New performance and logging capabilities in Azure Firewall
Organizations are speeding up workload migration to Azure to take advantage of the growing set of innovative cloud services, scale, and economic benefits of the public cloud. Applications migration to the cloud consequently increases the network traffic throughput demand. This puts pressure on network elements and more specifically on Azure Firewall which is in the critical path of most network traffic. Currently, Azure Firewall supports 30 Gbps which is sufficient to meet current throughput demands for many of our customers. However, we are seeing some organizations require even more throughput and towards this, we are announcing new Azure Firewall capabilities as well as updates for January 2022:
- Azure Firewall network rule name logging.
- Azure Firewall premium performance boost.
- Performance whitepaper.
Azure Firewall network rule name logging
We have heard your feedback and are happy to announce the rule name availability in the Network logs. Like application rules, network rule name is now available in the logs.
Previously, the event of a network rule hit would show the source, destination IP/port, and the action, allow or deny. With the new functionality, the event logs for network rules will also contain the policy name, Rule Collection Group, Rule Collection, and the rule name hit.
After enabling the feature, the following information will be provided for a network rule hit event in the logs:
Figure 1: Network rule event in the logs after enabling the “network rule name logging” feature.
Note: For Classic Firewalls (those not managed by an Azure Firewall policy), only the rule name will be visible.
To enable the network rule name logging feature, follow the instructions.
Azure Firewall Premium performance boost
As more applications are moved to the cloud, the performance of network elements might become a bottleneck. The firewall as the central piece of any network design needs to be able to support all those workloads. Hence, we are happy to announce that the Azure Firewall Premium performance boost functionality is going to preview to allow more scalability for those deployments.
This feature increases the maximum throughput of the Azure Firewall Premium by more than 300 percent (to 100Gbps). See the performance whitepaper section below for more details.
To enable the Azure Firewall Premium performance boost feature, follow the instructions.
*Make sure to also check out the comprehensive testing done by Andrew Myers for a detailed analysis and as a reference to build your own test environment.
Azure Firewall Performance whitepaper
Reliable firewall performance is essential to operate and protect your virtual networks in Azure. Not only should Azure Firewall handle the current traffic on a network, but it should also be ready for potential traffic growth. To provide customers with a better visibility into the expected performance of Azure Firewall, we are releasing the Azure Firewall Performance documentation.
As we are always working to improve the Azure Firewall service, the metrics highlighted in the document will be updated to reflect the latest performance results you could expect from the Azure Firewall. So, make sure to bookmark the page to stay up to date with the latest information.
Learn more about Azure Firewall
For more information on everything we covered above, see the following documentation:
- Azure Firewall documentation
- Azure Firewall performance documentation
- Azure Firewall preview features
- Azure Firewall logs and metrics
- Azure Firewall FAQ
Source: Azure Blog Feed