Configuring Azure Web Application Firewall

Firewalls play a critical role in securing an environment, but not all firewalls are created equally. While traditional firewalls secure a perimeter, web-based applications require a content-aware solution beyond port and IP address blocking. Azure Web Application Firewall is a cloud-native service that protects web applications from new and well-known web-based attacks.

In this course, we review Azure Web Application Firewall. We examine different options for implementing the Web Application Firewall, including using it with Azure Application Gateway, Azure Front Door, and Azure Content Delivery Network. We create and apply rulesets, including Azure managed and user-managed custom rules. We also configure diagnostic logging options and review firewall logs from the Web Application Gateway.

Learning Objectives

  • Configuring detection or prevention mode
  • Implementing a WAF policy 
  • Associating a WAF policy
  • Configuring rule sets for Azure Front Door, including Microsoft-managed and user-defined
  • Configuring rule sets for Application Gateway, including Microsoft-managed and user-defined

Intended Audience

  • System administrators with responsibilities for managing web applications
  • Security professionals responsible for securing Azure web applications
  • Anyone preparing for the Azure AZ-700: Designing and Implementing Microsoft Azure Networking Solutions exam


  • A basic understanding of networking and security principles
  • An Azure subscription (sign up for a free trial at if you don’t have a subscription)

Hello and welcome to the course on configuring Azure Web Application Firewall. My name is Travis Roberts, I'm an Azure Solutions Architect Expert, Microsoft Certified Trainer, and Microsoft MVP with over 20 years of experience with Microsoft Infrastructure. I'm excited to get started on this journey to learn about the Web Application Firewall.

In this course, you'll learn to implement and associate rule sets for the Application Gateway, including Microsoft managed and user-defined rules. Implement and associate rule sets for Azure Front Door, including Microsoft managed and user-defined rules. Configure detection or prevention mode. And configure logging for the Web Application Firewall. Coming up, we'll get started with an overview of what the Web Application Firewall is and how it fits with the Azure Application Gateway, Azure Front Door, and Azure Content Delivery Network. After that, we'll review and walk through implementing a Web Application Firewall policy for an application gateway, then configure the rule sets with custom rules.

Next, we'll implement and configure a Web Application Firewall policy for Azure Front Door. Finally, we'll review logging options then walk through enabling the Web Application Firewall diagnostic logs. Thank you for taking this course, please don't forget to rate this course when you're finished. Your feedback is greatly appreciated. I look forward to seeing you in the next lecture to get started.

About the Author

Travis Roberts is a Cloud Infrastructure Architect at a Minneapolis consulting firm, a Microsoft MVP, MCT, and author. Travis has 20 years of IT experience in the legal, pharmaceutical, and marketing industries and has worked with IT hardware manufacturers and managed service providers. In addition, Travis has held numerous technical certifications throughout his career from Microsoft, VMware, Citrix, and Cisco.