Azure Virtual WAN and Virtual Firewall

Microsoft have announced 2 major network capabilities for Azure; Azure Virtual WAN and Azure Firewall.

Azure Virtual WAN

The new Virtual WAN service will provide simplified network connectivity and management across hybrid cloud workloads.

With Azure Virtual WAN, you no longer create site-to-site VPNs directly to an individual Azure VNET and instead create it to a central virtual hub Azure resource – which is a Microsoft managed virtual network. Spoke VNETs are then connected to the central virtual hub.

Any vpn capable device can be used on-premises, however using a Azure Virtual WAN partner device means you can get a fully automated experience provisioning the IPSec site-to-site VPN.

Azure Firewall

Azure Firewall will step on the toes of 3rd party Network Virtual Appliances (NVAs), providing a stateful ‘firewall-as-a-service’ managed in Azure directly. As with many other Azure services, unrestricted scalability and high availability is built in – without you being responsible for the underlying operating system.

Azure Firewall will provide an easier way to deploy and manage firewall capabilities in an Azure network and provide a cost effective alternative to NVAs for when centralized management and logging is required. However, the more heavy duty features of NVAs are not yet matched by the Azure Firewall, such as; IDS, IPS, SSL interception, advanced VPN options and more.

More details of Azure Virtual WAN and Virtual Firewall can be found here: https://azure.microsoft.com/en-us/blog/announcing-public-preview-of-azure-virtual-wan-and-azure-firewall/

About the author