Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
$2.46
per GB ingested
Palo Alto Networks WildFire
Score 9.7 out of 10
N/A
Palo Alto Network’s WildFire is a malware prevention service. It specializes in addressing zero-day threats through dynamic and static analysis, machine learning, and advanced sandbox testing environments.
We use intune to protect endpoints and we pull logs from all the endpoints through the intune connector into the Microsoft Sentinel SIEM and that way we can run rules on those logs to find anomalies.
Palo Alto Networks WildFire
No answer on this topic
Features
Microsoft Sentinel
Palo Alto Networks WildFire
Security Information and Event Management (SIEM)
Comparison of Security Information and Event Management (SIEM) features of Product A and Product B
Microsoft Sentinel
7.3
22 Ratings
7% below category average
Palo Alto Networks WildFire
-
Ratings
Centralized event and log data collection
8.122 Ratings
00 Ratings
Correlation
7.022 Ratings
00 Ratings
Event and log normalization/management
7.122 Ratings
00 Ratings
Deployment flexibility
7.020 Ratings
00 Ratings
Integration with Identity and Access Management Tools
I think that the pro is well suited for a complex environment for a big organization that has people that has a mid-size cybersecurity team in place. And it's less appropriate if you are a not so big company because the budget could be important. Barrier to adopt it right on the right way
Palo Alto Networks Wildfire is well suited for pretty much anywhere that you need the latest and greatest network security. It is extremely good at protecting you from the latest malware threats that might pose a potential problem for your network/endpoints. We've been very please since we installed it and I would say cost of the Palo Altos is the only drawback. If money were no object I'd go with a Palo Alto with Wildfire every time. But unfortunately in some smaller branches it just doesn't make financial sense.
I appreciate that it keeps the data within our, what we call our, authorization boundary. The fact that the data remains within Microsoft's, I guess, walled garden if you will, is very helpful for certain compliance needs in particular.
The large library of ingestion: ability to ingest is basically as easy as I can basically get it to be most of the time. There's occasionally some vendors that it's a little bit more challenging for, but given the ease of integration for a lot of things, basically it's become one of my requirements when I am looking at other tools is how easily do they integrate with Sentinel.
This is could base and easily manageable for our collocation. While working within the could can review in live time potential treats that it has reported from other devices.
Worked very well with existing Palo Alto devices.
Another huge plus is the simplicity of managing and ease of scalability.
Its cost is competitive with similar/like products available.
I think it should include more third party integration with non microsoft products as well as with other cloud providers. These integrations should be native.
It should improve ML and AI capabilities.
I find its documentation a little bit difficult to understand at the start. So the words should be simple.
It works very well and takes care of protecting us from threats new and well-known. It's been a game changer in terms of threat detection & prevention.
The Microsoft Azure Sentinel solution is very good and even better if you use Azure. It's easy to implement and learn how to use the tool with an intuitive and simple interface. New updates are happening to always bring new news and improve the experience and usability. The solution brings reliability as it is from a very reliable manufacturer.
Easy to use and works well. For the most part it's set it and forget it, but there's also some flexibility for high security environments and those with extra privacy concerns.
PAN support is very good. You can get the reasonable and timely support on any conditions. When the product is already integrated with the PAN firewalls, you can choose the severity levels based on the effect. The customer service/TAC is very helpful, they even have additional recommendations of advises for product usability. Local partners are also assisting the cases and give their expertise.
Well before there was Microsoft Sentinel, you had other competing products like ArcSight or Splunk, et cetera. I think they have their own qualities, but the Microsoft integration story is really why we're using it.
We wanted a single device to handle numerous jobs, such as antivirus, antimalware, vulnerability detection, url filtering, etc. Palo Alto provides this, while TippingPoint IPS is a more dedicated product. Caveat: I used TippingPoint over 5 years ago, so things may have changed.
As we all know the product of Palo Alto is little bit expensive but its performance is far better than any of its competitors. So as I previously mentioned, Palo Alto should not sell WildFire Licence seperately.
If the firewall is internet facing then only we should buy WildFire Licence.
WildFire Licence is not necessary for internal firewall. If you are planning to buy a firewall for internal network where your traffic is not going towards internet so no need to buy WildFire Licence.
