Defend in opposition to cyberattacks with the brand new Azure Firewall Primary | Azure Weblog and Updates

Spread the love

Cyberattacks proceed to rise throughout companies of all sizes as attackers are adapting their strategies and rising the complexity of their operations.1 The danger of those assaults is important for small and medium companies (SMBs) as they normally don’t have the specialised information or assets to guard in opposition to rising threats and face extra challenges when recovering from an assault. In a latest Microsoft survey,2 70 p.c of SMBs assume cyberthreats have gotten extra of a enterprise threat and almost one in 4 SMBs said that they’d a safety breach within the final 12 months.

SMBs want options which might be tailor-made to their distinctive wants and challenges. Microsoft is dedicated to delivering safety options to fulfill the wants of all our prospects. We’re excited to announce the overall availability of Azure Firewall Primary, a brand new SKU of Azure Firewall constructed for SMBs.

Since public preview, we have now seen a large adoption of the Azure Firewall Primary. Prospects said the simplicity and ease of use of the Azure Firewall as one of many key advantages for selecting Azure Firewall Primary.  We’ve additionally added the potential to deploy Azure Firewall inside a digital hub along with a digital community. This provides companies the pliability to decide on the deployment possibility that finest meets their wants.

Deploying Azure Firewall in a digital community is really useful for purchasers who plan to make use of conventional hub-and-spoke community topology with a Firewall on the hub. Whereas, deploying on a digital hub is really useful for purchasers with giant or international community deployments in Azure the place international transit connectivity throughout Azure areas and on-premises places is required.

Offering SMBs with a extremely accessible Firewall at an inexpensive value level

Azure Firewall Primary brings the simplicity & safety of Azure Firewall to SMBs at a cheap value level

It presents Layer 3–Layer 7 filtering and alerts on malicious site visitors with built-in menace intelligence from Microsoft menace intelligence. As a cloud-native service, Azure Firewall Primary is straightforward to deploy with a couple of clicks and seamlessly integrates with different Azure providers, together with Microsoft Azure Firewall Supervisor, Azure Monitor, Azure Occasions Hub, Microsoft Sentinel, and Microsoft Defender for Cloud.

Key options of Azure Firewall Primary

Complete, cloud-native community firewall safety

  • Community and software site visitors filtering—Centrally create, permit, or deny community filtering guidelines by supply and vacation spot IP tackle, port, and protocol. Azure Firewall is absolutely stateful, so it will possibly distinguish reputable packets for various kinds of connections. Guidelines are enforced and logged throughout a number of subscriptions and digital networks.
  • Risk intelligence to alert on malicious site visitors—Allow menace intelligence-based filtering to alert on site visitors from or to identified malicious IP addresses and domains. The IP addresses and domains are sourced from the Microsoft menace intelligence feed.
  • Constructed-in excessive availability—Azure Firewall Primary gives built-in excessive availability to make sure that your community site visitors is at all times protected. Azure Firewall Primary can replicate your firewall occasion throughout two availability zones, making certain that your site visitors is at all times filtered even when one of many zones goes down.

Easy setup and straightforward to make use of

  • Arrange in only a few minutes—Use the Quickstart deployment Azure Useful resource Supervisor (ARM) templates to simply deploy Azure Firewall Primary on to your Azure setting.
  • Automate deployment (deploy as code)—Azure Firewall Primary gives native help for Infrastructure as Code (IaC). Groups can outline declarative ARM templates that specify the infrastructure required to deploy options. Third-party platforms like Terraform additionally help IaC to handle automated infrastructure.
  • Zero upkeep with automated updates—Azure Firewall is robotically up to date with the most recent menace intelligence and safety updates to make sure that it stays up-to-date and guarded in opposition to the most recent threats.
  • Centralized administration by way of Azure Firewall Supervisor—Azure Firewall Supervisor is a central administration answer that means that you can handle a number of Azure Firewall cases and insurance policies throughout your group from a single location, making certain that your safety insurance policies are constant and updated throughout your group.


Designed to ship important, cost-effective safety of your Azure assets inside your digital networks.

Azure firewall Basic serves as the hub and connects to spoke 1 and spoke 2. It includes the L3-L7 connectivity policies, Microsoft threat intelligence feature, NAT, network and application traffic filtering that allows outbound and inbound connections. Without a rule, the traffic is denied by default.

Select the suitable Azure Firewall SKU for your online business

Azure Firewall is obtainable in three SKUs to fulfill a variety of use circumstances and wishes:

  1. Azure Firewall Premium is really useful for purchasers trying to safe extremely delicate purposes, resembling cost processing. Along with all options of the Azure Firewall normal, it additionally helps superior menace safety capabilities like malware and Transport Layer System (TLS) inspection.
  2. Azure Firewall Commonplace is really useful for purchasers on the lookout for Layer 3–Layer 7 firewall and require auto-scaling to deal with peak site visitors intervals of as much as 30 gigabits per second (Gbps). It helps enterprise options like menace intelligence, Area Identify System (DNS) proxy, customized DNS, and internet classes.
  3. Azure Firewall Primary is really useful for SMB prospects with throughput wants of lower than 250 megabits per second (Mbps).

Let’s take a more in-depth take a look at the options throughout the three Azure Firewall SKUs.

Feature comparison between Azure Firewall Basic, Standard and Premium. Azure Firewall Basic has 250Mbps fixed scale and threat intelligence on alert. Standard adds the FQDN in network rules, can scale up to 30Gpbs, FAT flow of 1Gbps, web categorization, DNS proxy + custom DNS, and Threat Intelligence on alert and deny. Azure Firewall Premium adds can scale up to 100Gbps with FAT flow of 10Gbps, TLS termination with IDPS and URL filtering.

Azure Firewall Primary pricing


Azure Firewall Primary pricing consists of each deployment and knowledge processing expenses for each digital community and digital hub situations. Pricing and billing for Azure Firewall Primary with digital hub will likely be efficient beginning Could 1, 2023.

For extra particulars, go to the Azure Firewall pricing web page.

Subsequent steps

For extra info on the whole lot we lined on this weblog put up, see the next assets:

1Microsoft Digital Protection Report 2022

2April 2022: Microsoft Small and Medium Enterprise quantitative survey analysis: Safety within the new setting

Leave a Reply

Your email address will not be published. Required fields are marked *