Protect Traffic with Cloud NGFW for Azure
Learn how to protect your Cloud NGFW for Azure resource.
Where Can I Use This? | What Do I Need? |
|
- Cloud NGFW subscription
- Palo Alto Networks Customer Support Portal account
- Azure Marketplace subscription
|
Cloud NGFW provides various types of protection and policy management options:
- Cloud-Delivered Security Services (CDSSS). Palo Alto Networks suite of
Cloud-Delivered Security Services (CDSS) provide access to specialized
subscription-based security solutions, designed specifically to defend against
known, unknown, and advanced evasive threats. The threat data that is generated
through advanced analysis is shared across the Palo Alto Networks security
platforms to provide complete coverage across all threat vectors. For more
information, see Cloud NGFW for Azure Security
Features and CDSS Capabilities.
- Cloud NGFW native policy management. With native policy management, you
define security policy rules and group those rules together in a rulestack.
While Security policy rules enable you to allow or block traffic on your
network, Security Profiles help you define an allow but scan rule, which
scans allowed applications for threats, such as malware, spyware, and DDoS
attacks. When traffic matches the allow rule defined in the Security policy
rule, the Security Profiles attached to the rule are applied for further content
inspection rules such as antivirus checks and data filtering. For more
information, see Cloud NGFW native policy
management.
- Panorama policy management. You can use a Panorama appliance to manage a
shared set of security rules centrally on Cloud NGFW resources alongside your
physical and virtual firewall appliances. You can also manage all aspects of
shared objects and profiles configuration, push these rules, and generate
reports on traffic patterns or security incidents of your Cloud NGFW resources,
all from a single Panorama console. Panorama provides a single location from
which you can have centralized policy and firewall management across hardware
firewalls, virtual firewalls, and cloud firewalls, which increases operational
efficiency in managing and maintaining a hybrid network of firewalls. For more
information, see Panorama policy
management.
- Strata Cloud Manager policy management. You can integrate your Cloud NGFW
resources with Strata Cloud Manager (SCM) for policy management.
With this integration, you can use a single Strata Cloud Manager to centrally
manage a shared set of security rules on Cloud NGFW resources alongside your
physical and virtual firewall appliances. You can also manage all aspects of
shared policy configurations, gain comprehensive visibility with actionable
insights, and generate reports on traffic patterns or security incidents of your
Cloud NGFW resources, all from a single console. For more information, see Strata Cloud Manager policy
management.