Azure Firewall Premium has entered into public preview, offering additional capabilities for the managed cloud-based network security service over Firewall Standard.
With the new tier, users will have access to transport layer security (TLS) inspection, which decrypts outbound traffic, performs the required security functions, re-encrypts the traffic and sends it to its destination.
The service also contains a signature-based intrusion detection and prevention system (IDPS) which looks for specific patterns, like byte sequences in network traffic, or malicious intrusion sequences used by malware, to identify attacks.
Additionally, Azure Firewall Premium can filter outbound internet access, ranging from specific URLs to categories like social networking or gambling sites.
The category-based filtering is not exclusive to the premium tier however, as it is also partially available for Azure Firewall Standard, which bases its filtering on on fully qualified domain names (FQDN) only.
In addition, premium-tiered firewalls are also compatible with standard-tiered policies
The service and its features can be used through Firewall Policy, a global resource that can centrally manages firewalls with Azure Firewall Manager — a service the entered general availability last July — or just with Firewall Policy on its own.
In addition to Firewall Policy, Firewall Manager also contains Azure Firewall with Secure Virtual Hub and Azure Firewall Manager with Hub Virtual Network.
With the release of Azure Firewall Premium, Azure is relegating the configuration of the new features to Firewall Policy only. However, the cloud giant claimed Firewalls Rules (Classic) will continue to be supported and will be used for configuring existing features of Standard Firewall.