Internet inbound (also known as Destination NAT) for Next-Generation Firewall Network Virtual Appliances (NVAs) integrated with the Virtual WAN hub is now in public preview.
Destination NAT allows network administrators to publish applications to users in the broader internet without directly exposing the application or server public IP. Consumers access applications through a public IP address assigned to a Firewall Network Virtual Appliance. The NVA is configured to filter and translate traffic and control access to backend applications.
Virtual WAN customers can now associate public IP addresses to Firewall NVA’s deployed in the Virtual WAN Hub and use NVA management and orchestration software to program both Virtual WAN infrastructure and the NVA to accept and forward inbound traffic.
Documentation to get started with Destination NAT
Destination NAT is available for Check Point Cloud Guard Network Security and Fortinet Next-Generation Firewall (reach out to azurevwan@fortinet.com).