New Features - Cloud NGFW for Azure - September 2025

Cloud NGFW now publishes additional metrics in Azure Monitor to address visibility gaps that make it difficult to proactively identify performance issues and capacity constraints before they impact your applications. Without comprehensive metrics, you rely on reactive troubleshooting after users report problems, leading to extended downtime and degraded security posture during performance incidents. With enhanced Azure Monitor integration, you can now monitor your Cloud NGFW's health, performance, and usage patterns through key metrics including throughput, sessions, SNAT port utilization, latency, and packet counts.

These metrics provide real-time visibility into your firewall's operational state, allowing you to set up automated alerts for threshold violations and proactively address capacity issues before they affect traffic flow. You can now correlate firewall performance with application behavior, identify bottlenecks more quickly, and make data-driven decisions about scaling and optimization. The metrics integrate seamlessly with your existing Azure Monitor dashboards, enabling unified visibility across your entire Azure infrastructure.

For more information, see View Cloud NGFW for Azure Monitoring Metrics.

Cloud NGFW for Azure now supports multi-dimensional scaling to address scenarios where traditional throughput-based scaling alone cannot prevent performance degradation or service disruptions. Workloads with high connection counts but low bandwidth, or applications experiencing SNAT port exhaustion, can encounter performance issues even when throughput metrics appear healthy. With multi-dimensional scaling, Cloud NGFW now automatically scales based on additional metrics including Source NAT port utilization, session throughput, and session count, ensuring greater reliability and performance for diverse workloads.

This intelligent scaling responds to the specific demands of your applications, whether they generate numerous short-lived connections, sustained high-bandwidth transfers, or intensive NAT operations. You no longer need to manually adjust capacity based on anticipated traffic patterns or react to performance issues after they occur. The firewall automatically provisions additional resources when any monitored metric approaches threshold limits, maintaining consistent performance across varying workload characteristics while optimizing cost by scaling down during periods of lower demand.

For more information, see Cloud NGFW for Azure Resiliency and Scalability and View Cloud NGFW for Azure Metrics natively in Azure.

Cloud NGFW on Azure now simplifies Strata Logging Service enablement for existing Panorama-managed firewalls to address the challenge of centralizing and analyzing security logs across hybrid and multi-cloud environments. Organizations managing Cloud NGFW resources through Panorama previously faced complex configuration processes to enable cloud-based log aggregation, limiting their ability to gain unified visibility across their security infrastructure. With simplified activation, you can now enable Strata Logging Service for existing Panorama-managed Cloud NGFW for Azure resources by simply generating a new registration string from the Panorama plugin and updating it in the Azure portal.

This streamlined process eliminates manual configuration steps and reduces the time required to activate centralized logging from hours to minutes. Once enabled, you can leverage Strata Logging Service's scalable storage and advanced query capabilities to perform comprehensive security investigations across your Cloud NGFW deployments without worrying about log storage capacity or retention management. The service automatically scales with your traffic volume, ensuring you always have access to the security telemetry you need for compliance, threat hunting, and incident response.

For more information, see Enable Strata Logging Service (SLS) for existing Panorama-managed firewalls and View Traffic and Threat Logs in Strata Logging Service.