This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Azure Firewall is a cloud-native, intelligent network firewall security service that offers top-tier threat protection for your Azure cloud workloads. It is a fully stateful firewall as a service, featuring built-in high availability and unlimited cloud scalability. Azure Firewall inspects both east-west and north-south traffic. To understand these traffic types, see east-west and north-south traffic.
Azure Firewall is available in three SKUs: Basic, Standard, and Premium.
Azure Firewall Basic is designed for small and medium-sized businesses (SMBs) to secure their Azure cloud environments. It provides essential protection at an affordable price.
Key limitations of Azure Firewall Basic include:
For more information, see Azure Firewall Basic features.
Azure Firewall Standard offers L3-L7 filtering and threat intelligence feeds directly from Microsoft Cyber Security. It can alert and block traffic from/to known malicious IP addresses and domains, updated in real-time to protect against new and emerging threats.
For more information, see Azure Firewall Standard features.
Azure Firewall Premium provides advanced capabilities, including signature-based IDPS for rapid attack detection by identifying specific patterns. These patterns can include byte sequences in network traffic or known malicious instruction sequences used by malware. With over 67,000 signatures in more than 50 categories, updated in real-time, it protects against new and emerging exploits such as malware, phishing, coin mining, and Trojan attacks.
For more information, see Azure Firewall Premium features.
To compare all Azure Firewall SKU features, see Choose the right Azure Firewall SKU to meet your needs.
Azure Firewall Manager allows you to centrally manage Azure Firewalls across multiple subscriptions. It uses firewall policies to apply a common set of network and application rules and configurations to the firewalls in your tenant.
Firewall Manager supports firewalls in both virtual network and Virtual WAN (Secure Virtual Hub) environments. Secure Virtual Hubs use the Virtual WAN route automation solution to simplify routing traffic to the firewall with just a few steps.
To learn more, see Azure Firewall Manager.
For pricing details, see Azure Firewall pricing.
For SLA information, see Azure Firewall SLA.
For a list of supported regions, see Azure products available by region.
To learn about the latest updates, see Azure updates.
For known issues, see Azure Firewall known issues.
Training
Module
Introduction to Azure Firewall - Training
Describe how Azure Firewall protects Azure Virtual Network resources, including the Azure Firewall features, rules, deployment options, and administration with Azure Firewall Manager.
Certification
Microsoft Certified: Azure Security Engineer Associate - Certifications
Demonstrate the skills needed to implement security controls, maintain an organization’s security posture, and identify and remediate security vulnerabilities.
Documentation
Deploy & configure Azure Firewall using the Azure portal
In this article, you learn how to deploy and configure Azure Firewall using the Azure portal.
Choose the right Azure Firewall version to meet your needs
Learn about the different Azure Firewall versions and how to choose the right one for your needs.
Tutorial: Deploy & configure Azure Firewall and policy using the Azure portal
In this tutorial, you learn how to deploy and configure Azure Firewall and policy rules using the Azure portal.