A deeper look into Azure Firewall Manager & Azure Virtual Community Day – The Azure community has also been busy this month, as they put together another free 24-hour virtual event for Microsoft cloud learning. This is Azure Level Up a show meant to ignite your passion for leveling up your knowledge of the cloud. Microsoft release of the Azure Firewall Manager service was far and above my favorite announcement over this last month. So let’s dive into why this is great news.
The Azure Firewall offering has always been a great cloud security tool, providing effective security controls for your internal and external traffic. Previously, one of the major downsides of Azure Firewalls was the lack of automation features outside of deployments. And that each firewall you create would need to be managed individually. Azure Firewall Manager changes all that by allowing you to master the power of fire! Ooh, that’s hot.
Azure Firewall Manager allows you to use policy-based management of your firewalls, making it so that you can ensure consistency and keeping with compliance, regardless of where you deploy those firewalls. This has been a much-needed feature to help simplify the day to day administration of Azure firewalls. It has been a limitation that has had companies still relying on third-party firewall virtual appliances to fill in the gaps for the cloud network security.
Possibly, my favorite part of this announcement is that if you’re using a security hub architecture, you can rely on firewall manager to create the routes you need for your traffic to connect back to your hub. Removing the need to create messy easy to find routes that can just be a downright pain. If you’re unfamiliar with general networking concepts. Personally, I’ve been working with networks for years and I still have trouble with traffic shaping and hedging.
Well what’s that? There’s no such thing as traffic hedging, but. But that’s the thing where you do the IP in the… An additional feature of the service is the ability to integrate with third party partners, such as ZScaler, iBoss, and CheckPoint. Being able to use technologies like this is important as while the Azure Firewall handles basic security, very effectively. It’s most effective with Azure service traffic, things like user-aware filtering and Softwares as a Service access still require more advanced solutions.
So you’ll need to work with one of Microsoft supported providers, if you need that sort of integration. Now with all the security goodness, there are some caveats and Microsoft is still working out some of the bumps. Currently the services designed to only work with two different architecture types: Secured Virtual Hubs, which I mentioned before and Hub Virtual Networks. Without these models in place, unfortunately this tool won’t be usable for you as it relies on the ability to define routes through hubs, to your firewalls.
Also things like being unable to split traffic and only being able to have one secured hub per region may still make this offering not entirely viable for some more complex environments. But Microsoft is working hard to create these features. It has mitigation recommendations on its Firewall Manager overview page for these and other known issues.
Big data, security, blockchain, Kubernetes, identity analytics, serverless, cloud compliance governance. Sorry for those of you who don’t speak buzzword-ese. What I meant to say was another important event that happened this month, was the second Azure Virtual Community Day. On Tuesday this past week, Azure community experts provided 24 hours of Azure learning goodness in six different languages, guest speakers from all over the globe contributed sessions over four separate tracks. Also you can engage with industry leaders and get your learn on.
While alas, the community day has passed. By the time this video airs, you can view any sessions that may interest you on their YouTube page at the link here or in the description. Microsoft has made a lot of announcements regarding security this month. And as much as we would love to cover each one in detail, we don’t want to burn you out.
But for now I’d say we’ve accumulated enough skill points to get our next level and earn the Mastery of Fire achievement – congratulations! That wraps up this month Azure Level Up.
Web enthusiast. Thinker. Evil coffeeaholic. Food specialist. Reader. Twitter fanatic. Music maven. AI and Machine Learning!