AI Is Changing Network Security. Tufin Is Leading the Way.

Learn More

Security Policy Management for Microsoft Azure Firewalls, NSGs and NVAs

Incorporate cloud native security controls into your unified security policy management capability with Tufin integrations with Azure. 

Tufin Offers Best-in-Class
Integrations with Azure

With these integrations, you can:

Increase Protection

Better protect your hybrid-cloud environments by enforcing robust security policies

Reduce Risk

Reduce the risk of security incidents and non-compliance, ensuring a strong security posture across your network operations.

Decrease costs

Reduce costs by matching the speed of IT operations to business needs.

Security Policy Management for Microsoft Azure Firewalls, NSGs and NVAs

Microsoft Azure: Driving Innovation and Agility

Microsoft Azure is an open and flexible cloud computing platform. It enables organizations to build, deploy, and manage applications and services through Microsoft’s global network of data centers.

Tufin integrates with Microsoft Azure and supports the Azure Firewall Manager and the Azure Network Security Groups solutions. These integrations address the complexities of cloud management and allows you to strengthen your cloud security policy.

The Benefits of the Tufin-Microsoft Azure Integration

Fully embrace multi-cloud architectures with Tufin’s integration with Microsoft Azure. Leverage Tufin and Azure’s strengths to optimize your security posture, reduce exposure, handle redundancy safely, and get maximum ROI on their cloud investment.

Azure Firewall Manager

Azure Firewall Manager is a security management service providing a central security policy and route management for cloud-based security perimeters.

You can centrally deploy and configure multiple Azure Firewall instances spanning various Azure regions and subscriptions. Additionally, you can track and audit changes to firewall setups and establish and enforce firewall rules across your organization.

It offers security management for two types of network architectures:

  • Secured virtual hubs
  • Hub virtual networks

Hub Virtual Networks

A hub virtual network is a standard virtual Azure network that you create and manage yourself after you associate security policies with it. Hub virtual networks support Azure Firewall Policy.

You can use Azure Firewall Manager to centrally manage Azure Firewall policies across several secured virtual hubs. Central IT teams can create global firewall policies to enforce those rules across teams. Firewall policies authored locally allow for a DevOps self-service model to maximize agility.

Creating Policies and Associations

You can create and manage policies in a variety of ways, including the Azure portal, REST API, templates, Azure PowerShell, CLI and Terraform. In addition, you can migrate existing Classic rules from Azure Firewall using the portal or Azure PowerShell to create policies. Policies can be associate with one or more virtual hubs or VNets, and the firewall can be in any subscription associated with your account, and in any region.

Tufin: Integrating with Azure Firewall Manager for Advanced Security

Tufin is a security-as-a-service provider for Azure Firewall Manager. We provide more protection for your virtual network and your branch internet connections through secured virtual hub deployments.

Azure Network Security Groups

Azure Network Security Groups filter traffic between Azure resources in an Azure virtual network. Network security groups contain rules that allow or deny inbound traffic to or outbound traffic from several types of Azure resources. You can specify the source, destination, port, and protocol for each rule.

NGFW Vendors Deployed as a VM on Azure

Azure Native ISV Services enable you to provision, manage, and tightly integrate independent software vendor (ISV) software and services on Azure.enforcing policy controls over firewalls, switches, Software Defined Networking (SDN), private and public cloud platforms, and Kubernetes, down to any level of segmentation.

FAQs

Innate availability

No load balancers or complicated configuration.

Unrestricted scalability

Scale without restrictions to adjust as network traffic fluctuates.

Application rules

Limit outbound HTTP/S traffic to designated fully qualified domain names (FQDN), inclusive of wild cards.

Network traffic filtering rules

Allow or deny network rules in a central control plane. Filter by IP address, port, and protocol. Easily set up a network rule that allows access to external DNS servers.

Fully stateful

Azure Firewall can distinguish legitimate packets across multiple connection types. Enforce and log rules across your subscriptions and virtual networks.

Inbound and outbound traffic support

Azure Firewall translates outbound virtual network traffic IP addresses into Azure Firewall public IP addresses. Inbound network traffic to your public IP address gets filtered to your virtual network private IP addresses.

Control network access on Azure subnets

Configure a customized chain of firewall rules that enable you to send select traffic through additional processing.

Creating virtual machines

Set up Azure VMs to create a cluster or add it as a node to an existing cluster.

Enhanced cloud security

Use Azure Firewall Premium for advanced threat intelligence and protection, especially for industries subject to intense compliance scrutiny.

Discovering intrusions

Azure Firewall Premium includes a network intrusion detection and prevention system (IDPS) so you can monitor threats and log and blog malicious activity.

URL filtering

Enhance Azure Firewall Standard’s FQDN filtering and consider filtering entire URLs as well as supplementary paths.

Manage rule collections

Work with and adjust rule collection processing. Azure Firewall has three preset rule collection groups:

  • Default DNAT rule groups
  • Default Network rule groups
  • Default application rule groups

Define priority order and create customer rule collection groups to ensure safety across cloud-based services and your Azure application.

Configure SQL database IP firewalls

Set, manage, and adjust server-level firewall rules.

Connect other Azure services

Set up firewall rules across your Azure services to ensure widespread security.

Why Choose Tufin? Let Us Show You.

Schedule a demo and see for yourself.