Azure DDoS Protection vs Microsoft Defender XDR comparison

"Azure DDoS Protection offers superior protection against denial-of-service attacks."

"I like the user interface, documentation, and support. Azure DDoS Protection is one of the most valuable solutions for any endpoint that is publicly reachable through the internet. It will automatically secure all your endpoints from third-party attacks, cyber attacks, or phishing attacks."

"AI capabilities are very good. I would rate them an eight out of ten."

"This solution is the best option for us because we use a lot of Microsoft products. So, it is easy for us to deploy or integrate any features or products."

"The most important feature is that the solution continuously monitors traffic by inbuilt rules to identify preconfigured attacks."

"The most valuable feature of Azure DDoS Protection is that it performs well."

"DDoS Protection is simple to deploy and integrates seamlessly with the Azure environment. Ease of deployment is a crucial feature for us."

"Scanning, vulnerability reporting, and the dashboard are the most valuable features."

"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."

"The product integrates security into one tool instead of having third-party security tools."

"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."

"Microsoft Defender XDR is scalable."

"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."

"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."

"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."

"The implementation of Azure DDoS Protection results in a decrease in our bandwidth capacity and should be optimized to reduce resource consumption."

"The UI needs to be improved."

"Azure DDoS Protection could improve on the reporting."

"The visibility could be better. We would like to have better metrics, so we could see all the information in a central place."

"The reporting aspect and dashboard management monitoring need improvement."

"Sometimes, it is hard for our staff to keep track of changes (in the GUI) between different projects, because there are constant changes. As a result, it is hard to manage, recall, and see all the features because they have been moved from one place to another."

"It's not very easy to configure, in my view."

"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."

"The management and automation of the cloud apps have room for improvement."

"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."

"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."

"The console is missing some features that would be helpful for a managed services provider, like device and user management."

"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."

"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."

"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."

"The pricing is quite high. It is a monthly subscription that costs about $2,000 per month, depending on the user sizes."

"It is an expensive solution."

"You can test it for a certain period of time free of charge. You can have a free account. You can test it to compare its pros and cons with other products that you are testing."

"The pricing is good but is not the best. It could be improved so that middle-sized organizations, such as startups, can benefit from it."

"Its licensing and pricing are handled by someone else. My role is limited to incidents or issues with the portal, but you get what you pay for. It is worth the cost."

"On average, we pay around 55 euros per user for the services and features we receive."

"Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."

"It is fairly priced because we get complete integrated services with the E5 license."

"365 Defender can get expensive because you pay per gigabyte of data ingested. On the other hand, much of the data available in the other Microsoft security solutions are made available relatively cheaply—sometimes at cost or for free. Integrating only a limited set of third-party solutions with Sentinel would be cost-effective. It's much more affordable if companies only have Microsoft stuff."

"Defender XDR is included in the E5 license, but it's a bit too expensive."

"The product is fairly priced for what we get from it."

"Microsoft purposely makes its license combinations complex and includes combinations like Microsoft 365 E3 and Microsoft 365 E5, Office 365 E3, Office 365 E5, and Office 365 E1, so you get confused. Microsoft tries to sell you a bundle of a lot of things together."