Azure Virtual WAN introduces its first SaaS providing | Azure Blog

By
Ztec 100
-
0
438
Azure Virtual WAN introduces its first SaaS providing | Azure Blog


Today we’re excited to announce the preview of Palo Alto Networks Cloud Next Generation Firewall (NGFW) for Azure, obtainable as a software program as a service (SaaS) providing in Azure Virtual WAN. Azure Virtual WAN (vWAN), networking as a service brings networking, safety, and routing functionalities collectively to simplify networking in Azure. With ease of use and ease inbuilt, vWAN is a one-stop store to attach, shield, route visitors, and monitor your broad space community.

Virtual WAN’s deep integration with the Palo Alto Networks managed firewall service means that you can benefit from the simplicity of a SaaS safety providing with out the hassles of managing provisioning, scaling, resiliency, software program updates, or routing. A SaaS mannequin allows a buyer to deploy an answer by merely supplying crucial parameters and abstracting themselves from the administration of community digital home equipment.

In this weblog, we are going to give attention to the use case, adopted by a quick overview of the behind-the-scenes secret sauce that makes it occur, after which understanding key Palo Alto Networks differentiating options.

The use case

Customers of Azure Virtual WAN can now use Palo Alto Networks Cloud NGFW for Azure to safe their visitors by way of their Virtual WAN deployments. Today, prospects with digital hubs throughout the globe can select to guard their visitors destined to on-premises, by deploying an Azure Firewall or a third-party community digital equipment (NVA). Customers now have the extra capability to have the ability to deploy Palo Alto Networks Cloud NGFW as a SaaS resolution and safe any potential visitors flows of their vWAN deployment.

The completely different visitors flows which are supported by a buyer’s vWAN deployment are illustrated beneath. Flows are numbered within the desk beneath with the next assumptions:

  • ‘B’ stands for a Branch which is a buyer’s on-premises community linked to Azure by way of ExpressRoute circuits, Branch/Site-to-site VPN, or Remote consumer/Point-to-site connections.
  • ‘V’ stands for VNet—Azure Virtual networks internet hosting buyer companies and linked to a Virtual WAN hub. It may be known as spoke VNet.
  • ‘I’ stands for web, which suggests the client visitors that originates from or terminates within the web and traverses by way of Azure Virtual WAN.
  • ‘H’ stands for Azure Virtual hub.
  • Traffic flows throughout a single hub are visitors flows originating and terminating on endpoints linked to the identical digital hub. These may be known as Intra-hub flows.
  • Inter-hub flows are visitors flows that traverse throughout 2 digital hubs to get to the vacation spot.
Azure Virtual WAN introduces its first SaaS providing | Azure Blog
Figure 1: Supported use case and visitors flows in Azure Virtual WAN with Palo Alto Networks Cloud NGFW.

VWAN Palo Alto Table

User expertise

Customers can add Palo Alto Networks Cloud NGFW to an Azure Virtual WAN Hub within the Azure portal. After a hub is created, click on on the hub title and navigate to Third-party Providers -> SaaS options –> Create SaaS and select the Palo Alto Networks Cloud NGFW choice.

Discover Palo Alto Cloud NGFW by navigating to your Virtual Hub and selecting SaaS solutions under Third party providers. Select Create SaaS to begin deploying Cloud NGFW.
Figure 2: Discover Palo Alto Networks Cloud NGFW.

After clicking “Create”, you’ll be taken to a wizard expertise the place you possibly can configure and customise your Cloud NGFW SaaS deployment. You can customise key networking and safety attributes of your SaaS reminiscent of choosing public Ips, DNS proxy settings, safety insurance policies, and safety settings.

Creating and setting up security and networking settings for Cloud NGFW. Configurable Networking options include creating or specifying Public IP addresses assigned to the Cloud NGFW.
Figure 3: Create and arrange safety settings in Palo Alto Networks Cloud NGFW.

After the Cloud NGFW has been efficiently provisioned, you possibly can handle your SaaS Firewall by navigating to your Virtual Hub -> Third-party suppliers -> SaaS options -> Manage SaaS. Explore right here for extra data on obtainable choices.

How does this all work inside Virtual WAN

As talked about within the prior part, Virtual WAN helps a number of flows. To illustrate the behind-the-scenes workings in Virtual WAN, we are going to use East-West (V2V) visitors flows.

Traffic flows within Virtual WAN for East-West (Virtual Network) traffic inspected by Palo Alto Cloud NGFW. Azure software-defined networking platform uses elastic-NIC to route packets between the Virtual WAN hub and Firewall service VM’s in the Palo Alto subscription.
Figure 4: Traffic flows inside Virtual WAN for East-West (V2V) visitors to-fro Palo Alto Networks Cloud NGFW.

As you possibly can see, the complexities of visitors engineering, and infrastructure administration are utterly eliminated and the consumer will get to only give attention to securing the appropriate safety insurance policies for his or her community visitors.

Key highlights of the Palo Alto Networks Cloud NGFW for Azure integration with Virtual WAN

Palo Alto Networks Cloud NGFW for Azure integrates with Azure Virtual WAN deployments, enabling prospects to guard visitors throughout their total community. While there are a number of cool and turn-key options constructed into the mixing, just a few which are value calling out are beneath:

  • Machine studying powered NGFW: Cloud NGFW for Azure makes use of AI and machine studying to detect and cease identified, unknown, and zero-day threats, enabling prospects to remain forward of subtle adversaries.
  • Consistent Security and Management from On-Premises to Azure: Cloud NGFW for Azure is built-in with Panorama, Palo Alto Networks coverage administration resolution. The integration of Panorama with Cloud NGFW for Azure affords a bunch of advantages to prospects. Firstly, it allows seamless safety coverage extension from on-prem to Azure, simplifying operations and decreasing administrative workload and complete price of possession. More importantly, this integration enforces the identical excessive requirements of safety within the cloud, guaranteeing that prospects’ cloud environments are safe and guarded towards cyber threats. Additionally, the mixing supplies centralized visibility, offering invaluable insights into the threats on their community enabling prospects to handle their safety insurance policies by way of their present Panorama console, streamlining administration, permitting their cloud groups to give attention to utility migration and new utility growth.
  • Ease of use: Palo Alto Networks Cloud NGFW is designed to be extremely simple to make use of. Similar to Virtual WAN product ideas for simplicity and ease of use, this Palo Alto Networks built-in resolution permits prospects to acquire and deploy the answer straight from the Azure portal in just some minutes, offering on the spot safety towards cyber threats. The resolution can also be painless to function as Palo Alto Networks takes care of scaling, resilience, and software program updates. This integration provides prospects the agility and suppleness they should handle their cloud safety whereas specializing in their core enterprise aims.

We need your suggestions

We look ahead to persevering with to construct out Azure Virtual WAN and including extra capabilities sooner or later. We encourage you to check out Azure Virtual WAN and the Palo Alto Networks Cloud NGFW SaaS and look ahead to listening to extra about your experiences to include your suggestions into the product.

Learn extra

For extra data, please discover these assets:



LEAVE A REPLY

Please enter your comment!
Please enter your name here