Protecting Your Azure Deployment With Next-Generation Security

The shared security responsibility model states that protecting your Microsoft® Azure® applications and data is your responsibility. Our VM-Series on Azure enables you to protect your applications and data in Azure from known and unknown threats as vigilantly as you protect on-premise applications and data.

The VM-Series on Azure complements default security features with complete application visibility and control, resulting in a reduction in the threat footprint and the ability to prevent known and unknown threats.

Hybrid Cloud: Securely Enable App Dev and Test

Securely migrate application development and testing onto Azure through a hybrid deployment that integrates your existing development environment with Azure via a secure connection. This approach allows your application development and testing team to get started while maintaining a strong security posture.

When deployed on Azure, the VM-Series can act as an IPsec VPN termination point to enable secure communications to and from Azure. Application control and threat prevention policies can be layered atop the IPsec VPN tunnel or Azure Express Route as added security elements. 

Segmentation Gateway: Separation for Security and Compliance

High-profile breaches have shown that cybercriminals are adept at hiding in plain sight, bypassing perimeter controls and moving at will across networks – both physical and virtualized. An Azure VNet provides an isolation and security boundary for your workloads.

The VM-Series can augment that separation through application-level segmentation policies to control traffic between the VNets and across subnets. With application-level policies, you have greater control over application traffic moving laterally, and you can apply threat prevention policies to block their movement as well.

Internet Gateway: Protect Production Workloads

As your Azure deployment expands to include public-facing workloads, you can use the VM-Series on Azure as an internet gateway to protect web-facing applications from known and unknown threats.

Additionally, you can enable direct access to web-based developer resources, tools and software updates, thereby minimizing the traffic that flows back to corporate and then out to the web.

GlobalProtect: Extend Security to Users and Devices

GlobalProtect™ network security for endpoints will enable you to extend perimeter security to your remote users and mobile devices, regardless of their location.

GlobalProtect establishes a secure connection to protect the user from internet threats and enforces application-based access control policies. Whether the need is for access to the internet, data center or SaaS applications, the user will enjoy the full protection provided by the VM-Series next-generation firewall.