Instana, an IBM company since the December 2020 acquisition, provides APM services for SOA, microservices, containerized applications and Kubernetes, and cloud native applications, as well as discovery and monitoring for IT assets.
$75
per month per Managed Virtual Server (MVS)
Microsoft Sentinel
Score 8.7 out of 10
N/A
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
With enterprise IT assets in a multitude of ecosystems, cloud infrastructures and sometimes still left stuck in a legacy on prem architecture, IBM Instana makes it easy to get the right data to drive development and / or DevSecOps processes with tangible input from the target environment itself.
I recommend Microsoft Sentinel for effective threat detection and response. It is a great SIEM and SOAR solution for businesses, and we have used it effectively, which is why I recommend it. Since it works across on-premises and multi-cloud environments, it is ideal for businesses of all sizes. Being AI-equipped and its ability to handle threat analytics make it irresistible.
Can monitor application(s) and system(s) with very large throughput of transactions by the second ( it gets everything !!!)
Provide strong drill down for your applications and will tell you where the points of failure of an application's is ( servers , network , Databases , etc you name it )
Very easy to set up and have it up and running when using the SaaS solution. There's an on premise solution which works just as well but requires more effort and preparation from an infrastructure point of view for your teams to implement.
Continuously improve their features and their agents auto-update and keep up. All while not interfering with your applications.
Let's you create your own dashboards and visualizations that can be tailored for different kind of users with the data collected.
Create your own events and smart alerts so you can know on the spot if something is happening or is likely to happen that needs addressing on your applications / systems
I appreciate that it keeps the data within our, what we call our, authorization boundary. The fact that the data remains within Microsoft's, I guess, walled garden if you will, is very helpful for certain compliance needs in particular.
The large library of ingestion: ability to ingest is basically as easy as I can basically get it to be most of the time. There's occasionally some vendors that it's a little bit more challenging for, but given the ease of integration for a lot of things, basically it's become one of my requirements when I am looking at other tools is how easily do they integrate with Sentinel.
It's very difficult to create custom dashboards, only a handful of scenarios can be visualized to dashboards.
Extracting information from Instana to further analysis into excel for example is something that can be improved. Using an API to get data is very limiting.
Open telemetry features which allow to send application data to Instana is not working as documented.
I think it should include more third party integration with non microsoft products as well as with other cloud providers. These integrations should be native.
It should improve ML and AI capabilities.
I find its documentation a little bit difficult to understand at the start. So the words should be simple.
Instana has been able to fulfill our all requirement and provide out of box solution for multiple component like AWS RDS Monitoring and real time alerting setup on basis of that. it is also easy to integrate with other open-source alerting and monitoring tools which makes it easier to incorporate into our solutions
IBM Instana totally alters our monitoring approach since it increases the stability of the system and simplifies the process of problem solving. And since it helps to lower the degree of alert exhaustion that we experience, it is a total game changer for us.
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
As a DevOps engineer, I've explored various Application Performance Monitoring (APM) tools, including New Relic for real-time insights, AppDynamics for code-level visibility, Dynatrace for AI-driven monitoring, Datadog for comprehensive observability, Splunk for log management, Stackify Retrace for error tracking, and Raygun for crash reporting. Each tool offers distinct features, and the choice depends on specific use cases, technology stacks, and organizational needs. Thorough evaluations, considering factors like ease of use, integration capabilities, and scalability, help in selecting the most suitable APM solution for effective application monitoring in a DevOps environment.
Microsoft Sentinel excels in cloud-native scalability, Microsoft ecosystem integration, and AI-driven threat detection with UEBA and Fusion rules, offering faster deployment and lower costs (48% cheaper per Forrester) than Splunk, QRadar, Exabeam, SentinelOne, Securonix, and Wazuh. It lags in third-party integrations and syslog parsing. Organizations choose Microsoft Sentinel for its cost-effectiveness, automation, and Microsoft synergy, especially in Azure-heavy environments, though Splunk and Exabeam lead in flexibility and UEBA, respectively.
As any cybersecurity product, this has to be more with risk to avoid loss in case of a ransomware that more than relate to a productivity increase. Maybe the impact could be that instead of having people that are checking 24/7 the dashboard, you could implement Sentinel and have less people checking that or people with less expertise. So the saving will be a minor but will be a saving in the cost of your team.
