Table of Contents
It provides scalable, built-in high availability with unrestricted cloud scalability, which can be crucial when protecting your Azure Virtual Network resources. The service is fully integrated with Azure Monitor for logging and analytics.
Azure Firewall operates at Layer 4 (Transport Layer) of the OSI model, allowing it to filter traffic at an IP level. It offers the following features:
Before configuring the Azure Firewall, you first need to create one within your Azure subscription. To deploy Azure Firewall, follow these general steps:
Firewall rules determine the traffic that’s allowed or denied. Types of rules include:
Source Type: IP Address
Source: Any (or specific IPs)
Protocol: TCP
Destination Port: 80
Destination Address: IP address of the web server
Target FQDNs: *.microsoft.com
Protocol: HTTPS
Port: 443
Azure Firewall can be configured with Threat Intelligence to alert or deny traffic from/to known malicious IP addresses and domains, which is based on Microsoft’s threat intelligence feed.
Integrate your firewall with Azure Monitor for logging and analytics. It will capture logs related to application rule, network rule, threat intelligence, and more. These logs can be sent to Azure Monitor logs, Azure Storage, or Azure Event Hubs.
Once your firewall is configured, ongoing monitoring will be crucial. You should continuously review the logs to fine-tune your rules and respond to detected threats.
The costs for Azure Firewall are based on two components:
Azure Firewall is a robust solution for network security within the Azure ecosystem. It provides fine-grained controls over network traffic, along with monitoring and logging capabilities that integrate seamlessly with other Azure services. Maintain vigilance over your Azure resources and always keep your firewall rulesets up to date to respond to the evolving landscape of cyber threats.
True
Azure Firewall is a cloud-native firewall service that protects Azure Virtual Network resources.
A, B, D
Azure Firewall supports application rules for HTTP/S, network rules for all protocols, and NAT rules.
True
Azure Firewall can be configured with network rules to allow or deny traffic from specified IP addresses.
B
Threat Intelligence-Based Filtering in Azure Firewall uses Microsoft’s threat intel to block malicious traffic.
True
Azure Firewall offers both inbound and outbound filtering and provides logging for the traffic.
B
Azure Firewall events can be logged to these destinations using Azure Diagnostics logs.
False
Azure Firewall doesn’t currently support direct integration with Azure Active Directory for identity-based filtering.
C
Azure Firewall can be integrated with Azure Application Gateway for enhanced URL filtering capabilities.
B
Azure Firewall supports Horizontal Autoscale to scale out resources.
True
Azure Firewall can filter traffic flowing through a VPN or ExpressRoute gateway.
A, B, C
Azure Firewall Premium includes advanced features like IDPS, Web Categories, and TLS inspection.
False
Azure Firewall is a stateful firewall, which means it tracks the state of network connections traveling across it.
Azure Firewall is a managed, cloud-based network security service that helps protect your Azure Virtual Network resources.
Azure Firewall filters both inbound and outbound traffic, including unidirectional (north-south) and bidirectional (east-west) traffic.
Azure Firewall can be deployed using either the Azure portal or Azure PowerShell.
The basic tier provides network address translation (NAT) for outbound traffic, while the standard tier includes all basic tier features, as well as inbound and outbound FQDN filtering, TLS inspection, and IDPS.
Azure Firewall requires a dedicated subnet within your virtual network, and at least one public IP address.
Network rules can be created by specifying source and destination IP addresses, ports, and protocols in the Azure portal.
Application rules can be created by specifying source and destination FQDNs, ports, and protocols in the Azure portal.
You can use Azure Monitor to view traffic logs and metrics for Azure Firewall, and configure alert rules to notify you of potential issues.
A hybrid deployment of Azure Firewall is when the firewall is used to filter traffic between Azure and on-premises networks.
A hybrid deployment of Azure Firewall requires a site-to-site VPN connection between the on-premises network and Azure Virtual Network, and the firewall must be deployed in a dedicated subnet with outbound Internet access.
If this material is helpful, please leave a comment and support us to continue.