Summary
Contoso IT management was concerned about external threats in the form of malicious actors attempting to infiltrate the network. Management was also concerned about internal threats in the form of employees inadvertently attempting to access malicious websites.
You were asked to evaluate whether Azure Firewall would be a good choice to deny threats while allowing legitimate traffic. You were also asked to find the most efficient way to implement firewall policies across Contoso's multiple Azure regions.
In this module, you learned the fundamentals of Azure Firewall and Azure Firewall Manager. You discovered that Azure Firewall acts as a barrier between your Azure virtual network and the internet. You found out that Azure Firewall examines all inbound and outbound traffic. It uses threat intelligence, rules, and other policy settings to allow legitimate traffic and deny threatening or unknown traffic. You learned that Azure Firewall Manager can help reduce the complexity of deploying policies to multiple firewalls. You also learned that Azure Firewall Premium can be deployed for advanced threat protection that meets the needs of highly sensitive and regulated environments, such as the payment and healthcare industries.
With your knowledge of Azure Firewall's features, rules, and deployment scenarios, and the management options of Azure Firewall Manager, you recommend these products to Contoso's IT team as a way of bolstering Contoso's network security while also simplifying network security management.
Learn more
Here are some links to more information about Azure Firewall and Azure Firewall Manager:
- Azure Firewall
- Azure Firewall pricing
- FQDN tags overview
- Azure service tags overview
- Azure Firewall threat intelligence-based filtering
- Tutorial: Deploy and configure Azure Firewall using the Azure portal
- Azure Firewall Manager deployment overview
- Azure Firewall Premium features