Keeping with the always changing and constantly improving, Microsoft recently announced two new capabilities for Azure Firewall, a cloud-native firewall-as-a-service offering, enabling customers to govern all their traffic flows using a DevOps approach centrally. The firewall service supports both application (such as *.github.com), and network level filtering rules. Azure Firewall became generally available about six months ago, yet they are already introducing two new features: threat intelligence-based filtering and service tags filtering.
Azure Firewall users can configure the service to alert and deny traffic to and from known malicious IP addresses and domains in almost real-time. Moreover, the firewall service receives a feed of Microsoft’s threat intelligence, which includes these addresses and domains. By default, Microsoft enables the thread intelligence-based filtering in alert-mode for any Azure Firewall deployment, and users can adjust the behavior to alert and deny Customers can view the Microsoft threat intelligence information in Azure Monitor dashboards, displaying items like compromised virtual machines and blocked port scans.
Besides the threat intelligence-based filtering, the other update Microsoft added was support for service tags. With service tags, customers can easier create network rules by simply using these tags in the network rules destination field. Microsoft also announced it will continue to add support for additional service tags over time.
Not sure if Microsoft Azure firewall is right for your business? Contact 2W Tech, a Gold Microsoft Partner, today to learn more about protecting your Microsoft Azure Cloud. 2W Tech is a full-service IT Consulting Firm that candrive your business to Digital Manufacturing with expertise in Security, Cloud, Epicor and IT Infrastructure.