Azure Firewall Reviews

Basically, our organization is using the solution to inspect the traffic. I'm using the solution as the main defense system prior to de-traffication on the NGX layer (layer seven). Then, of course, we're forwarding to the Kubernetes cluster.

The solution has many useful features. For example, the solution allows users to create virtual IP addresses. 

The solution doesn't offer the same capabilities of Fortinet. It should offer intrusion prevention and advance filtering. These are two very useful features offered on Fortinet that Azure lacks.

There's already a web application firewall for detection, however, it isn't as useful as it could be. They should work to improve it.

In terms of prevention, I don't think it's any better than just a regular firewall. They need to add more security features to make it more powerful and more secure.

I've been using the solution for six months so far. It hasn't been too long.

The stability of the solution is excellent. It hasn't failed. There are no bugs, glitches, or crashes. It's reliable.

Azure uses an on-premises environment. I wouldn't use it for scalability purposes. In terms of scalability, our organization is much more inclined towards Fortinet's Fortigate virtual appliance rather than the Azure Firewall.

We provide services to our clients and help them maintain the product.

However, we have contacted technical support several times. We've submitted tickets and dealt with technical support directly. Occasionally, it takes a long period of time for them to get back to us. It does depend on the severity of the issues. In terms of feedback and output they've provided us, we have been very satisfied. They can just be a little slow.

We use both Azure Firewall and Fortinet solutions, including Fortigate. I personally find that Azure doesn't offer the same capabilities. Fortinet is better.

I'm not sure of the exact pricing, however, I do believe it is less expensive than Fortigate.

For Fortinet, we pay around $5,000 per year. It offers more, however. It, for example, also improves the intrusion detection system. We bought a Fortinet appliance two years ago and Azure Firewall didn't exist at the time.

We're Azure partners and have an enterprise agreement with the company, however, we may be switching. We also have a dedicated Account Manager with the company.

I'd rate the solution seven out of ten. It's missing a few capabilities our organization would really like to see.

We are a technical services company and we are in the data center space. We provide different solutions, including firewalls such as Azure Firewall, to our clients depending on their needs.

We have a large customer base that is global in scope and we provide hosting services as well as managed services. We have solutions deployed in both public cloud and private cloud environments. 

We typically use this solution in the perimeter layer, although we do have some use cases where we handle East-west traffic.

The Layer four features are okay and meet my business needs.

Security is playing a vital role these days, and the layer seven features such as IPS and malware protection are helpful in that regard.

The interface is fair and has not given us any challenges.

This solution is not mature when it comes to handling perimeter traffic like internet browsing. It is lacking in some of the security features. Palo Alto and Fortinet are better for this.

In the next release, I would like to see the inclusion of more next-generation firewall features.

So far, we have not seen any problems with stability.

We are currently exploring the scalability and availability. It has a number of extensions available to increase the bandwidth, throughput, scale-up, and scale-out points.

We have not been in contact with technical support.

We have experience with Palo Alto, Check Point, FortiGate, and Cisco firewalls. Azure Firewall is more scalable than these other solutions.

There are no big challenges when it comes to implementing this solution.

It takes approximately two hours to deploy.

We have a lot of resources in this space, so we take care of the implementation and deployment on our own.

This is a solution that I recommend for internet-facing network traffic.

When it comes to rating this solution, there are two components here. For layer four traffic, I would rate it an eight out of ten. For layer seven traffic, however, I would rate it less.

Overall, I would rate this solution a seven out of ten.

We use the solution for application and server deployment. 

The solution should incorporate features similar to competitors like split tunneling. 

I have been working with the product for five years. 

The product is stable. 

The solution is scalable and doesn't take more than five minutes to scale. 

The product's support is bad. 

Neutral

The product's deployment was straightforward. 

I would rate the product an eight out of ten. 

We're SaaS providers. We use these firewalls to route our traffic from our partner to us.

Among the most valuable features are the

• DDoS protection which protects your virtual machines
• threat intelligence 
• traffic filtering.

If I had to pick one area that needs improvement it would be the antivirus functionality, because it doesn't scan traffic for malware. It needs TLS inspection.

The cloud team in our company has been using Azure Firewall for about two years, but I'm in the security team and I've been using it for a year. We're using the regular version, not the Premium version.

The stability of Azure Firewall is fine. I've never seen it go down.

There may be issues with the scalability, but I haven't tested it yet. When you test it in preview mode it's only around 3 to 3.5 Gbps.

The support from Microsoft is good.

Positive

We started using it because we were new to the cloud and, at that time, we didn't have options. We started using whatever came with Azure. Now that we have started to grow, we have started exploring other options.

We have different business units and each one has one person for deployment and maintenance of the solution.

We have looked at Azure Firewall Premium and at Palo Alto's firewalls.

When we did the comparison we found the regular version of Azure Firewall has limited visibility for IDPS, no TLS inspection, no app ID, no user ID, no content ID, no device ID. There is no antivirus or anti-spyware. Azure Firewall doesn't scan traffic for malware unless it triggers an IDPS signature. There is no sandbox or machine learning functionality, meaning we are not protected from Zero-day threats. There is no DNS security and limited web categories.

We're looking at switching to Palo Alto virtual firewalls, but we want to make sure that what we switch to is compatible with our environment.

Azure Firewall is fine, but it's not suitable for our organization and that's why we have decided to move away from it.

Azure Firewall's feature that I have found most valuable is its scalability.

In terms of what could be improved, it lacks a couple of features which are available in the other marketplace products, but it is stable and it performs most of the basic functions that are expected from a normal firewall.

When we deployed we did not have a centralized management of multiple firewalls. Right now, with Azure Firewall, we cannot have a normal inbound traffic flow. For inbound, Microsoft suggests using application gateways, so the options are very limited. I cannot use this firewall as an intermediate firewall because of the limitations, and I cannot point routing to another firewall. So if I want to use back-to-back firewall architecture in my environment, I cannot use Azure Firewall for that type of configuration either. 

Other features I would like to see are intrusion prevention, URL filtering, category-based URL filtering and other advanced features.

Overall, the configuration can definitely be improved.

In terms of the overall product architecture, if the management and the architecture of the product could support back-to-back firewall architectures so that I could use Azure Firewall in combination with another firewall, that would be one point which would help this product be used more and in a better way.

Again, if the Azure Firewall could be accommodated as a back-to-back firewall, meaning if it could work as a firewall which handles the inbound traffic from the internet, which is an NVA, or a network virtual appliance, and we could reroute the traffic to Azure Firewall, that would be good. But as of now, there is no routing options in Azure Firewall.

I have been using Azure Firewall for eight months.

We are not using the latest version since we deployed it quite some time back.

Azure Firewall is quite stable.

We have thousands of people using it.

Technical support is okay.

Azure Firewall has an easy installation.

I would only recommend Azure Firewall depending on the requirements. If it is an enterprise that has basic requirements and needs to do packet filtering and a certain level of intrusion prevention, so for the level of IP whitelisting, it's a good product.

It is easy to manage and it is scalable.

On a scale of one to ten, I would give Azure Firewall a six because of the configuration issue.

In terms of NAT configuration, the configuration management is one issue. Another issue is intrusion prevention with the NAT configuration and the URL category-based filtering features. The ease of manageability and the ease of configuration of these features could be easier.

I like its order management feature. It doesn't have the kind of threat intelligence that Palo Alto has, but the order management makes it much simpler to know the difference.

The threat intelligence part could be better. I don't see why our customers have to get an additional solution with Azure Firewall. It would be great if they made it on par with Palo Alto.

I have been using Azure Firewall for around six months.

It seems stable, and I haven't had any issues.

We don't have to bother about scalability at all as Microsoft fixes it. It's much simpler and the reason why I like it.

The initial setup is simple. 

I would definitely recommend it.

On a scale from one to ten, I would give Azure Firewall an eight.

High availability is built in, so no additional load balancers are required and there's nothing you need to configure 

Azure Firewall can be configured during deployment to span multiple Availability Zones for increased availability

You can limit outbound HTTP/S traffic or Azure SQL traffic (preview) to a specified list of fully qualified domain names (FQDN) including wild cards. This feature doesn't require TLS termination.

You can centrally create allow or deny network filtering rules by source and destination IP address, port, and protocol. Azure Firewall is fully stateful, so it can distinguish legitimate packets for different types of connections

Threat intelligence  -based filtering can be enabled for your firewall to alert and deny traffic from/to known malicious IP addresses and domains

Inbound Internet network traffic to your firewall public IP address is translated (Destination Network Address Translation) and filtered to the private IP addresses on your virtual networks.

They can improve the pricing of Azure Firewall. 

I have been using this solution for maybe one year. We are a gold partner with Microsoft.

It is stable.

It is scalable. We have around 200 users, and we have around 10 members for maintenance.

It is easy to set up. It took around 1 hour.

Azure Firewall is more expensive. If Microsoft can make Azure Firewall cheaper, I can see that all clients will think of using it.

One client used FortiGate because it is much cheaper. Some clients ask me for Cisco, but in the cloud estimate, I found its cost is the same as Azure Firewall. 

Azure Firewall is the best to use with all Microsoft solutions. I also use Fortinet, Sophos, and Cisco. It's about the client's priority, that is, what they request.

I would recommend Azure Firewall, but it is all about the client's priority and budget. If a client wants to use Azure Firewall, we do that. If the clients wants FortiGate or Sophos, or the cost is higher for the clients to use Azure Firewall, they can move to FortiGate or Sophos. For low budget or low cost, I recommend FortiGate. 

I would rate Azure Firewall an eight out of ten. 

We mostly utilize the solution for effectively controlling the networks.

The ability to provide better control of the traffic is the solution's most valuable aspect.

The solution is stable.

The solution can autoscale.

The initial setup is pretty easy.

Technical support has been good to us so far.

The solution isn't missing features per se.

Azure should be able to work better as a balancer also, instead of just being a firewall. It should have a wider mandate.

There should be more use cases, specifically use cases for domains for, for example, healthcare and specific use cases for web applications.

I've been using the solution for one year.

The stability of the solution is good. We haven't had any issues. It's a managed service.

The solution is autoscalable. It scales based on your deployment and/or based on your loads, due to the fact that it's a managed service. A company that expects to expand shouldn't have a problem scaling with this solution.

We have about 50-100 users on the solution currently. We may increase usage in the future.

We've had some experience with technical support from Azure. We've found them to be quite good and are satisfied with the level of service that's been provided. I would say they ar knowledgeable and responsive to our queries.

Before Azure Firewall, I used to work on a VPN-based firewall. 

The solution doesn't have a complex installation process. It's pretty straightforward to implement. When we went forward with the solution we didn't face any setup issues.

Our initial deployment took about three months, and, now that it's a managed service, we've handed the deployment over to them.

I'm not sure how many staff members we used for deployment and how many handle any maintenance aspects.

While we handled the initial implementation, we get Azure to handle the deployments for us. We didn't use a reseller or a consultant to assist with the deployment.

We're just a customer at this time. We don't have any kind of special business relationship with Azure.

I'm not sure which version of the solution I'm currently using is.

I'd rate the solution seven out of ten overall. It works well for us in terms of controlling traffic and if is stable and can scale, however, there should be more use cases available.