Azure Firewall is a managed, cloud-based network security service that protects our Azure Virtual Network resources. It’s a fully stateful firewall-as-a-service with built-in high availability and unrestricted cloud scalability. We can centrally create, enforce, and log application and network connectivity policies across subscriptions and virtual networks.
Capabilities supported in Azure Firewall
- Stateful firewall as a service
- Built-in high availability with unrestricted cloud scalability
- FQDN filtering
- FQDN tags
- Network traffic filtering rules
- Outbound Source NAT support and Inbound Destination NAT support
- Centrally create, enforce, and log application and network connectivity policies across Azure subscriptions and VNETs
- Fully integrated with Azure Monitor for logging and analytics
Broadly supports three types of rule collections:
- Application rules: Configure fully qualified domain names (FQDNs) that can be accessed from a subnet.
- Network rules: Configure rules that contain source addresses, protocols, destination ports, and destination addresses.
- NAT rules: Configure DNAT rules to allow incoming Internet connections.
Azure Firewall is integrated with Azure Monitor for viewing and analyzing firewall logs. Logs can be sent to Log Analytics, Azure Storage, or Event Hubs.
Azure Firewall’s initial throughput capacity is 2.5 – 3 Gbps and it scales out to 30 Gbps. It scales out automatically based on CPU usage and throughput.
Key Features of Palo Alto missing in Azure Firewall
- Centralized Management and Visibility: Single pane of glass delivers aggregated logging and event correlation; actionable insight into traffic and threats
- Advanced Malware Protection: Detect potential malware, detonate, analyze and deliver protections
- QoS: policy-based traffic shaping (priority, guaranteed, maximum) per application, per user, per tunnel, based on DSCP classification
- File type filtering by mime-type, extension and active content types, etc. (We can use Azure App Gateway – WAF to address this)
Features comparison between Azure Firewall and Palo Alto
Palo Alto Reviews feedback
Palo Alto’s application aware identifiers help the firewalls know what their users are intending or trying to do. It can sense and block some specific activities found suspicious. You can block any application. The ML in the core of its firewall security helps in preventing attack real time and help notify proactively in case of abnormal traffic or malicious attempts in the environment. The granularity that Palo Alto provides in application detection is excellent.
Azure Firewall Reviews Feedback
The recently added feature SD-Wan provides it the benefits of scaling and is cost effective depending on bandwidth requirements. It has a security edge routing solutions that improves security without compromising on performance