𝐀𝐧𝐧𝐨𝐮𝐧𝐜𝐢𝐧𝐠 𝐧𝐞𝐰 𝐟𝐞𝐚𝐭𝐮𝐫𝐞𝐬 𝐚𝐧𝐝 𝐢𝐦𝐩𝐫𝐨𝐯𝐞𝐦𝐞𝐧𝐭𝐬 𝐢𝐧 𝐀𝐳𝐮𝐫𝐞 𝐅𝐢𝐫𝐞𝐰𝐚𝐥𝐥

➡Flow Trace logs are now generally available.

➡Autoscaling based on the number of connections is now generally available.

➡Parallel IP Group update support is now in public preview.

https://techcommunity.microsoft.com/t5/azure-network-security-blog/announcing-new-monitoring-and-scaling-updates-in-azure-firewall/ba-p/4055166

#azure #firewall #azurefirewall #cloudfirewall #cloudsecurity #network #networksecurity #monitoring #soc #monitoring #azurenetworksecurity #cloudnative

𝗔𝘇𝘂𝗿𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗡𝗲𝘄𝘀: 𝗔𝘇𝘂𝗿𝗲 𝗗𝗗𝗼𝗦 𝗦𝗲𝗻𝘁𝗶𝗻𝗲𝗹 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻 𝗮𝗻𝗱 𝗪𝗔𝗙 𝗣𝗹𝗮𝘆𝗯𝗼𝗼𝗸 𝗜𝗻𝘁𝗲𝗴𝗿𝗮𝘁𝗶𝗼𝗻

Learn how to how to integrate the Azure DDoS Sentinel Solution with the Azure WAF Playbook to enable a powerful automated detection and response system.

With this integration, the Azure DDoS Sentinel Solution and the WAF Playbook work together to prevent attacks with the steps described below:

1️⃣During the first stage of a multi-vector attack campaign, initiated by a malicious actor, the DDoS attack floods the customer’s application, creating chaos and serving as a diversion for the subsequent attack.

2️⃣Upon identifying the DDoS attack, Azure DDoS protection mitigates the attack and generates logs that are transmitted to Microsoft Sentinel.

3️⃣Microsoft Sentinel extracts the source IP addresses of the attackers from the logs and triggers the WAF Playbook.

4️⃣The WAF Playbook adds the attack IP addresses to a custom WAF rule with a block action. Azure WAF becomes ready to mitigate the forthcoming stages of the adversary's attack cycle.

5️⃣Having employed the DDoS attack as a smokescreen, the adversary now attempts to breach the application to take the sensitive data.

6️⃣Azure WAF acts by blocking access from the source IP addresses of the attacker, thereby preventing them from reaching the data.

https://techcommunity.microsoft.com/t5/azure-network-security-blog/enhancing-your-azure-security-azure-ddos-sentinel-solution-and/ba-p/3913420

#azure #azuresecurity #azurenetworksecurity #ddos #azureddos #waf #azurewaf #sentinel #microsoftsentinel #microsoft #soc #automation #soar #siem #playbook #cybersecurity #microsoft #microsoftsecurity #cloudsecurity

Protect Office365 and Windows365 with Azure Firewall

"Traffic from the organization’s network to the required Office 365 endpoints should be managed and secured, which could be a time-consuming ongoing task. With the recent announcement of Azure Firewall integration with Office 365, you can now easily manage this traffic and leverage the firewall’s security features to secure it"

https://techcommunity.microsoft.com/t5/azure-network-security-blog/protect-office365-and-windows365-with-azure-firewall/ba-p/3824533

#azure #office365 #security #network #windows #azurefirewall #microsoftsecurity #microsoft #firewall #network #networksecurity #firewallpolicy #fqdn #cloudsecurity #cloudnetworking #soc #azurenetworksecurity

Policy Analytics for Azure Firewall to help IT teams manage the rules in the Azure Firewall policy over time is now general availabe.

This feature provides critical insights and surfaces recommendations for optimizing Azure Firewall policies to strengthen security posture.

Key capabilities available in the Azure portal include:

- Policy insight panel: Aggregates policy insights and highlights policy recommendations.

- Firewall flow logs: Displays all traffic flowing through the Azure Firewall alongside hit rate and network and application rule match.

- Rule analytics: Displays traffic flows mapped to destination network address translation (DNAT), network, and application rules.

- Single-rule analysis: It analyzes traffic flows matching the selected rule and recommends optimizations based on those observed traffic flows.

https://azure.microsoft.com/en-us/blog/optimize-performance-and-strengthen-security-with-policy-analytics-for-azure-firewall/

#azure #azurefirewall #firewall #cloud #cloudnetworking #azurenetwork #azurenetworksecurity #flow #flowlogs #policyanalytics #microsoft #soc #secops #securityplatform

Azure Firewall enhancements

It offers new logging and metric enhancements designed to increase visibility and provide more insights into traffic processed by the firewall:

o Latency Probe metric: monitor the latency of the firewall.

o Flow Trace Log: ability to monitor and track every packet through the firewall is paramount for identifying packet drops or asymmetric routes.

o Fat Flows Log: industry-known as Fat Flows.

https://azure.microsoft.com/en-us/blog/announcing-azure-firewall-enhancements-for-troubleshooting-network-performance-and-traffic-visibility/

#azure #azurefirewall #firewall #ngfw #cloud #cloudnative #network #networksecurity #microsoft #soc #monitoring #latency #flow #idps #ids #threatintelligence #url #urlfiltering #cloudnetworking #microsoftsecurity #azurenetworksecurity