What is most valuable?
High availability is built in, so no additional load balancers are required and there's nothing you need to configure
Azure Firewall can be configured during deployment to span multiple Availability Zones for increased availability
You can limit outbound HTTP/S traffic or Azure SQL traffic (preview) to a specified list of fully qualified domain names (FQDN) including wild cards. This feature doesn't require TLS termination.
You can centrally create allow or deny network filtering rules by source and destination IP address, port, and protocol. Azure Firewall is fully stateful, so it can distinguish legitimate packets for different types of connections
Threat intelligence -based filtering can be enabled for your firewall to alert and deny traffic from/to known malicious IP addresses and domains
Inbound Internet network traffic to your firewall public IP address is translated (Destination Network Address Translation) and filtered to the private IP addresses on your virtual networks.
What needs improvement?
They can improve the pricing of Azure Firewall.
For how long have I used the solution?
I have been using this solution for maybe one year. We are a gold partner with Microsoft.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
It is scalable. We have around 200 users, and we have around 10 members for maintenance.
How was the initial setup?
It is easy to set up. It took around 1 hour.
What's my experience with pricing, setup cost, and licensing?
Azure Firewall is more expensive. If Microsoft can make Azure Firewall cheaper, I can see that all clients will think of using it.
One client used FortiGate because it is much cheaper. Some clients ask me for Cisco, but in the cloud estimate, I found its cost is the same as Azure Firewall.
Which other solutions did I evaluate?
Azure Firewall is the best to use with all Microsoft solutions. I also use Fortinet, Sophos, and Cisco. It's about the client's priority, that is, what they request.
What other advice do I have?
I would recommend Azure Firewall, but it is all about the client's priority and budget. If a client wants to use Azure Firewall, we do that. If the clients wants FortiGate or Sophos, or the cost is higher for the clients to use Azure Firewall, they can move to FortiGate or Sophos. For low budget or low cost, I recommend FortiGate.
I would rate Azure Firewall an eight out of ten.
Which deployment model are you using for this solution?