Microsoft has added a couple of new capabilities to its Azure Firewall service to strengthen the protection of enterprise virtual network resources.
Azure Firewall is a cloud-based firewall-as-a-service (FaaS) offering that allows enterprises to centrally govern their traffic flows through a DevOps approach. It provides support for application and network level filtering rules.
The new capabilities coming to Azure Firewall are—threat intelligence-based filtering, and service tags filtering.
First, the threat intelligence-based filtering will provide logging of all the threats, like malicious IP addresses and domains, in near real-time.
Data scientists and cybersecurity experts at Microsoft has a rich signal of both internal threat intelligence data and third-party sourced data. They mine all the data to create a list of known malicious IP addresses and domains.
With the new filtering capability, enterprises will be able to configure Azure Firewall to alert and deny traffic to and from malicious resources.
Threat intelligence-based filtering will be powered by Microsoft Intelligent Security Graph, which currently provides security for several products and services, includi9ng Azure Security Center and recently launched Azure Sentinel.
For the Azure Firewall deployments, the threat intelligence-based filtering be enabled in alert mode be default. It is currently in preview.
Second, the service tags filtering is a highly requested feature in Azure Firewall. Microsoft said that a service tag is a group of IP address prefixes for specific Microsoft services, like SQL Azure, Azure Key Vault, Azure Service Bus. The service tags help in simplifying network rule creation.
The service tagging support is already available with a number of Azure services for management of address prefixes and automatically updating the service tag as addresses change.
Enterprises will be able to use Azure Firewall service tags in the network rules destination field.
“We want to thank all our customers for their amazing feedback since Azure Firewall became generally available in September 2018. We continue to be amazed by the adoption, interest, positive feedback, and the breadth of use cases customers are finding for our service,” wrote Yair Tor, Principal Program Manager, Azure Networking, in a blog post.
“Please do keep your feedback coming and we look forward to continuing to advance the service to meet your needs.”