We performed a comparison between Azure Firewall and Microsoft Defender for Cloud Apps based on real PeerSpot user reviews.
Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It provided ease of maintenance. If a new firewall was needed, we only had to run the pipelines for this. So, the maintenance was very easy."
"The solution should be capable of self-scaling, which is one of the features we like about it."
"The Layer four features are okay and meet my business needs."
"We use the solution for application and server deployment."
"The feature that I have found the most valuable is the control over the network permissions and the network."
"I can easily configure it."
"The solution is stable."
"I think that one of the best features is definitely the premium version, along with the IDPs in terms of the intrusion detection and prevention system."
"One of the most valuable features is auditing. Some of the other protection services have issues with auditing. Microsoft Defender for Cloud has an excellent auditing technique that helps us avoid the risk of filtering or information loss. You can use different tools to guarantee these things. It allows you to conduct an in-depth exploration of applications, users, and files that are harmful or suspicious. You can also enhance your security setup by creating personalized rules or policies that help you better control traffic in the cloud."
"In Microsoft Defender for Cloud Apps, there is an option to enable files. Once you enable that, it will give you all the files in your organization and where they are located in the cloud... That feature is very useful for investigation purposes."
"I like the web GUI/the management interface. I also like the security of Microsoft. As compared to other manufacturers, it's less complex and easy to understand and work with."
"The most valuable feature is the alerting system."
"Better logging allows us to find problems and take appropriate steps to lock them out."
"Defender's integration with our identity solutions is critical in our current setup."
"Shadow IT discovery is the feature I like the most."
"The feature that helps us in detecting the sensitive information being shared has been very useful. In addition, the feature that allows MCAS to apply policies with SharePoint, Teams, and OneDrive is being used predominantly."
"The solution lacks artificial intelligence and machine learning. It might be in the roadmap. However, currently, it's not available."
"There are a number of things that need to be simplified, but it's mostly costs. It needs to be simplified because it's pretty expensive."
"It needs a lot of improvement, especially on intruder detection. They are working hard on that."
"Azure Firewall should have a free trial version for new users so that they can evaluate it before deploying it."
"The reporting, logging, and monitoring features, as well as the flexibility of the policies, need to be improved."
"For large organizations, a third-party firewall would be an added advantage, because it would have more advanced features, things that are not in Azure Firewall."
"Right now, with Azure Firewall, we cannot have a normal inbound traffic flow. For inbound, Microsoft suggests using application gateways, so the options are very limited. I cannot use this firewall as an intermediate firewall because of the limitations, and I cannot point routing to another firewall. So if I want to use back-to-back firewall architecture in my environment, I cannot use Azure Firewall for that type of configuration either."
"The threat intelligence aspect of this particular firewall is not at par with other providers."
"There are challenges with detection and there are challenges with false-positive rates."
"It takes some time to scan and apply the policies when there is some sensitive information. After it applies the policies, it works, but there is a delay. This is something for which we are working with Microsoft."
"In the future, I would like to see more plug-and-play capabilities that use AI to tell you what needs to be done. It would be helpful if it scanned our devices and made security suggestions, on a configuration basis."
"Defender for Cloud Apps could come with more configured policies out of the box. Also, integration could be easier. Integration is moderately difficult because Microsoft hasn't developed a solution that unifies device onboarding and management. You have to use Intune to manage devices and Defender for Endpoint to enforce policies. They need to fix their integration, but I believe they will straighten it out by the end of the year."
"It doesn't actually decrease the time to respond. This has been an issue with Microsoft recently. Sometimes, there is a delay when it comes to getting an alert policy email... Sometimes it takes two or three hours for that email to be sent."
"Microsoft Defender for Cloud Apps’s technical support services needs improvement."
"They need to improve the attack surface reduction (ASR) rules. In the latest version, you can implement ASR rules, which are quite useful, but you have to enable those because if they're not enabled, they flag false positives. In the Defender portal, it logs a block for WMI processes and PowerShell. Apparently, it's because ASR rules are not configured. So, you generally have to enable them to exclude, for example, WMI queries or PowerShell because they have a habit of blocking your security scanners. It's a bit weird that they have to be enabled to be configured, and it's not the other way around."
"Defender could integrate better with multi-cloud and hybrid environments. It requires some additional configuration to ingest data from non-Azure environments and integrate it with Sentinel."
More Microsoft Defender for Cloud Apps Pricing and Cost Advice →
Azure Firewall is ranked 11th in Microsoft Security Suite with 33 reviews while Microsoft Defender for Cloud Apps is ranked 10th in Microsoft Security Suite with 30 reviews. Azure Firewall is rated 7.2, while Microsoft Defender for Cloud Apps is rated 8.4. The top reviewer of Azure Firewall writes "Easy to use and configure but could be more robust". On the other hand, the top reviewer of Microsoft Defender for Cloud Apps writes "Integrates well and helps us in protecting sensitive information, but takes time to scan and apply the policies and cannot detect everything we need". Azure Firewall is most compared with Fortinet FortiGate-VM, Palo Alto Networks NG Firewalls, Palo Alto Networks VM-Series, Microsoft Defender for Cloud and Check Point NGFW, whereas Microsoft Defender for Cloud Apps is most compared with Zscaler Internet Access, Cisco Umbrella, Netskope , Prisma Access by Palo Alto Networks and Qualys VMDR. See our Azure Firewall vs. Microsoft Defender for Cloud Apps report.
See our list of best Microsoft Security Suite vendors.
We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.