We covered the Azure Backup feature a while ago. Today, let’s dive into exciting news about 2 latest features of Azure native Firewall that Microsoft has recently announced:
- Azure Firewall Threat intelligence based filtering: this feature of Azure Firewall supports Microsoft Threat Intelligence and provides threat intelligence based filtering. It logs all matching indicators. With the Microsoft Intelligent security graph, it facilitates Azure Security Center and Azure Sentinel. It makes firewall management easier.
- Azure native Firewall Service tags filtering: Service tags confines a group of IP address prefixes to specific services like Azure Key Vault, SQL Azure, and Azure Service Bus. These service tags can be used in destination filed in network rules. A few more tags include AzureConnectors, AzureCosmosDB, MicrosoftContainerRegistry, and AppService. A whole list of tags along with their details is available on Microsoft Docs.
With such features, Azure native Firewall continues to stay a strong entity in providing native firewall-as-a-service which provides rules for application level filtering and network level filtering.
Software Defined Network (SDN)
Hyper-V Network Virtualization using Network Virtualization Generic Routing Encapsulation (NVGRE)
Hyper-V Network virtualization provides a capability, in which multiple virtual networks (with overlapping IP addresses) run on the same physical network infrastructure and each virtual network operates and isolated from each other.
CA ==> PA (Mapping)
Customer Address : CA (Virtual Machine IP)
Provider Address : PA (Hyper-V Host IP)
Microsoft Hyper-V Network Virtualization virtualizes the VM networks by connecting each VM IP address (CA) with a corresponding physical IP address (PA) used on the actual packets on the wire.
Each VM packet is transformed (rewritten/encapsulated) from a CA packet to PA packet before the packet is actually transmitted onto the physical network, and is transformed back with matching rules from PA packet to CA packet before the packet is sent back to the destination virtual machine.
SDN/Network virtualization module operates on the packets based on the virtualization policy rules provisioned from management servers such as (SCVMM) OR Using PowerShell Scripts.