Azure Firewall

Azure Firewall & Network Security Groups (NSGs) for maximum security of your data

Both solutions provide you with the security your company needs.

Control Traffic

An important security measure when running workloads in Azure or any Cloud service is to control the type of traffic that flows in and out of resources. The resources can be virtual machines running a SQL database, web applications or domain services. In Azure, the two security features that can be used to manage both inbound and outbound traffic to resources are Azure Firewall and Network Security Groups (NSGs).

Azure Monitor Integration

Both solutions are integrated into Azure Monitor for diagnostic logging. You can access some of these logs through the portal. Logs can be sent to Azure Monitor logs, Storage, and Event Hubs and analysed in Azure Monitor logs or by different tools such as Excel and Power BI.

Azure Firewall and NSGs work well together

NSGs and Azure Firewall work very well together and are not mutually exclusive or redundant. You typically want to use NSGs when you are protecting network traffic in or out of a subnet. An example would be a subnet that contains VMs that require RDP access (TCP over 3389) from a Jumpbox. Azure Firewall is the solution for filtering traffic to a VNet from the outside. For this reason, it should be deployed in its own VNet and isolated from other resources. Azure Firewall is a highly available solution that automatically scales based on its workload.

Which should your company go for, Azure Firewall or an NSG?

This is a very popular question with our clients when we evaluate the resources required for an Azure deployment. It comes down to a few factors.

What is your proposed architecture going to look like? RDS, AVD etc

How many VM’s and users will be on the Azure environment?

Azure Firewall and NSGs work well together

Do you need packet inspection?

Do users have access to their own Azure portal?

Do you just need basic traffic filtering at the network layer?

Is there budget constraints?

Typically smaller SMEs with limited budgets and do not have the need for a full Azure Firewall will go for an NSG. And this will work perfectly fine and will cover the security needs alongside other services such as Azure Monitor, Azure Security Center and more.

We're here to support you. Get started today.






    This form collects the data you enter into it. By checking the I AGREE box you consent to us collecting and storing your data, as well as contacting you. For more info on how we manage your data please review our Privacy Policy. You can opt out or change your settings at any time.