Microsoft has rolled out a few neat improvements to Azure Firewall, its firewall-as-a-service security offering for organizations using Azure virtual machines.
The service became generally available back in September, and uses filtering rules for things like source and destination IP address, port and protocol. These are used to protect Azure virtual network resources, as the company details.
Anyway, we have some powerful new capabilities for the platform.
In a Monday announcement, the Redmond based company confirmed that it has added new capability to Azure Firewall. It can now screen network traffic based on malicious IP addresses and domains.
These are assessed by feeds from the Microsoft Threat Intelligence service — which is a service that is powered by signals from the Microsoft Intelligent Security Graph, as well as assessments by security researchers.
The cloud giant has now turned on its Threat Intelligence service feeds by default for all Azure Firewall deployments, though obviously IT pros can adjust its behavior as they see fit.
Azure Firewall is integrated with Azure Monitor, Microsoft’s management solution. Consequently, the added Microsoft Threat Intelligence information can be viewed in Azure Monitor dashboards, showing things like compromised virtual machines and blocked port scans.
You can find out the complete details at the link above.