Likelihood to Recommend Control access to critical enterprise resources by business role, device type, and location, so policy changes can be made without redesigning the network. Easily manage access control and segmentation while maintaining compliance. Create and manage policies in an easy-to-use matrix. Reduce the need for costly network re-architecture by automating firewall rules and access control list (ACL) administration. Read full review I'll go with where it's very suited in certain industries, including ours where the data resides or where it's being sent is incredibly important. So because the data stays within Microsoft World Garden, we are able to piggyback off of a lot of those certifications and meet certain requirements that allow us to expand where we sell our product to outside of scopes that we couldn't reach ourselves.
Read full review Pros Reduce operational expenses by simplifying network segmentation and defining security groups based on business roles, not IP addresses. Limit the impact of a data breach by quickly isolating and containing threats using technology already in your network. Read full review It is a good tool for threat detection and analysis of the threats. We are using this tool for real time threat detection on our employee machines as well as some servers. It provides various options for collecting data sources by leveraging multiple sources using data connectors. This helps us in gathering data from multiple sources such as our servers as well as our employee machines. One good thing about this tool is automated incident response thereby increasing the security of servers. Read full review Cons Help and solutions if needed, support Read full review 'Notebook' has always been a very hard to use feature for me in Sentinel. From my experience, there have been a very selective use cases for this feature across the industry. 'Entity Behavior' has some scope to be improved further since it is a feature that gives some useful insights but needs to be accessed separately. I think it should be re-worked in a way to be used within the incident investigation page. I'd like to see a more user-friendly version of the 'Content Hub' menu which was the earlier version! The new UI is somewhat confusing to use and is dependent on a lot of filters being applied which do not even lasts for a single session. With each refresh, we have to apply the filters again. Read full review Usability The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Read full review Support Rating Azure Sentinel is very easy to use and configure. If you are stuck somewhere, Microsoft support is excellent in assisting and solving your issue.
Read full review Alternatives Considered I use most of the Sims that are out there, but RSAs, old Sim Log, logic, elastic, a lot of them. Sumo, we checked out Sumo too. We're a Microsoft shop and live almost entirely on top of a Microsoft ecosystem. We are considering other Microsoft security products to integrate with it. So it made a lot of sense to really drive as hard as we could Microsoft Sim at least for a few years to make sure it would fit us.
Read full review Professional Services Did not use professional services
Read full review Return on Investment Reduction in IT operational costs Read full review Log Management is a little difficult in-house as everything is situated on the cloud. Paying according to the throughput of the data can be costlier for some organizations. Excellent integration and log parsing for Microsoft products save many man-hours for the SIEM admin to focus on other things. Read full review ScreenShots Microsoft Sentinel Screenshots