|
-
Set up Azure Firewall in the Azure portal or with PowerShell, REST API, or templates. Read a tutorial for step-by-step instructions.
-
Yes. Azure Firewall supports inbound and outbound filtering. Inbound protection is typically used for non-HTTP/S protocols such as RDP, SSH, and FTP protocols. For the best inbound HTTP/S protection, use a web application firewall such as Azure Web Application Firewall (WAF).
-
Azure Firewall is integrated with Azure Monitor for viewing and analyzing firewall logs. Logs can be sent to Log Analytics, Azure Storage, or Event Hubs. They can be analyzed in Log Analytics or by different tools such as Excel and Power BI. For more information, see Tutorial: Monitor Azure Firewall logs.
-
Yes, Azure Firewall Premium provides advanced threat protection that meets the needs of highly sensitive and regulated environments, such as the financial services and healthcare industries. A signature-based IDPS looks for specific patterns to rapidly detect attacks. These patterns can include byte sequences in network traffic or known malicious instruction sequences used by malware. There are more than 58,000 signatures in more than 50 categories which are updated in real time to protect against new and emerging exploits. The exploit categories include malware, phishing, coin mining, and Trojan attacks.
-
Yes, Azure Firewall allows you to inspect traffic destined for a private endpoint. Private endpoints enable Azure resources deployed in a virtual network to communicate privately with private link resources. You may need to inspect or block traffic from clients to the services exposed via private endpoints using Azure Firewall.
-
For secure access to platform services, we recommend service endpoints. You can choose to enable service endpoints in the Azure Firewall subnet and disable them on the connected spoke virtual networks. This way you benefit from both features—service endpoint security and central logging for all traffic.
