Blog Layout

Routing, Firewall Policies, and Security Profiles

Akins IT • Nov 22, 2019

SECURING YOUR AZURE VIRTUAL NETWORK WITH A NEXT GENERATION FIREWALL


PART 4: ROUTING, FIREWALL POLICIES, AND SECURITY PROFILES


User Defined Routes (UDR)


By default, Azure networks automatically generate system routes for connectivity between subnets within a VNET. A default route of 0.0.0.0/0 also exists to forward traffic out to the internet for VM’s residing in that VNET. With that said, introducing an NGFW virtual appliance to the environment will require that these routes be updated to utilize the NGFW as its next hop. If not, Azure traffic will continue to route through the transparent system routes and will never touch the NGFW virtual appliance.


System routes can be overridden using User Defined Routes (UDR). The UDR can be deployed via the Azure Marketplace (known as Route Table). Within the Route Table object, new routes can be specified to route subnet and internet bound traffic through the NGFW. The Route Table object will also need to be associated to each subnet that require the use of UDR’s. If different subnets require different UDR’s, multiple Route Tables can be implemented to achieve this.


Firewall Policies and NGFW UTM Features


Once Azure traffic is routed through the NGFW virtual appliance, firewall policies must be in place to allow both subnet to subnet and inside to outside communication. The benefit now is that these policies can be built out and managed using a familiar NGFW GUI, and traffic can be inspected using UTM (Unified Threat Management) features such as Antivirus (AV), Intrusion Prevention System (IPS), Web and Application content filtering.


The FortiGate virtual appliance, for example, provides Botnet C&C blocking to known malicious IP’s and domains. Sandbox cloud AV detection can be enabled to provide protection against zero-day virus’, and advanced logging and traffic analytics will be available to assist with both traffic monitoring and troubleshooting.


Full SSL inspection (deep packet inspection) should also be implemented since it provides the highest accuracy when it comes to content filtering, IPS and AV. Considering that roughly 97% of all traffic is now encrypted, full SSL inspection is a must to ensure that your environment is secure. With full SSL inspection, the NGFW acts as a MITM (man in the middle) to decrypt encrypted traffic, inspect it, then re-encrypt it for transmission to its destination.


INTERESTED IN VIEWING THE WEBINAR VIDEO ON THIS TOPIC? FILL OUT THE FORM.


CONTACT US TO LEARN MORE ABOUT THIS TOPIC OR TO SCHEDULE A CALL

Navigating the Future of Work with Microsoft 365 Copilot Prompts

By Shawn Akins 15 Apr, 2024
In the ever-evolving landscape of the digital workplace, Microsoft 365 Copilot stands as a beacon of innovation, guiding users through the complexities of their daily tasks with ease and efficiency. As we embrace this new era of work, understanding the capabilities and utilization of Copilot prompts becomes essential. What are Copilot Prompts? Copilot prompts are intelligent cues that empower users to harness the full potential of Microsoft 365. They are designed to understand the context of your work and provide suggestions that are not only relevant but also tailored to enhance productivity.  The Power of Contextual Understanding At the heart of Copilot prompts is the advanced AI that meticulously analyzes the content you're working on. Whether it's an email, a document, or a spreadsheet, Copilot grasps the essence of your task and offers prompts that propel you forward. Streamlining Collaboration Collaboration is the cornerstone of modern work, and Copilot prompts are the perfect ally. They facilitate seamless communication by suggesting replies in emails, aiding in the co-authoring of documents, and ensuring that your team stays on the same page. Enhancing Creativity Beyond the realms of productivity, Copilot prompts also serve as a muse for your creativity. They can assist in drafting compelling narratives, generating ideas, or even crafting personalized messages that resonate with your audience. Learning and Growing with Copilot As you interact with Copilot prompts, they learn and adapt to your unique style and preferences. This continuous learning process ensures that the assistance you receive is always improving, making your experience with Microsoft 365 increasingly intuitive. Conclusion Microsoft 365 Copilot prompts are more than just a feature; they are your partner in navigating the future of work. By understanding their functionality and integrating them into your workflow, you can unlock new levels of efficiency, collaboration, and creativity.

Case Study: Rapid Response to Security Breach

By Shawn Akins 15 Apr, 2024
Sky at Chandler Airpark

Case Study: Management Support Server Upgrade

By Leislee Mamba 18 Jan, 2024
Akins IT assists Management Support in migrating their physical server infrastructure to new hardware and enhancing their backup process for improved disaster recovery.
More Posts
Share by: