By Trevor Patch, Principal Cloud Architect

Federal agencies, especially the DoD, have the assigned mission of ensuring our nation’s security, and with that comes the challenge of protecting associated information systems. In the last decades, cloud computing emerged as a technology with tremendous potential, and as federal agencies increasingly adopt cloud-based architectures, network security becomes even more critical to protect against cyber threats.

Azure Firewall is becoming a popular cloud native next generation firewall for securing network traffic in tightly coupled Azure environments driven through Microsoft’s Cloud Adoption Framework. Azure Firewall, like most next generation firewalls, provides features such as network and application-level filtering, web category filtering, IDPS, threat intelligence integration, and much more. One aspect of Azure Firewall configuration is the definition of security policies, which specify how traffic is allowed or blocked based on various criteria. However, it can be daunting to address the challenges adopting advanced firewall capabilities, particularly if an organization lacks individuals with deployment and migration experience in networking, next generation firewalls, and cloud. Working with an experienced, trusted partner — like Presidio Federal —can help.

Our experienced solution architect team recently completed a migration of a security policy from a “Network Rule Collection” to an “Application Rule Collection” in Azure Firewall for a federal agency. This involved allowing the granular filtering of web traffic from virtual machines in a spoke network to public fully qualified domain names (FQDNs) in support of TIC 3.0 web Policy Enforcement Points (PEPs) requirements.

Our solution architect team is currently working with several agencies on migrating from basic network layer security policy to advanced application layer security policy on Azure cloud native firewalls and can provide guidance and consulting to your agency on how to effectively manage network traffic in an Azure environment. The importance of carefully selecting the right partners for successful deployment in terms of performance, reliability, and cost savings is more important than ever. At Presidio Federal, we have extensive experience working with federal agencies to design, deploy, and manage all aspects of private and public cloud infrastructure solutions that meet the requirements unique to your mission. Learn more about our cloud solutions or contact us today to set up a cloud assessment.