Azure Firewall
Categories:
2 minute read
Azure Firewall is a cloud-based network security service that provides several key features, including network and application-level filtering, integration with other Azure services, centralized management, and traffic logging and analysis. It can be deployed in a hub-and-spoke or standalone topology and is available in Basic and Premium tiers. Azure Firewall is a powerful and flexible solution for securing your Azure infrastructure and protecting against network-based threats.
Features
Network address translation (NAT): Azure Firewall can perform source and destination NAT to hide the IP addresses of your internal resources from external networks.
Application-level filtering: Azure Firewall includes application-level filtering capabilities that can identify and block malicious traffic, such as SQL injection attacks, cross-site scripting (XSS) attacks, and malware.
User-defined routing: Azure Firewall supports user-defined routing, allowing you to control traffic routing to and from your resources within your VNet.
Integration with Azure services: Azure Firewall integrates with other Azure services, such as Azure Security Center and Azure Sentinel, to provide a comprehensive security solution for your Azure infrastructure.
Centralized management: Azure Firewall provides centralized management capabilities that allow you to manage your firewall policies across multiple VNets and subscriptions.
Threat intelligence: The Azure Firewall Premium tier includes advanced capabilities to identify and block known malicious IP addresses and domains.
Intrusion detection: The Azure Firewall Premium tier includes intrusion detection capabilities that can detect and alert you to potential network intrusions and other security threats.
Tiers
Each tier comes at a cost that increases based on the protection offered.
Basic Tier: The Basic tier of Azure Firewall provides basic network security capabilities, such as inbound and outbound traffic filtering and network address translation (NAT).
Standard Tier: The Standard tier of Azure Firewall provides advanced network security features such as TLS inspection, application ID-based rules, URL filtering, and web categories. It also includes forced tunneling, hub virtual network deployment, and multiple public IP addresses.
Premium Tier: The Premium tier of Azure Firewall provides advanced network security capabilities, including threat intelligence, intrusion detection, and centralized management across multiple VNets and subscriptions.
Map of features and uses
