Azure – Azure Firewall Manager can now integrate with virtual networks
As introduced some time ago, Azure Firewall Manager (AFM) is the central configuration and management point for Azure Firewall.
With the evolving nature of workload demands, it’s important to ensure your network security policies are keeping up pace. These policies are frequently being altered several times per week, with many even being changed several times in a day!
You’ll find that over time, as network and application rules grow, the quality of your Azure Firewall becomes suboptimal; the firewall’s performance and speed are negatively impacted. You may have instances where applications are hosted in a network that’s been moved to another network. Yet the firewall rules regarding older networks haven’t been removed. As a result, high-priority rules can end up being unintentionally prioritised less.
It’s a challenging task for any IT team to maintain and optimise firewall rules, especially for large, geographically dispersed enterprises. It can involve multiple teams from different locations undertaking the complex job of manually augmenting the Azure Firewall policy. On top of this, there’s always the risk that an update can critically impact a crucial workload, leading to major disruptions.
Fortunately, Policy Analytics can help you optimise your Azure Firewall over time by providing crucial insights and recommendations. Its aim is to essentially strengthen your security position.
Policy Analytics for Azure Preview is now in preview, so you can get started right away.
Policy Analytics provides visibility into the traffic flowing through your Azure Firewall. From your Azure Portal, you have the following capabilities available:
As mentioned, single-rule analysis involves selecting a specific rule and analysing matching traffic flows. This is perfect for optimisation and can be done with only a few clicks!
First, select a policy. Then, select Policy Analytics (preview) from the Monitoring blade. From here, you can click on Single-rule analysis.
Policy analytics lets you pick a rule of interest and perform a rule analysis on it. So, from here you simply need to select a rule you’d like to optimise.
NOTE: Single rule analysis does not support refining rules with Service Tags, FQDN Tags, Web categories and IP Groups during Public Preview.
You’ll be shown some recommendations based on the analysed traffic flows. From this view, you can evaluate and apply the recommendations as you see fit. This includes deleting rules or making them a lower priority. You can also lock down the rules to specific ports matching traffic.
While still in preview, to enable Policy Analytics on a Firewall Policy that’s associated with only a single firewall, you’ll be billed per policy. You can find more information about this billing here.
Otherwise, enabling Policy Analytics on a Firewall Policy associated with more than one firewall can be done at no extra cost.
As introduced some time ago, Azure Firewall Manager (AFM) is the central configuration and management point for Azure Firewall.
Azure Firewall, the Firewall as a Service (FWaaS) from Azure, has been updated to allow you use Fully Qualified Domain Name (FQDN) when setting up...
As you know, Azure Firewall is a cloud as a service (FWaaS) from Azure helping you to centrally managed traffic from Azure or to Azure.