We performed a comparison between Azure DDoS Protection and Microsoft Defender for Cloud based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."DDoS Protection is simple to deploy and integrates seamlessly with the Azure environment. Ease of deployment is a crucial feature for us."
"This solution is the best option for us because we use a lot of Microsoft products. So, it is easy for us to deploy or integrate any features or products."
"The most important feature is that the solution continuously monitors traffic by inbuilt rules to identify preconfigured attacks."
"The most valuable feature of Azure DDoS Protection is that it performs well."
"Azure DDoS Protection offers superior protection against denial-of-service attacks."
"I like the user interface, documentation, and support. Azure DDoS Protection is one of the most valuable solutions for any endpoint that is publicly reachable through the internet. It will automatically secure all your endpoints from third-party attacks, cyber attacks, or phishing attacks."
"Defender is user-friendly and provides decent visibility into threats."
"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand."
"The most valuable feature is that it's intuitive. It's very intuitive."
"Provides a very good view of the entire security setup of your organization."
"Good compliance policies."
"Defender is a robust platform for dealing with many kinds of threats. We're protected from various threats, like viruses. Attacks can be easily minimized with this solution defending our infrastructure."
"The visibility could be better. We would like to have better metrics, so we could see all the information in a central place."
"The reporting aspect and dashboard management monitoring need improvement."
"The implementation of Azure DDoS Protection results in a decrease in our bandwidth capacity and should be optimized to reduce resource consumption."
"Sometimes, it is hard for our staff to keep track of changes (in the GUI) between different projects, because there are constant changes. As a result, it is hard to manage, recall, and see all the features because they have been moved from one place to another."
"The UI needs to be improved."
"Azure DDoS Protection could improve on the reporting."
"When you work with it, the only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
"For Kubernetes, I was using Azure Kubernetes Service (AKS). To see that whatever is getting deployed into AKS goes through the correct checks and balances in terms of affinities and other similar aspects and follows all the policies, we had to use a product called Stackrox. At a granular level, the built-in policies were good for Kubernetes, but to protect our containers from a coding point of view, we had to use a few other products. For example, from a programming point of view, we were using Checkmarx for static code analysis. For CIS compliance, there are no CIS benchmarks for AKS. So, we had to use other plugins to see that the CIS benchmarks are compliant. There are CIS benchmarks for Kubernetes on AWS and GCP, but there are no CIS benchmarks for AKS. So, Azure Security Center fell short from the regulatory compliance point of view, and we had to use one more product. We ended up with two different dashboards. We had Azure Security Center, and we had Stackrox that had its own dashboard. The operations team and the security team had to look at two dashboards, and they couldn't get an integrated piece. That's a drawback of Azure Security Center. Azure Security Center should provide APIs so that we can integrate its dashboard within other enterprise dashboards, such as the PowerBI dashboard. We couldn't get through these aspects, and we ended up giving Reader security permission to too many people, which was okay to some extent, but when we had to administer the users for the Stackrox portal and Azure Security Center, it became painful."
"The documentation and implementation guides could be improved."
"I felt that there was disconnection in terms of understanding the UI. The communication for moving from the old UI to the new UI could be improved. It was a bit awkward."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"The product must improve its UI."
Azure DDoS Protection is ranked 18th in Microsoft Security Suite with 6 reviews while Microsoft Defender for Cloud is ranked 2nd in Microsoft Security Suite with 46 reviews. Azure DDoS Protection is rated 8.6, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Azure DDoS Protection writes "It's simple to deploy and integrates seamlessly with the Azure environment". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Azure DDoS Protection is most compared with Azure Front Door, Azure Firewall, AWS Shield, Cloudflare and Akamai App and API Protector, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Microsoft Defender for Endpoint. See our Azure DDoS Protection vs. Microsoft Defender for Cloud report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
