Focus
    1. Home
    Cloud NGFW for Azure

    Cloud Next-Generation Firewall by Palo Alto Networks - an Azure Native ISV Service - is Palo Alto Networks Next-Generation Firewall (NGFW) delivered as a cloud-native service on Azure. You can discover Cloud NGFW in the Azure Marketplace and consume it in your Azure Virtual Networks (VNet) and in Azure Virtual WAN (vWAN). With Cloud NGFW, you can access the core NGFW capabilities such as App-ID and URL filtering based technologies. It provides threat prevention and detection through cloud-delivered security services and threat prevention signatures.

    What's New

    July  2025

    Additional Azure Regions

    You can now deploy Cloud NGFW for Azure in the following regions:

    • Spain Central
    • Mexico Central
    • India South

    For more information, see Cloud NGFW for Azure Supported Regions.

    SNAT Port Enhancement

    More SNAT ports are now allocated for each firewall instance. SNAT port allocation will scale based on the front-end IPs configured.

    Get Started

    1. About Cloud NGFW for Azure
    2. Supported Management and Deployment Features
    3. Create a Rulestack on Cloud NGFW for Azure
    4. Create Security Rules on Cloud NGFW for Azure

    Important Resources

    Introducing Cloud NGFW for Azure

    Learn about Cloud NGFW for Azure.

    Getting Started with Cloud NGFW for Azure

    Learn how to get started with Cloud NGFW for Azure.

    Cloud NGFW Credits

    Learn about Cloud NGFW credits.

    Cloud NGFW for Azure SNAT and DNAT

    Learn about SNAT and DNAT deployments.

    © 2025 Palo Alto Networks, Inc. All rights reserved.