Azure Firewall is a stateful firewall service that is hosted in Azure. It provides a highly available firewall solution that is also extremely scalable. The Azure Firewall service also provides logging and metrics on the network traffic of virtual networks among subscriptions. There are many types of filtering, such as Application FQDN and Network filtering. There is even threat intelligence filtering, which is a feature that can be enabled to alert or block traffic from/to known malicious IP addresses and domains. Azure Firewall can be combined with Virtual Desktop Infrastructure (VDI) deployments on Azure to create a secure work remote work environment for businesses.
In this lab, you will deploy and configure an Azure Firewall and create rules for devices on an internal network.
Learning Objectives
Upon completion of this lab you will be able to:
- Understand the concept of a stateful firewall
- Learn how to deploy the Azure Firewall service
- Create rules to allow and secure access to an internal network in Azure
Intended Audience
This lab is intended for:
- Individuals studying to take the AZ-500 exam
- Anyone interested in Azure Cloud Security
Lab Prerequisites
You should be familiar with:
- Working at the command line in Linux
- Basic Azure concepts including resource groups, virtual networks, VMs, and the Azure CLI
- Networking fundamentals such as subnets, ports, and routing
The following courses can be used to fulfill the prerequisites:
Updates
November 9th, 2023 - Updated the instructions and screenshots to reflect the latest UI
February 18th, 2021 - Updated firewall creation settings to reflect the latest Portal experience
Luke is a Site Reliability Engineer at Microsoft. His background is infrastructure development using Terraform and in 2021 he was awarded the HashiCorp Ambassador award. He is an Azure DevOps Engineer Expert, Azure Administrator Associate, and HashiCorp Certified - Terraform Associate.