Azure Firewall Reviews

We have multiple applications that are deployed on Microsoft Azure. Azure Firewall helps us to prevent any vulnerabilities or security issues and block attacks.

It has given us peace of mind because our applications run smoothly without any data problems.

I like that this solution is secure and reliable.

Azure Firewall should have a free trial version for new users so that they can evaluate it before deploying it.

We have used it for more than three years.

Our customer applications run on the hybrid cloud, and we have some applications that run on the public cloud.

Azure Firewall is completely stable, and you can easily integrate it with your existing applications. We have not had any issues with it. You just need to configure all of the application settings. Since it is a fully managed service, Microsoft will handle future upgrades.

It is scalable according to your application requirements.

We have more than 1000 users, mainly in India.

Microsoft's technical support staff are knowledgeable and professional. I would rate them at nine out of ten.

Positive

Before using Azure Firewall, we used on-premises applications and Microsoft Firewall.

The initial setup is straightforward; Azure Firewall does not have a complex implementation process. It is very simple; you just need to enable the service within Azure.

It does not require any maintenance because it is managed by Microsoft, that is, it is a fully managed service.

Microsoft helped us with the initial setup, and we had good interactions with their team. The team on our end consisted of seven members, including those from DevOps, infrastructure, and application teams.

The pricing should be competitive. If you compare Azure's pricing to that of security solutions from AWS or GCP, theirs is much more competitive. Azure Firewall should also have similar competitive prices so that it is accessible to small- and medium-sized organizations.

If you are using Microsoft Azure and your applications are running on the Azure platform, I highly recommend using Azure Firewall for protection. On a scale from one to ten, I would rate it at nine.

We are currently working with Microsoft, trying to develop a new solution which is based on VeloCloud. It's an SD-WAN solution. This product has not been launched in China yet and we still have some work to do. I'm the company owner and five of my team use Azure Firewall. It's a startup team and I work with Microsoft directly.  

The most valuable features of the product are its great security and connectivity. 

The interface could be improved, it's not very user friendly. They are now trying to compete with a new Chinese domestic public cloud provider which has more features. It's difficult to find the ports on the current interface, but it's easier with this new provider. 

We're looking to provide a better routing, or something like an SD-WAN solution that can improve the user experience. I think that's something Azure can do as an additional feature. There are five Azure clouds: Two belong to the US government and one is worldwide. Then there is Germany Azure and China Azure. China Azure is barely able to communicate with the rest of the world, and that connectivity issue needs to be looked at in detail and a solution found.

I've been using this product for three years. It's an online platform so you're always getting the latest version. 

It's a stable product. I've recently spent a lot of time on Palo Alto Firewalls and compared to that I would say that Azure Firewall is still a better firewall. They provide more and more features like SD-WAN or the cloud standard box feature.

I'm satisfied with the technical support overall. I generally chat with the Microsoft team on the phone. 

I'm still using Palo Alto, Cisco ASA, Fortinet, Check Point and Juniper. Basically I use all of them. For small businesses with one standard, though, I would recommend Azure Firewalls. It's quite simple and easy to implement the whole security policy. For medium and large enterprise companies, however, they already have their on-premise firewall devices implemented. Users are trying to centralize their firewall security management and they prefer it to using virtualized firewalls like Checkpoint Virtual Firewall or Fortinet Virtual Firewall. That way, they can leverage their user technology capability, and try using a single interface to manage those devices. 

From the virtual machine perspective, it's quite easy to set up. You can choose the image file from the public market, and then you can setup. However, the account, the Microsoft Azure identity, the whole creation process was very complex and it is not that user friendly. Users usually use their Azure ID, as well as sometimes providing the live ID. That's a second ID, and it confuses people.

The network firewall is a complex project, you have to review all the requirements. It's possible that sometimes the Azure Firewall won't be able to support some things because they customize their applications and they may not meet with the Azure Firewall's features. Each user has unique requirements on shaping or manipulating network traffic. I wouldn't recommend any product without doing the research.

I would rate this product an eight out of 10.

I've been using Azure Firewall for one or two customers in the UAE to protect against security threats. It protects the Azure infrastructure and PaaS, applications, network, and ports. It's the same as the things we configure with other firewalls.

With Azure firewall, I can extend the security posture from 67 percent to between 75 and 80 percent.

The security of Azure Firewall is okay for smaller and medium-sized organizations. It has been integrated with the virtual WAN, which is a good way to protect multi branches for connection either through ExpressRoute or VPN.

The dashboard is fine because it's simple and easy to use. For junior admins who are joining an organization and want to learn something, Azure Firewall is the best way to go, as it gives them all the flexibility. It's not so customized. Whereas with Palo Alto, for example, you have to understand firewalls, and the security aspects, in a more in-depth way. Azure Firewall is easy.

It is easy for me to protect specific ports or even the IP addresses, as well as do whitelisting, blacklisting, and the FQDN when we want virtual machines connected and to protect certain websites. There are many features which are good enough.

Also, the documentation is awesome, no doubt about it. 

For large organizations, a third-party firewall would be an added advantage, because it would have more advanced features, things that are not in Azure Firewall.

I have been using Azure Firewall for almost three years.

It's absolutely stable because it's Azure. It has the redundancy and the resilience of the Azure Infrastructure Services. I don't think there is downtime with this kind of service. It probably has 99.95 percent uptime.

It should be scalable. That has to do with the backend and Azure takes care of all of that. We have 300 to 400 users.

We have an Enterprise Agreement and that means Microsoft support would answer any calls within half an hour's time, max. They get in touch with us if there is anything that is crucial. It is based on the severity when we create the request.

A Microsoft Enterprise Agreement is the best. I worked on many problems and issues when I was working for a government organization that had an Enterprise Agreement, and I used to get calls immediately. The issues would be resolved within half a day or, at the maximum, one day.

Positive

I haven't worked with other firewalls.

The initial setup is straightforward. There is nothing complex about it. Within 20 minutes, you have the firewall up and running.

Two or three people are sufficient for deployment and maintenance in a small organization. One should be at least a SOC analyst who understands security, and one could be an Azure admin with good knowledge of the Azure infrastructure, PaaS, and security aspects.

Azure Firewall comes with Azure native services. We did not buy any kind of license for it. Whether you have a free subscription or a pay-as-you-go model, you can deploy the Azure Firewall service. For any type of third-party service, like Palo Alto, or Fortinet, or Check Point, we would need to buy a subscription or licenses based on the users, but here it comes with the tenant when you purchase it. You are not going to spend extra money on it. The amount that you use will determine how much you pay.

The pricing of Azure, compared to third-party vendors, is good because it's Azure-native. It's affordable.

It's a common firewall. I haven't faced any issues or problems with it. In Azure services itself, there are other security implementations provided, to do with DDoS protection on the networks. There are certain firewall rules as well and things that we can deploy at the subnet level and on the NIC level. Along with Azure Firewall, other security services have been implemented. It's okay for small and medium-sized organizations that cannot afford to buy a third-party vendor or security appliances to protect their perimeter. Azure Firewall should suffice for them.

Also, as cloud administrators or architects, we are the ones who take care of the protection. As long the end-user is connected with the application, they're fine. To them, it doesn't matter whether we're using Azure Firewall or a third-party appliance. They don't know what is going on at the infrastructure level. They just want the application and the performance to be good.

For small and medium-sized organizations that are not ready to invest in a third-party firewall, and clients who are not so concerned about data security, Azure Firewall is the best solution. If a company needs more protection of, say, their email service, they could go with Proofpoint, an IaaS, or PaaS. For one of our large organizations, where they have financial services and a retail business, they went for a third-party solution along with Azure Firewall.

Overall, I would rate Azure firewall at eight out of 10. There are many advanced features in the other firewalls that are not available in Azure.

We use Azure Firewall to protect customer workloads. 

Azure Firewall is a cloud-native solution that removes the pain of load balancers. 

The tool needs to improve the onboarding and transition process for on-prem users. 

I have been using the product for three years. 

The tool's stability is great. 

The solution's scalability is great. 

Microsoft's support is quick.

Positive

The tool's deployment is straightforward. 

We did the deployment internally. 

Azure Firewall is expensive. 

Azure Firewall has helped us save 30 percent of the time. We don't require time for designing architecture and support. It frees up time and helps me focus on other tasks. 

The product has helped us save a decent amount of money. I rate it an eight out of ten. 

Currently, in the team I am working on, we are not using AWS. I used to work with it, but now I am focusing on Microsoft Azure. We have two teams in our company, one focusing on infrastructure on Azure and the other on AWS. Previously, one of my assignments required looking into security tools for AWS to get an idea of what can be used.

I like that you can deploy the policies separately from the firewall. The management capabilities in this aspect are helpful for me. We do not use the version with security features like IDS and IPS as it proved expensive, and we did not get approval for the full-featured firewall.

One thing that would help engineers adopt it better is the documentation. It is lacking and scattered across various locations. You have multiple pages open, which can be confusing. I mostly relied on third-party YouTube videos for understanding. Improvement in reporting and better visibility into network traffic would also be beneficial.

I have been using the solution for six months.

I find the solution to be very stable, and would rate it a ten out of ten in terms of stability.

I have had no problems with scalability, as we have not yet hit any limits related to high traffic volumes. Based on my experience, I would rate it nine out of ten for scalability.

There has been no need to contact technical support, so I cannot comment on customer service.

Positive

We used Cisco, specifically Cisco FTD Defense, before switching to Azure. We moved to the cloud primarily, and in the cloud, we preferred to use Microsoft technologies because they integrate well with each other. Although there is the possibility to use Cisco VM in the cloud, we preferred the service solution from Microsoft. Additionally, I was not very satisfied with Cisco FTD.

The initial setup was smooth, with no severe challenges. The deployment itself took a few hours. Configuration, however, took longer due to the involvement of several teams and other factors.

There were three engineers, including myself, involved in the installation and configuration process.

Azure Firewall is an expensive solution. On a scale from one to ten, where one is not affordable, I would rate the price as a three. If you want to use additional security features like IDS functionality, you have to pay extra, which increases the cost significantly.

I would recommend Azure Firewall based on the specific needs and cloud architecture of the organization. We plan to use it in another project soon. 

Overall, I would give it an eight out of ten.

We mostly use it as part of a hybrid cloud solution. For example, for a client with on-premises and cloud solutions, our recommendation is that Azure Firewall be used.

All its features are good. That's why we recommend it.

In terms of features, it is great, but it has fewer features than you can get from other firewalls, like anti-spam and anti-phishing. Those kinds of things are not included. It only includes IDS and IDB.

I have used it for projects over the last 12 months.

It is stable.

It is scalable. 

The price is okay. Microsoft even gives a discount nowadays.

It needs more features so that it is comparable to Fortigate and other companies.

I would advise people who are interested in Azure Firewall to find the people who can implement it, because not everyone is able to do everything in the proper way. Some people will go ahead and do the configuration but it's not the right configuration. The client will start to have issues and will start to complain about the product. But the problem is not the product, it's the implementation itself. The person who did it wasn't knowledgeable enough.

We use the solution for application and server deployment. 

The solution should incorporate features similar to competitors like split tunneling. 

I have been working with the product for five years. 

The product is stable. 

The solution is scalable and doesn't take more than five minutes to scale. 

The product's support is bad. 

Neutral

The product's deployment was straightforward. 

I would rate the product an eight out of ten.