Announcing New Monitoring and Scaling Updates in Azure Firewall
We are pleased to introduce some new features and improvements for the service today. These features include capabilities that enhance the monitoring and scalability of your Azure Firewall:
- Flow Trace logs are now generally available.
- Autoscaling based on the number of connections is now generally available.
- Parallel IP Group update support is now in public preview.
Azure Firewall is a cloud-native firewall as a service offering that enables customers to centrally govern and log all their traffic flows using a DevOps approach. The service supports both application and network-level filtering rules and is integrated with the Microsoft Threat Intelligence feed to filter known malicious IP addresses and domains. Azure Firewall is highly available with built-in auto-scaling.
Flow Trace logs are now generally available.
Azure Firewall logging provides logs for various traffic—such as network, application, and threat intelligence traffic. Today, these logs show traffic through the firewall in the first attempt at a Transmission Control Protocol (TCP) connection, also known as the SYN packet. However, this fails to show the full journey of the packet in the TCP handshake. The ability to monitor and track every packet through the firewall is paramount for identifying packet drops or asymmetric routes.
As a result, one can verify if a packet has successfully flowed through the firewall or if there is asymmetric routing by viewing the additional TCP handshake logs in Flow Trace. To do so, you can monitor network logs to view the first SYN packet and enable Flow Trace logs to view the rest of the packets for verification:
- SYN-ACK
- FIN
- FIN-ACK
- RST
- INVALID
With these additional flags in Flow Trace logs, IT administrators can now see the return packet, if there was a failed connection, or an unrecognized packet. To enable these logs, please visit the Flow Trace documentation.
Figure 1. Flow Trace logs in Log Analytics workspace.
Autoscaling based on the number of connections is now generally available.
We are excited to announce a new enhancement for Azure Firewall, a cloud-native, highly available service with built-in autoscaling. Azure Firewall can now auto-scale based on the number of connections, in addition to throughput and CPU utilization.
This means that Azure Firewall can better adapt to your traffic patterns and auto-scale more accurately and efficiently. To learn more about Azure Firewall and its autoscaling capabilities, please visit the Azure Firewall FAQ documentation.
Parallel IP Group update support is now in public preview.
IP Groups is a top-level Azure resource that allows you to group and manage IP addresses in Azure Firewall rules. You can give your IP group a name and create one by entering IP addresses or uploading a file. IP Groups ease your management experience and reduce time spent on managing IP addresses, by allowing you to use group objects across multiple firewalls.
With this product update, you can now update more than one IP Group for Azure Firewall at the same time, instead of sequentially. You can update up to 20 IP Groups that a Firewall Policy refers to in one go. This helps administrators who want to speed up and scale configuration changes, especially when using a dev ops approach (templates, ARM, CLI, and Azure PowerShell).
To learn more about Azure Firewall and its IP Groups feature, please visit the Parallel IP Group updates (Preview) documentation.
Figure 2. Creating a new IP Group.
Published on:
Learn moreRelated posts
Loop DDoS Attacks: Understanding the Threat and Azure's Defense
In the realm of cybersecurity, Distributed Denial-of-Service (DDoS) attacks are a significant concern. The recent holiday season has unveiled ...
Azure Communication Services at Microsoft Build 2024
Join us in-person in Seattle or virtually for Microsoft Build 2024 from May 21 to 24. We're excited to share the latest updates from Azure Com...
Azure Developer CLI (azd) – May 2024 Release
This post announces the May release of the Azure Developer CLI (`azd`), which includes a new demo mode, various .NET Aspire enhancements, and ...
Join us at Build 2024: Get the latest on Azure Cosmos DB in Seattle or online!
Are you ready to dive into the future of AI and data innovation? Microsoft Build 2024 is just around the corner, taking place May 21–23 in Sea...
Announcing Data API builder General Availability for Azure Cosmos DB
Great news for developers out there! The Data API Builder for Azure Cosmos DB is now officially available, eliminating the need for writing co...
Organizing rule collections and rule collection groups in Azure Firewall Policy
Firewall Policy is the recommended method to manage Azure Firewall security and operational configurations. When using Firewall Policy, any ru...
Get Started with Azure AI Services | Open AI and Deployment Models
Table of Contents Overview - Azure AI Services Kind of Azure AI Services Responsible AI Services Limited Access Features Cognitive Acc...
Using Sempy to Authenticate to Fabric/Power BI APIs using Service Principal and Azure Key Vault
In this blog post, the author demonstrates how to use Azure Key Vault and Azure identity to authenticate securely when working with Fabric Not...
Unlock Your Python Potential with Azure
Microsoft's appreciation for Python's versatility and developer-friendly features has led to the creation of tools and resources aimed at assi...