Azure Firewall Basic Commercially Released
Microsoft this week announced that Azure Firewall Basic is now at the "general availability" commercial-release stage.
Azure Firewall Basic is a new product aimed at small-to-medium (SMB) organizations. It offers "network and application traffic filtering," threat intelligence from Microsoft's feed, and high availability, with replication across "two availability zones."
Microsoft released Azure Firewall Basic at the preview stage last year, but it's now deemed commercially available and ready for production environments. Currently, the Azure Firewall Basic service is delivered from Microsoft's datacenters located in the United States and Canada, according to this product page listing.
Microsoft added to the product deployment options for Azure Firewall Basic. A newly added virtual hub deployment option is targeted toward organizations having large or global networks to protect. There's also a virtual network deployment option, which is deemed for use on "traditional hub-and-spoke network topology with a Firewall on the hub," the announcement explained.
Organizations can set up Azure Firewall Basic "in just a few minutes" using Azure Resource Manager (ARM) templates. It even supports "declarative ARM templates" that specify the infrastructure that's required, in accordance with an "infrastructure as code" approach. Azure Firewall Basic gets automatically updated with "threat intelligence and security updates" from Microsoft. IT pros can use Azure Firewall Manager as a centralized policy management solution for the service as well.
Microsoft claims that the Azure Firewall Basic service is a cost-effective product for SMBs. The service involves costs for deployment hours, plus data processing costs billed per gigabyte. Azure Firewall Basic costs can be found at this Microsoft pricing page.
Microsoft also sells Azure Firewall Standard and Azure Firewall Premium plans, and the feature differences between all three plans were illustrated in a table in Microsoft's announcement. The Basic edition lacks the "advanced threat protection capabilities" that are available with the Premium edition, namely threat-intelligence filtering, inbound and outbound TLS termination, a fully managed intrusion detection and prevention system (IDPS), and URL filtering.
Microsoft also distinguishes the three Azure Firewall plans based on throughput needs. Azure Basic Firewall is for SMB organizations needing less than 250Mbps of throughput. The standard plan is for organizations needing a "Layer 3–Layer 7 firewall" and up to 30Gbps of throughput. The Premium plan is for organizations needing to "secure highly sensitive applications, such as payment processing," with support for up to 100Gbps of throughput.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.