>There is an overview of Azure security at https://docs.microsoft.com/en-us/azure/best-practices-network-security . In that document, starting at the picture of the concentric ovals the various layers of available security are outlined.
>
>The Cisco virtual appliance is an option for just one of those layers, the one closest to your deployment ("Network Virtual Appliances" [NVA]). I still can't find any Microsoft/Azure NVA for that layer so I can't comment on how they may compare.
>
>Unless you can be more specific, I'd think comparing the ASAv to the Azure full stack would be an invalid comparison (apples & oranges).
>
>Update: the Azure Marketplace currently lists 15 network/security virtual appliances, I don't see any by Microsoft: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/category/networking?page=1&subcategories=appliances

Now, that is interesting. I am surprise to see Cisco ASAv in there but it is a well acknowledged surprise. I know this is an enormous world. So, it is good to know they have it in there as well. The first overview I got from an ISP mentioned they did not have it. Maybe some ISP have agreement to host Azure environment but not all of it. So, basically, whoever considers moving from one solution to another, would probably be able to reuse pretty much of that configuration, should they had Cisco ASAv.

The first impressions received where about mentions that the entire security concept had to be leverage around the Netscaler and things like that, thus at the load balancer level. I wasn't very impressed with that.