You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/partner-solutions/palo-alto/palo-alto-application-gateway.md
+7-8Lines changed: 7 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -17,7 +17,7 @@ This deployment model allows leveraging the Application Gateway's reverse proxy
17
17
Cloud Next-Generation Firewall by Palo Alto Networks - an Azure Native ISV Service is Palo Alto Networks Next-Generation Firewall (NGFW) delivered as a cloud-native service on Azure. You can discover Cloud NGFW in the Azure Marketplace and consume it in your Azure Virtual Networks (VNet) and in the Azure Virtual WAN (vWAN). With Cloud NGFW, you can access the core NGFW capabilities such as App-ID and URL filtering-based technologies. It provides threat prevention and detection through cloud-delivered security services and threat prevention signatures.
18
18
19
19
More details about the Cloud NGFW by Palo Alto Networks - an Azure Native ISV
20
-
Service can be found here: [https://learn.microsoft.com/azure/partner-solutions/palo-alto/palo-alto-overview](https://learn.microsoft.com/azure/partner-solutions/palo-alto/palo-alto-overview)
20
+
Service can be found here: [https://learn.microsoft.com/azure/partner-solutions/palo-alto/palo-alto-overview](/azure/partner-solutions/palo-alto/palo-alto-overview)
21
21
22
22
## Architecture
23
23
@@ -31,8 +31,7 @@ The AppGW also offers Web Application Firewall (WAF) capabilities to look for pa
31
31
32
32
:::image type="content" source="media/palo-alto-app-gw/palo-alto-app-gw.png" alt-text="Diagram shows a high-level architecture with Application Gateway.":::
33
33
34
-
More details about Application Gateway features can be found here: [https://learn.microsoft.com/azure/application-gateway](https://learn.microsoft.com/azure/application-gateway)
35
-
34
+
More details about Application Gateway features can be found here: [https://learn.microsoft.com/azure/application-gateway](/azure/application-gateway)
36
35
37
36
Cloud NGFW for Azure supports two deployment architectures:
38
37
- Hub-and-Spoke VNet
@@ -92,7 +91,7 @@ You can locate the Next Hop IP address of the Cloud NGFW by looking at the effec
92
91
93
92
Azure Rulestack allows configuring the security rules and applying the security profiles right in the Azure Portal or via the API. When implementing the architecture presented above, configure the security rules leverating Palo Alto Network’s patented App-ID, Advanced Threat Prevention, Advanced URL filtering and DNS security [Cloud-Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions) (CDSS).
94
93
95
-
See [Cloud NGFW Native Policy Management using Rulestacks](https://docs.paloaltonetworks.com/cloud-ngfw/azure/cloud-ngfw-for-azure/native-policy-management) for more details.
94
+
See [Cloud NGFW Native Policy Management Using Rulestacks](https://docs.paloaltonetworks.com/cloud-ngfw/azure/cloud-ngfw-for-azure/native-policy-management) for more details.
96
95
97
96
> [!NOTE]
98
97
> Use of X-Forwarded-For (XFF) HTTP header field to enforce security policy is currently not supported with the Azure Rulestack policy management.
@@ -111,7 +110,7 @@ Special considerations need to be applied to the zone-based policies to ensure t
0 commit comments