![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 44%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAA%3C/text%3E%3C/svg%3E)
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
567 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 59%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Thank you for reaching out.
Based on your questions above.
I have a firewall setup of standard SKU type what is the recommended latency probe recommended for standard SKU.
I think you can explore the option of using AZFW Latency Probe,
This metric measures the overall or average latency of Azure Firewall in milliseconds. Administrators can use this metric for the following purposes:
- Diagnose if Azure Firewall is the cause of latency in the network.
- Monitor and alert if there are any latency or performance issues, so IT teams can proactively engage.
- There may be various reasons that can cause high latency in Azure Firewall. For example, high CPU utilization, high throughput, or a possible networking issue.
This metric doesn't measure end-to-end latency of a given network path. In other words, this latency health probe doesn't measure how much latency Azure Firewall adds.
- When the latency metric isn't functioning as expected, a value of 0 appears in the metrics dashboard.
- As a reference, the average expected latency for a firewall is approximately 1 ms. This may vary depending on deployment size and environment.
- The latency probe is based on Microsoft's Ping Mesh technology. So, intermittent spikes in the latency metric are to be expected. These spikes are normal and don't signal an issue with the Azure Firewall. They're part of the standard host networking setup that supports the system.
You can check this metric on in Metrics section on Azure Portal.
If it reaches the maximum latency how we can resolve?
If there is a spike in the latency, it can be caused due high CPU utilization, high throughput, or a possible networking issue. In case of high CPU utilization or high throughput you can migrate your firewall to premium SKU which offers higher scalability as described here.
Although in case you observe high latency for a prolonged period, it is recommended to create a support request as a support engineer can take a look at the backend logs and help pin-point the issue.
Hope this helps! Please let me know if you have any additional questions. Thank you!
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.