Protect Traffic with Cloud NGFW for Azure
Focus
Focus
Cloud NGFW for Azure

Protect Traffic with Cloud NGFW for Azure

Table of Contents

Protect Traffic with Cloud NGFW for Azure

Learn how to protect your Cloud NGFW for Azure resource.
Where Can I Use This?What Do I Need?
  • Cloud NGFW for Azure
  • Cloud NGFW subscription
  • Palo Alto Networks Customer Support Portal account
  • Azure Marketplace subscription
Cloud NGFW provides various types of protection and policy management options:
  • Cloud-Delivered Security Services (CDSSS). Palo Alto Networks suite of Cloud-Delivered Security Services (CDSS) provide access to specialized subscription-based security solutions, designed specifically to defend against known, unknown, and advanced evasive threats. The threat data that is generated through advanced analysis is shared across the Palo Alto Networks security platforms to provide complete coverage across all threat vectors. For more information, see Cloud NGFW for Azure Security Features and CDSS Capabilities.
  • Cloud NGFW native policy management. With native policy management, you define security policy rules and group those rules together in a rulestack. While Security policy rules enable you to allow or block traffic on your network, Security Profiles help you define an allow but scan rule, which scans allowed applications for threats, such as malware, spyware, and DDoS attacks. When traffic matches the allow rule defined in the Security policy rule, the Security Profiles attached to the rule are applied for further content inspection rules such as antivirus checks and data filtering. For more information, see Cloud NGFW native policy management.
  • Panorama policy management. You can use a Panorama appliance to manage a shared set of security rules centrally on Cloud NGFW resources alongside your physical and virtual firewall appliances. You can also manage all aspects of shared objects and profiles configuration, push these rules, and generate reports on traffic patterns or security incidents of your Cloud NGFW resources, all from a single Panorama console. Panorama provides a single location from which you can have centralized policy and firewall management across hardware firewalls, virtual firewalls, and cloud firewalls, which increases operational efficiency in managing and maintaining a hybrid network of firewalls. For more information, see Panorama policy management.
  • Strata Cloud Manager policy management. You can integrate your Cloud NGFW resources with Strata Cloud Manager (SCM) for policy management. With this integration, you can use a single Strata Cloud Manager to centrally manage a shared set of security rules on Cloud NGFW resources alongside your physical and virtual firewall appliances. You can also manage all aspects of shared policy configurations, gain comprehensive visibility with actionable insights, and generate reports on traffic patterns or security incidents of your Cloud NGFW resources, all from a single console. For more information, see Strata Cloud Manager policy management.