First Look at Azure Firewall

Some of the most common networking related questions Codify receive during Cloudlift assessments are:

  • How do I control traffic from Azure to the internet?
  • Managing traffic entering and exiting Azure through ExpressRoute & Site-to-Site VPN’s?

While possible the only options have been a convoluted mix of a pair of Network Virtual Appliances (NVA’s), Network Security Groups (NSG’s) and Route Tables which lead to a complicated network routing patterns, and depending on your NVA vendor could involve convoluted failover processes.

The recently release Azure Firewall attempts to overcome some of these issues by offering a PaaS offering for network security. While it’s features are currently limited in Public Preview, it still covers most workloads that Codify have implemented previously. In conjunction with NSG’s & Log Analytics it comes out of the gate with a strong start.


The good:

  • Highly available by default
  • Simple to understand and use in the portal
  • Integration with Log Analytics & OMS

The bad:

  • Limited functionality when compared to full products such as Palo Alto, Fortigate, ASA ect.
  • Requires the use of User Defined Routes increasing complexity
  • Outbound traffic only, requires the use of a WAF for inbound traffic

A great first step for a SaaS networking solution from Azure. The features released in the public preview cover over 80% of use cases that Codify have come across. Given that it is in public preview caution is advised as changes to the product may occur that impact your production environment.

related insights



Left Quote


Codify… persistent,
tenacious and patient.
And bloody smart.

Michael Dines, Chief Information Officer, Goodstart Early Learning

Left Quote


They are willing to challenge the norm…
and it was through questioning the norm…
that has got us to the point we’re at today.

Justin Cook, Account Technology Strategist, Microsoft

Left Quote


Codify are very easy to work with…
they gave us guidance, great advice
and are helping us look to the future.

Justin Thomas, ICT Manager, Corporate Services, Noosa Shire Council

Left Quote


We wanted – and got –
a fit for purpose solution.
Codify delivered on this.

Mike Dixon, CFO, Wesfarmers Resources Limited