Azure Firewall Overview
The Azure Firewall is a cloud‑native, intelligent network security service that protects your Azure Virtual Network resources. It offers stateful packet inspection, high availability, and unrestricted scalability.
Key Features
- Stateful packet filtering
- Network and application‑level threat intelligence
- Fully integrated with Azure Monitor and Log Analytics
- Highly available and zone redundant
- Supports DNAT, SNAT, and FQDN filtering
Architecture
The firewall is deployed in a dedicated subnet called AzureFirewallSubnet. Traffic is routed through the firewall using user‑defined routes (UDRs) or forced tunneling.
VNet
│
├─ AzureFirewallSubnet
│ └─ Azure Firewall
│
├─ Subnet‑1 (App tier)
├─ Subnet‑2 (Data tier)
└─ …Typical Use Cases
| Scenario | Benefit |
|---|---|
| Secure internet egress | Centralized policy enforcement for outbound traffic |
| DMZ protection | Inspect traffic to public‑facing services |
| Hybrid connectivity | Control traffic between on‑premises and Azure via VPN/ExpressRoute |
| Micro‑segmentation | Enforce granular network rules between workloads |
Next Steps
Ready to get started? Follow the deployment guide to provision your first Azure Firewall.