related resources. For example, if any illegitimate IP starts unusual activity on our Azure firewall, then it automatically generates an alarm for us."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"Free ingestion for Azure logs (with E5 licence)"
"It is able to connect to an ever-growing number of platforms and systems within the Microsoft ecosystem, such as Azure Active Directory and Microsoft 365 or Office 365, as well as to external services and systems that can be brought in and managed. We can manage on-premises infrastructure. We can manage not just the things that are running in Azure in the public cloud, but through Azure Arc and the hybrid capabilities, we can monitor on-premises servers and endpoints. We can monitor VMware infrastructure, for instance, running as part of a hybrid environment."
"The connectivity and analytics are great."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"Sometimes, it is hard for our staff to keep track of changes (in the GUI) between different projects, because there are constant changes. As a result, it is hard to manage, recall, and see all the features because they have been moved from one place to another."
"The implementation of Azure DDoS Protection results in a decrease in our bandwidth capacity and should be optimized to reduce resource consumption."
"The UI needs to be improved."
"The visibility could be better. We would like to have better metrics, so we could see all the information in a central place."
"The reporting aspect and dashboard management monitoring need improvement."
"Azure DDoS Protection could improve on the reporting."
"The on-prem log sources still require a lot of development."
"The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel."
"Improvement-wise, I would like to see more integration with third-party solutions or old-school antivirus products that have some kind of logging capability. I wouldn't mind having that exposed within Sentinel. We do have situations where certain companies have bought licensing or have made an investment in a product, and that product will be there for the next two or three years. To be able to view information from those legacy products would be great. We can then better leverage the Sentinel solution and its capabilities."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"Its implementation could be simpler. It is not really simple or straightforward. It is in the middle. Sometimes, connectors are a little bit complex."
"The troubleshooting has room for improvement."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
Azure DDoS Protection is ranked 18th in Microsoft Security Suite with 6 reviews while Microsoft Sentinel is ranked 6th in Microsoft Security Suite with 85 reviews. Azure DDoS Protection is rated 8.6, while Microsoft Sentinel is rated 8.2. The top reviewer of Azure DDoS Protection writes "It's simple to deploy and integrates seamlessly with the Azure environment". On the other hand, the top reviewer of Microsoft Sentinel writes "Gives a comprehensive and holistic view of the ecosystem and improves visibility and the ability to respond". Azure DDoS Protection is most compared with Azure Firewall, Azure Front Door, AWS Shield, Cloudflare and Prolexic, whereas Microsoft Sentinel is most compared with AWS Security Hub, IBM Security QRadar, Splunk Enterprise Security, Microsoft Defender for Cloud and Elastic Security. See our Azure DDoS Protection vs. Microsoft Sentinel report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.