Azure PowerShell Reference

Azure Virtual Network Firewalls Cmdlets

This section provides detailed documentation for Azure PowerShell cmdlets related to Azure Firewall, Azure Firewall Policy, and Network Security Groups (NSGs) for network traffic filtering.

Overview

Azure Firewall is a managed, cloud-based network security service that protects your virtual network resources. It acts as a highly available, cloud-native firewall that integrates with Azure Virtual Network. Firewall cmdlets allow you to configure and manage policies, rules, and network settings.

Featured Cmdlets

Key Concepts

Azure Firewall Rules

Azure Firewall supports three types of rules:

• Network Rules: Control network traffic based on IP address, port, and protocol.
• Application Rules: Control HTTP/S traffic based on FQDN, application, and action.
• NAT Rules: Translate network addresses for inbound and outbound traffic.

Azure Firewall Policies

Firewall policies group rules and provide a central place to manage security configurations for your Azure Firewall instances. This promotes consistency and simplifies management.

Network Security Groups (NSGs)

While Azure Firewall is a dedicated network security service, NSGs can still be used in conjunction with it to provide layer 4 filtering at the subnet or NIC level, offering defense in depth.

Common Scenarios

• Deploying a new Azure Firewall in a virtual network.
• Configuring network and application rules for inbound and outbound traffic.
• Managing NAT rules for port forwarding.
• Creating and applying Firewall Policies to multiple firewalls.
• Integrating Azure Firewall with other Azure services like Virtual WAN.

Related Cmdlet Categories

• Azure Virtual Network Cmdlets
• Azure Network Security Group Cmdlets
• Azure Network Watcher Cmdlets