
close
close
In this post, I will explain what the new Azure Firewall, recently launched in preview, can do and what it cannot at this time.
There is no shortage of firewall options in Azure for network security at the transport (Layer-4) and application (Layer-7) layers of the network stack.
The foundational component is the free networks security group (NSG), providing allow/deny filtering for TCP/UDP traffic. NSG policies are deployed no matter what virtual network architecture you design, offering a low-level hard filter. In addition to NSGs, we have:
advertisment
Azure doesn’t supply an alternative to the third-party NVA, but that is starting to change with a new preview release – which isn’t ready for production yet.
The Azure Firewall is a new preview network security feature in Azure, sitting at the edge of the virtual network to provide additional security beyond what is offered by NSGs.
An illustration of Azure Firewall architecture [Image Credit: Microsoft]
What I first heard of Azure Firewall I thought it would replace NVAs. As it turns out, based on what the Azure Firewall is today in its preview release, it won’t. But the current preview release is a very early one, and I think Microsoft is slowly developing Azure Firewall to get it right, instead of rashly rolling out a bunch of unready features. So, I kind of understand what they are doing.
Today the Azure Firewall is not a solution for protecting a network against inbound threats. You cannot set up NAT rules for inbound traffic. It does not have rules or filters for publishing internal applications either. Today, Azure Firewall only cares about outbound traffic.
There are also a number of known issues with:
Azure Firewall is an early preview and is not ready for production. But if the future of Azure Firewall interests you, you should enroll in the preview, deploy it in a test environment, and share your feedback with Microsoft.
advertisment
More from Aidan Finn
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Microsoft Azure
Microsoft's Azure AD Conditional Access Service Can Now Require Reauthentication
May 13, 2022 | Rabia Noureen
Microsoft Addresses Cross-Tenant Database Vulnerability in Azure PostgreSQL
Apr 29, 2022 | Rabia Noureen
Microsoft Simplifies IT Monitoring with New Azure Managed Grafana Service
Apr 19, 2022 | Rabia Noureen
System Center 2022 is Now Available with New Datacenter Management Capabilities
Apr 4, 2022 | Rabia Noureen
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group