Both products are very stable and easily scalable.
The setup of Azure Firewall is easy and very user-friendly and the overall cost is reasonable. Azure Firewall offers a solid threat awareness, can easily identify threat risks, and gives users the ability to set filters to deny traffic from problematic malicious domains or IP addresses. Azure Firewall allows for the creation of virtual IP addresses, which makes it very attractive.
Palo Alto VM Series can launch very quickly and makes it easy to move firewalls when needed. It offers great incoming and outgoing traffic control, which gives greater awareness with regard to threat and malware protection.
Azure Firewall can be challenging when implementing across various regions and this solution could also be more customizable. Although it offers some great filtering options, it lacks some of the advanced features that some other solutions provide.
Palo Alto VM Series can be a very complex solution to use and could be simplified. The VM series does not integrate that well with other solutions. It also does not have a cloud-based solution that offers a secure gateway, which can be problematic for many enterprises. The reporting processes need to be improved. We found that it lacks what many other solutions are offering.
Both the Azure Firewall and Palo Alto VM Series provide very secure options with regard to traffic control and threat awareness. As with many solutions, each of these has different capabilities that meet the varying needs of today’s complex and challenging business environments. While Azure Firewall offers ease of use and control overall, the Palo Alto VM series provides different options for more complex business situations. Choosing the best firewall solution for your enterprise really depends on the type of traffic, situation, and business.
Is it required in your company to conduct a security review before purchasing a firewall? Also, do you need to perform reviews after (how often)?
What are the common materials you use in the review? Do you have any tips or advice?
Any pitfalls to watch out for?
Yes, I recommend doing a security review regularly. Not necessarily before a firewall purchase unless you have not done one lately. Having the results of the review will help you understand what capabilities you need in a firewall. As an example, if you get a ton of login attempts from outside your country of origin but have no customers or partners outside the country you will want to have "country blocking" capabilities. There are a number of tools that can be used for evaluations. We currently use RMM and Security tools from SolarWinds.
We have other tools as well. To perform a security review you have to have tools do the work. It simply is not possible for an individual to perform a thorough check without significant automation. We offer this as a service as well.
Pro's: SolarWinds has a free version of some of the useful tools such as SIEM Security Information and Event Management (SIEM) Tool. You can rent some tools by going though a partner (such as us BayStateTechnology.com)
Con's: Tools to purchase are a bit expensive. Performance checks that RMM uses is not accurate on large busy machines. Support leaves much to be desired.
CEO & Sr. Information Security Consultant at a tech services company with 1-10 employees
23 July 18
The only question for a review would be based on your requirements. For example, does the firewall meet Common Criteria standards or other security controls.
Generally, we suggest pursuing a NGFW and our initial recommendation is Fortinet. Good news is the NSS results put Fortinet as the #1.