Recent DiscussionsMost RecentNewest TopicsMost LikesSolutionsTagged:TagRe: SEP 26, 2023 | Ask-Me-Anything | Azure Firewall, Azure WAF and Azure DDoS TBohunek,please submit your feedback via https://aka.ms/azurenetsecfeedback. I would also recommend you joining the Private Community where youcanmake a difference in helping us shape our products together by reviewing our product roadmaps, co-design participation, feature previews and stay up to date on announcements. Re: SEP 26, 2023 | Ask-Me-Anything | Azure Firewall, Azure WAF and Azure DDoS joshuabales,yes you can create a custom rule on Azure Web Application Firewall using RemoteAddr (IP address) as your match variable as described here. Custom rules allow you to create your own rules that are evaluated for each request that passes through the WAF and hold a higher priority than the rest of the rules in the managed rule sets.The custom rules contain a rule name, rule priority, and an array of matching conditions. If these conditions are met, an action is taken (to allow, block, or log). If a custom rule is triggered, and an allow or block action is taken, no further custom or managed rules are evaluated. Custom rules can be enabled/disabled on demand. Re: SEP 26, 2023 | Ask-Me-Anything | Azure Firewall, Azure WAF and Azure DDoS Rahulggupta25, please find my comments below: 1.how we can backup our rules in firewall? Answer: Take a look at the following blog post describing the steps to backup your Azure Firewall. 2.whats best practice for north-south and east west traffic? Answer: Could you elaborate more? You can use the same Azure Firewall deployment to protect both north-south and east-west traffic. Check the recommendations at this Well-Architected Framework document for Azure Firewall. 3.do we need to have ELB in front of firewall? Answer: No, you don't need to create an ELB in front of Azure Firewall. Azure Firewall is high available by design. Re: SEP 26, 2023 | Ask-Me-Anything | Azure Firewall, Azure WAF and Azure DDoS RodrigoFerraz,Azure Firewall is a cloud-native resource. It is a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. It is based off Virtual Machine Scale Set, and by default, there are two active VMSS instances. Azure Firewall gradually scales out when the average throughput or CPU consumption is at 60%, and it takes 5 to 7 minutes. The scale in also happens gradually when the average throughput or CPU consumption is below 20%. Note:The scaling doesn't apply to the Basic SKU, as it has a fixed scale unit to run the service on two virtual machine backend instances. Azure Firewall doesn't share connection state between the instances. So, in case of scale in a VM instance is put in drain mode for 90 seconds before being recycled. It may also happen when there's a planned maintenance of the Firewall. For reliability, we recommend deploying Azure Firewall with Availability Zones.
Recent Blog ArticlesMost RecentMost LikesPrivate IP DNAT Support (Preview) and Scenarios with Azure Firewall This blog post will delve into the DNAT feature for private IP addresses for traffic between overlapping private IP addresses across networks and between non-routable private IP addresses. Re: Monitoring traffic flows in Azure Firewall using Virtual Network Flow Logs HiAdinErmie,that's a good point to call out. This approach described in this blog post is only supported on VNet Firewall deployments. Re: Private IP DNAT Support and Scenarios with Azure Firewall Gfellithat's correct. You will see the IP address of one of the active Azure Firewalls instances as the source. Since there's no way to predict how many instances are currently deployed and what IP ...Monitoring traffic flows in Azure Firewall using Virtual Network Flow Logs In this blog post we will show you a different approach to enhance the monitoring experience of Azure Firewall by using Virtual Network Flow Logs and Traffic Analytics. This combination provides a co...Re: Runbook to manage Azure Firewall Back ups Thank you,Jmudhar90for sharing your workaround. We are going to test and plan an update of the blog. Guarding the Gates: Exploring Supported Scenarios for Azure DDoS Protection and Public IP Prefixes In this blog post we are showing you the scenarios where Azure DDoS Protection can help protect Public IP Prefixes from these attacks. Re: Optimizing Azure Firewall logging costs kawata777,yes, resource specific logs are compatible with the Azure Firewall solution for Sentinel. Part 1 - Managing Network Rules by using Azure Tags with Illumio for Microsoft Azure Firewall In this blog series where are exploring Illumio for Microsoft Azure Firewall, an integrated solution that extends the advantages of Zero Trust Segmentation into Azure environments. Part 2 - Managing Azure Firewall Network Rules with Illumination In this blog series we are exploring Illumio for Microsoft Azure Firewall, an integrated solution that extends the advantages of Zero Trust Segmentation into Azure environments. Intrusion Detection and Prevention System (IDPS) Based on Signatures In the world of cybersecurity, the threat of cyber attacks is ever-present. One way to protect against these threats is through the use of an Intrusion Detection and Prevention System (IDPS). But wha...
MicrosoftMicrosoftMicrosoftMicrosoft
