Merge pull request #204142 from vhorne/fw-perf-boost

Fw perf boost

Author: v-stsavell

articles/firewall/firewall-performance.md

@@ -5,7 +5,7 @@ services: firewall
 author: vhorne
 ms.service: firewall
 ms.topic: conceptual
-ms.date: 01/24/2022
+ms.date: 07/08/2022
 ms.author: victorh
 ---
 
@@ -30,33 +30,30 @@ Before deploying Azure Firewall, the performance needs to be tested and evaluate
 
 ## Performance data
 
-The following set of performance results demonstrates the maximal Azure Firewall throughput in various use cases. All use cases were measured while Threat intelligence mode was set to alert/deny.
+The following set of performance results demonstrates the maximal Azure Firewall throughput in various use cases. All use cases were measured while Threat intelligence mode was set to alert/deny. Azure Firewall Premium performance boost feature is enabled on all Azure Firewall premium deployments by default.  This feature includes enabling Accelerated Networking on the underlying firewall virtual machines.
 
 
 |Firewall type and use case  |TCP/UDP bandwidth (Gbps)  |HTTP/S bandwidth (Gbps)  |
 |---------|---------|---------|
 |Standard     |30|30|
-|Premium (no TLS/IDPS)     |30|30|
-|Premium with TLS     |-|30|
-|Premium with IDS     |30|30|
+|Premium (no TLS/IDPS)     |30|100|
+|Premium with TLS     |-|100|
+|Premium with IDS     |100|100|
 |Premium with IPS      |10|10|
 
 > [!NOTE]
 > IPS (Intrusion Prevention System) takes place when one or more signatures are configured to *Alert and Deny* mode.
 
-Azure Firewall Premium’s new performance boost functionality is now in public preview and provides you with the following enhancements to the overall firewall performance:
+Azure Firewall also supports the following throughput for single connections:
 
 
-|Firewall use case  |Without performance boost (Gbps)  |With performance boost (Gbps)  |
-|---------|---------|---------|
-|Standard<br>Max bandwidth for single TCP connection     |1.3|-|
-|Premium<br>Max bandwidth for single TCP connection     |2.6|9.5|
-|Premium max bandwidth with TLS/IDS|30|100|
-
-Performance values are calculated with Azure Firewall at full scale and with Premium performance boost enabled. Actual performance may vary depending on your rule complexity and network configuration. These metrics are updated periodically as performance continuously evolves with each release.
-
-To enable the Azure Firewall Premium performance boost, see [Azure Firewall preview features](firewall-preview.md#azure-firewall-premium-performance-boost-preview).
+|Firewall use case  |Throughput (Gbps)|
+|---------|---------|
+|Standard<br>Max bandwidth for single TCP connection     |1.3|
+|Premium<br>Max bandwidth for single TCP connection     |9.5|
+|Premium max bandwidth with TLS/IDS|100|
 
+Performance values are calculated with Azure Firewall at full scale. Actual performance may vary depending on your rule complexity and network configuration. These metrics are updated periodically as performance continuously evolves with each release.
 
 ## Next steps
 

articles/firewall/firewall-preview.md

@@ -5,7 +5,7 @@ services: firewall
 author: vhorne
 ms.service: firewall
 ms.topic: conceptual
-ms.date: 05/25/2022
+ms.date: 07/08/2022
 ms.author: victorh
 ---
 
@@ -57,31 +57,6 @@ Run the following Azure PowerShell command to turn off this feature:
 Unregister-AzProviderFeature -FeatureName AFWEnableNetworkRuleNameLogging -ProviderNamespace Microsoft.Network 
 ```
 
-### Azure Firewall Premium performance boost (preview)
-
-As more applications move to the cloud, the performance of the network elements can become a bottleneck. As the central piece of any network design, the firewall needs to support all the workloads. The Azure Firewall Premium performance boost feature allows more scalability for these deployments.
-
-This feature significantly increases the throughput of Azure Firewall Premium. For more information, see [Azure Firewall performance](firewall-performance.md).
-
-To enable the Azure Firewall Premium Performance boost feature, run the following commands in Azure PowerShell. Stop and start the firewall for the feature to take effect immediately. Otherwise, the firewall/s is updated with the feature within several days. 
-
-The Premium performance boost feature can be enabled on both the [hub virtual network](../firewall-manager/vhubs-and-vnets.md) firewall and the [secured virtual hub](../firewall-manager/vhubs-and-vnets.md) firewall. This feature has no effect on Standard Firewalls.
-
-Run the following Azure PowerShell commands to configure the Azure Firewall Premium performance boost:
-
-```azurepowershell
-Connect-AzAccount
-Select-AzSubscription -Subscription "subscription_id or subscription_name"
-Register-AzProviderFeature -FeatureName AFWEnableAccelnet -ProviderNamespace Microsoft.Network
-Register-AzResourceProvider -ProviderNamespace Microsoft.Network
-```
-
-Run the following Azure PowerShell command to turn off this feature:
-
-```azurepowershell
-Unregister-AzProviderFeature -FeatureName AFWEnableAccelnet -ProviderNamespace Microsoft.Network
-```
-
 ### IDPS Private IP ranges (preview)
 
 In Azure Firewall Premium IDPS, private IP address ranges are used to identify if traffic is inbound, outbound, or internal (East-West). Each signature is applied on specific traffic direction, as indicated in the signature rules table. By default, only ranges defined by IANA RFC 1918 are considered private IP addresses. So traffic sent from a private IP address range to a private IP address range is considered internal. To modify your private IP addresses, you can now easily edit, remove, or add ranges as needed.