skip to Main Content

New Azure Firewall Capabilities

Azure Firewall allows you to centrally manage and log all your traffic flows using a DevOps approach. The service supports filtering rules both at an application and network level. It is also integrated with the Microsoft Threat Intelligence feed for filtering known malicious IP addresses and domains.

February saw some good new features incorporated into the service. Here is a quick rundown:

New Certification

ICSA Labs Corporate Firewall Certification

Azure Firewall is the first cloud firewall service to receive the ICSA Labs Corporate Firewall Certification.

ICSA Labs is a top third-party testing and certification company for IT products and network-connected devices.

New Features Generally Available

Customer configured SNAT private IP address ranges

You can now configure Azure Firewall to not Source Network Address Translation (SNAT) specified custom IP address ranges. This is on top of the automated setting that does not SNAT when the destination IP address is a private IP address range.

High ports restriction relaxation

Azure Firewall has always had a restriction that prohibited network and application rules from including ports above 64,000. With this update, you can now use any port in the 1-65535 range in network and application rules.

New Features in Preview

Forced Tunnelling Support

Forced tunnelling allows you to redirect all internet-bound traffic from Azure Firewall to your on-premises firewall, or a nearby Network Virtual Appliance, for further review using a specially configured subnet.

IP Groups

IP Groups is a new resource that enables you to sort and administer IP addresses in Azure Firewall rules. Simply name your IP group, and enter IP addresses directly or upload a file. This streamlines your experience and reduces time spent dealing with IP addresses.


Read the Documentation:

Azure Firewall

Azure Firewall Manager

Forced Tunnelling

IP Groups

SNAT private IP address ranges


About the Author

Marketing Manager, Leah Monterroso, has been writing blogs and articles for the last six years. Since working with Ballard Chalmers, she has immersed herself in Microsoft tech news and bringing value to clients and the wider community through content.

You can find Leah online at:

Back To Top
Contact us for a chat