Azure Digital WAN introduces its first SaaS providing | Azure Weblog and Updates

Immediately we’re excited to announce the preview of Palo Alto Networks Cloud Subsequent Era Firewall (NGFW) for Azure, out there as a software program as a service (SaaS) providing in Azure Digital WAN. Azure Digital WAN (vWAN), networking as a service brings networking, safety, and routing functionalities collectively to simplify networking in Azure. With ease of use and ease in-built, vWAN is a one-stop store to attach, shield, route site visitors, and monitor your broad space community.

Digital WAN’s deep integration with the Palo Alto Networks managed firewall service means that you can benefit from the simplicity of a SaaS safety providing with out the hassles of managing provisioning, scaling, resiliency, software program updates, or routing. A SaaS mannequin permits a buyer to deploy an answer by merely supplying mandatory parameters and abstracting themselves from the administration of community digital home equipment.

On this weblog, we are going to concentrate on the use case, adopted by a quick overview of the behind-the-scenes secret sauce that makes it occur, after which understanding key Palo Alto Networks differentiating options.

The use case

Prospects of Azure Digital WAN can now use Palo Alto Networks Cloud NGFW for Azure to safe their site visitors by their Digital WAN deployments. Immediately, clients with digital hubs throughout the globe can select to guard their site visitors destined to on-premises, by deploying an Azure Firewall or a third-party community digital equipment (NVA). Prospects now have the extra means to have the ability to deploy Palo Alto Networks Cloud NGFW as a SaaS resolution and safe any attainable site visitors flows of their vWAN deployment.

The completely different site visitors flows which can be supported by a buyer’s vWAN deployment are illustrated under. Flows are numbered within the desk under with the next assumptions:

  • ‘B’ stands for a Department which is a buyer’s on-premises community related to Azure by ExpressRoute circuits, Department/Website-to-site VPN, or Distant person/Level-to-site connections.
  • ‘V’ stands for VNet—Azure Digital networks internet hosting buyer companies and related to a Digital WAN hub. It could even be known as spoke VNet.
  • ‘I’ stands for web, which suggests the shopper site visitors that originates from or terminates within the web and traverses by Azure Digital WAN.
  • ‘H’ stands for Azure Digital hub.
  • Visitors flows throughout a single hub are site visitors flows originating and terminating on endpoints related to the identical digital hub. These may be known as Intra-hub flows.
  • Inter-hub flows are site visitors flows that traverse throughout 2 digital hubs to get to the vacation spot.
Supported use cases and traffic flows in Azure Virtual WAN with Palo Alto NGFW include East-West traffic inspection, North-South traffic inspection, Internet outbound and Internet inbound/Destination-NAT.

Determine 1: Supported use case and site visitors flows in Azure Digital WAN with Palo Alto Networks Cloud NGFW.

VWAN Palo Alto Table

Consumer expertise

Prospects can add Palo Alto Networks Cloud NGFW to an Azure Digital WAN Hub within the Azure portal. After a hub is created, click on on the hub title and navigate to Third-party Suppliers -> SaaS options –> Create SaaS and select the Palo Alto Networks Cloud NGFW choice.

Discover Palo Alto Cloud NGFW by navigating to your Virtual Hub and selecting SaaS solutions under Third party providers. Select Create SaaS to begin deploying Cloud NGFW.
Determine 2: Uncover Palo Alto Networks Cloud NGFW.

After clicking “Create”, you’ll be taken to a wizard expertise the place you possibly can configure and customise your Cloud NGFW SaaS deployment. You possibly can customise key networking and safety attributes of your SaaS reminiscent of deciding on public Ips, DNS proxy settings, safety insurance policies, and safety settings.

Creating and setting up security and networking settings for Cloud NGFW. Configurable Networking options include creating or specifying Public IP addresses assigned to the Cloud NGFW.
Determine 3: Create and arrange safety settings in Palo Alto Networks Cloud NGFW.

After the Cloud NGFW has been efficiently provisioned, you possibly can handle your SaaS Firewall by navigating to your Digital Hub -> Third-party suppliers -> SaaS options -> Handle SaaS. Discover right here for extra info on out there choices.

How does this all work inside Digital WAN

As talked about within the prior part, Digital WAN helps a number of flows. For example the behind-the-scenes workings in Digital WAN, we are going to use East-West (V2V) site visitors flows.

Traffic flows within Virtual WAN for East-West (Virtual Network) traffic inspected by Palo Alto Cloud NGFW. Azure software-defined networking platform uses elastic-NIC to route packets between the Virtual WAN hub and Firewall service VM’s in the Palo Alto subscription.
Determine 4: Visitors flows inside Digital WAN for East-West (V2V) site visitors to-fro Palo Alto Networks Cloud NGFW.

As you possibly can see, the complexities of site visitors engineering, and infrastructure administration are fully eliminated and the person will get to simply concentrate on securing the suitable safety insurance policies for his or her community site visitors.

Key highlights of the Palo Alto Networks Cloud NGFW for Azure integration with Digital WAN

Palo Alto Networks Cloud NGFW for Azure integrates with Azure Digital WAN deployments, enabling clients to guard site visitors throughout their whole community. Whereas there are a number of cool and turn-key options constructed into the combination, a couple of which can be value calling out are under:

  • Machine studying powered NGFW: Cloud NGFW for Azure makes use of AI and machine studying to detect and cease identified, unknown, and zero-day threats, enabling clients to remain forward of subtle adversaries.
  • Constant Safety and Administration from On-Premises to Azure: Cloud NGFW for Azure is built-in with Panorama, Palo Alto Networks coverage administration resolution. The mixing of Panorama with Cloud NGFW for Azure provides a bunch of advantages to clients. Firstly, it permits seamless safety coverage extension from on-prem to Azure, simplifying operations and decreasing administrative workload and complete price of possession. Extra importantly, this integration enforces the identical excessive requirements of safety within the cloud, guaranteeing that clients’ cloud environments are safe and guarded towards cyber threats. Moreover, the combination gives centralized visibility, offering priceless insights into the threats on their community enabling clients to handle their safety insurance policies by their present Panorama console, streamlining administration, permitting their cloud groups to concentrate on software migration and new software improvement.
  • Ease of use: Palo Alto Networks Cloud NGFW is designed to be extremely simple to make use of. Much like Digital WAN product ideas for simplicity and ease of use, this Palo Alto Networks built-in resolution permits clients to acquire and deploy the answer immediately from the Azure portal in only a few minutes, offering immediate safety towards cyber threats. The answer can be painless to function as Palo Alto Networks takes care of scaling, resilience, and software program updates. This integration provides clients the agility and adaptability they should handle their cloud safety whereas specializing in their core enterprise targets.

We would like your suggestions

We look ahead to persevering with to construct out Azure Digital WAN and including extra capabilities sooner or later. We encourage you to check out Azure Digital WAN and the Palo Alto Networks Cloud NGFW SaaS and look ahead to listening to extra about your experiences to include your suggestions into the product.

Be taught extra

For added info, please discover these sources:

Related Articles


Please enter your comment!
Please enter your name here

Latest Articles