You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/firewall/deploy-firewall-basic-portal-policy.md
+7-4Lines changed: 7 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -17,16 +17,19 @@ ms.custom: mvc
17
17
> Azure Firewall Basic is currently in PREVIEW.
18
18
> See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
19
19
20
-
Controlling outbound network access is an important part of an overall network security plan. For example, you may want to limit access to web sites. Or, you may want to limit the outbound IP addresses and ports that can be accessed.
20
+
Azure Firewall Basic provides the essential protection SMB customers need at an affordable price point. This solution is recommended for SMB customer environments with less than 250 Mbps throughput requirements. It is recommended to deploy the [Standard SKU](tutorial-firewall-deploy-portal-policy.md) for environments with more than 250 Mbps throughput requirements and the [Premium SKU](premium-portal.md) for advanced threat protection.
21
21
22
-
One way you can control outbound network access from an Azure subnet is with Azure Firewall and Firewall Policy. With Azure Firewall and Firewall Policy, you can configure:
22
+
Filtering network and application traffic is an important part of an overall network security plan. For example, you may want to limit access to web sites. Or, you may want to limit the outbound IP addresses and ports that can be accessed.
23
+
24
+
One way you can control both inbound and outbound network access from an Azure subnet is with Azure Firewall and Firewall Policy. With Azure Firewall and Firewall Policy, you can configure:
23
25
24
26
* Application rules that define fully qualified domain names (FQDNs) that can be accessed from a subnet.
25
27
* Network rules that define source address, protocol, destination port, and destination address.
28
+
* DNAT rules to translate and filter inbound Internet traffic to your subnets.
26
29
27
30
Network traffic is subjected to the configured firewall rules when you route your network traffic to the firewall as the subnet default gateway.
28
31
29
-
For this how-to, you create a simplified single VNet with three subnets for easy deployment. The Firewall Basic Preview is deployed in forced tunnelling mode to allow for traffic throughput control.
32
+
For this how-to, you create a simplified single VNet with three subnets for easy deployment. The Firewall Basic Preview has a mandatory requirement to be configured with a management NIC.
30
33
31
34
***AzureFirewallSubnet** - the firewall is in this subnet.
32
35
***AzureFirewallManagementSubnet** - for service management traffic.
@@ -53,7 +56,7 @@ If you don't have an Azure subscription, create a [free account](https://azure.m
53
56
54
57
### Enable Firewall Basic
55
58
56
-
For the preview, you must enable Firewall Basic before you begin.
59
+
For the preview, you must enable the Firewall Basic feature on your subscription.
Copy file name to clipboardExpand all lines: articles/firewall/overview.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -45,14 +45,14 @@ To learn about Firewall Premium features, see [Azure Firewall Premium features](
45
45
> Azure Firewall Basic is currently in PREVIEW.
46
46
> See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
47
47
48
-
Azure Firewall Basic is intended mainly for small and medium size companies who need to secure their cloud
49
-
environment. It provides the essential protection they need at an affordable price point.
48
+
Azure Firewall Basic is intended for small and medium size (SMB) customers to secure their Azure cloud
49
+
environments. It provides the essential protection SMB customers need at an affordable price point.
50
50
51
-
Firewall Basic is similar to Firewall Standard, but has the following limitations:
51
+
Azure Firewall Basic is similar to Firewall Standard, but has the following limitations:
52
52
53
-
- Supports *alert mode* only.
54
-
- Fixed support to run the service on two virtual machines.
55
-
-Support for approximately 250-500 Mbps throughput for public preview. This may increase for feature general availability (GA).
53
+
- Supports Threat Intel *alert mode* only.
54
+
- Fixed scale unit to run the service on two virtual machine backend instances.
55
+
-Recommended for environments with maximum throughput of 250 Mbps. The throughput may increase for feature general availability (GA).
56
56
57
57
To deploy a Basic Firewall, see [Deploy and configure Azure Firewall Basic (preview) and policy using the Azure portal](deploy-firewall-basic-portal-policy.md).
0 commit comments