Table of Contents
In addition, by monitoring network traffic with built-in analytics tools and logging suspicious activities to Azure Activity Logs, you can provide further security at this critical layer.
Advanced Threat Protection Services provide a level of protection against threats that would otherwise be difficult or impossible to prevent or detect. Using threat intelligence and real-time analysis, it can identify malicious behavior and quickly block connections before they occur or while in progress, thus preventing data loss and downtime. Moreover, the services also include authentication measures and identity whitelisting, so you can more precisely manage who is allowed into your environment according to specific business rules. In conclusion, this improves an organization’s overall security posture by reducing potential risks associated with cybercriminals and other malicious actors.
Azure Firewall is a managed, cloud-based network security service that helps protect your Azure Virtual Network resources.
Azure Firewall filters both inbound and outbound traffic, including unidirectional (north-south) and bidirectional (east-west) traffic.
Azure Firewall can be deployed using either the Azure portal or Azure PowerShell.
The basic tier provides network address translation (NAT) for outbound traffic, while the standard tier includes all basic tier features, as well as inbound and outbound FQDN filtering, TLS inspection, and IDPS.
Azure Firewall requires a dedicated subnet within your virtual network, and at least one public IP address.
Network rules can be created by specifying source and destination IP addresses, ports, and protocols in the Azure portal.
Application rules can be created by specifying source and destination FQDNs, ports, and protocols in the Azure portal.
You can use Azure Monitor to view traffic logs and metrics for Azure Firewall, and configure alert rules to notify you of potential issues.
A hybrid deployment of Azure Firewall is when the firewall is used to filter traffic between Azure and on-premises networks.
A hybrid deployment of Azure Firewall requires a site-to-site VPN connection between the on-premises network and Azure Virtual Network, and the firewall must be deployed in a dedicated subnet with outbound Internet access.
If this material is helpful, please leave a comment and support us to continue.