Enterprise networks have become more complex as the number of branches, data centers, and cloud deployments have increased. The complex spiderweb of connectivity makes it challenging to comprehensively secure all the applications and workloads without needing to deploy firewalls everywhere. To help customers manage complex connectivity, Microsoft Azure launched the Virtual WAN (vWAN) networking service, bringing together networking, security, and routing functionalities into a single operational interface.

Today, with the release of version 7.4.1 – Cisco Secure Firewall Threat Defense Virtual (formerly FTDv) now integrates with Azure Virtual WAN to effortlessly insert next-generation virtual firewalls into the Azure vWAN hub. This integration simplifies how customers secure their enterprise network as they expand their cloud footprint to Microsoft Azure.

With Secure Firewall Threat Defense Virtual, customers receive comprehensive protection against known and unknown threats that target their networks and applications. Delivered in a virtualized form factor, it contains Snort 3 IPS, malware defense, URL filtering, sandboxing, and leverages threat intelligence from Cisco Talos — which sees and analyzes over 550 billion security events per day to better protect customer environments from sophisticated cyber threats and zero-day attacks.

Figure 1: Azure Virtual WAN hub – High-level overview

With this integration – customers can seamlessly extend Cisco’s advanced firewalling capabilities to the cloud, providing consistent policy enforcement and greater control over the attack surface across their hybrid environment.

Integrating Secure Firewall with Azure Virtual WAN offers additional benefits including:

  • Built-in availability and resiliency: Virtual WAN Network Virtual Appliance (NVA) deployments are Availability Zone (AZ) aware and are automatically configured to be highly available.
  • Quick and easy provisioning: A managed application is prequalified for provisioning and boot-strapping for the Virtual WAN platform.
  • Simplified routing: Leverage Virtual WAN’s intelligent routing systems. NVA solutions peer with the Virtual WAN hub router and participate in the Virtual WAN routing decision process like Microsoft Gateways.
  • Integrated support: Partners have a special support agreement with Microsoft Azure Virtual WAN to quickly diagnose and resolve any customer problems.

With cloud environments growing more complex, it is critical to simplify security insertion to better protect cloud workloads and infrastructure. By integrating Secure Firewall with Azure Virtual WAN, we are able to bring together networking, advanced network security, and routing functionalities into a single operational interface—elevating Azure customer’s cloud security posture to reduce risk and safeguard critical assets and data from the ever-evolving cyber threats of the cloud era.

Want to learn more about this integration? See additional details in the Getting Started Guide.

Learn more about the Azure Virtual WAN offer: https://learn.microsoft.com/en-us/azure/virtual-wan/virtual-wan-about

Additional Resources

Website: Secure Firewall Threat Defense Virtual

Azure Marketplace: Secure Firewall Threat Defense Virtual for Azure WAN

Data sheet: Secure Firewall Threat Defense Virtual


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!

Cisco Security Social Channels



Pal Lakatos-Toth

Engineering Product Manager

Security Business Group