hands-on lab

Deploying and Configuring Azure Firewall

Up to 55m
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.
Lab description

Azure Firewall is a stateful firewall service that is hosted in Azure. It provides a highly available firewall solution that is also extremely scalable.  The Azure Firewall service also provides logging and metrics on the network traffic of virtual networks among subscriptions. There are many types of filtering, such as Application FQDN and Network filtering. There is even threat intelligence filtering, which is a feature that can be enabled to alert or block traffic from/to known malicious IP addresses and domains. Azure Firewall can be combined with Virtual Desktop Infrastructure (VDI) deployments on Azure to create a secure work remote work environment for businesses. 

In this lab, you will deploy and configure an Azure Firewall and create rules for devices on an internal network.

Learning Objectives

Upon completion of this lab you will be able to:

  • Understand the concept of a stateful firewall
  • Learn how to deploy the Azure Firewall service
  • Create rules to allow and secure access to an internal network in Azure

Intended Audience

This lab is intended for:

  • Individuals studying to take the AZ-500 exam
  • Anyone interested in Azure Cloud Security

Lab Prerequisites

You should be familiar with:

  • Working at the command line in Linux
  • Basic Azure concepts including resource groups, virtual networks, VMs, and the Azure CLI
  • Networking fundamentals such as subnets, ports, and routing

The following courses can be used to fulfill the prerequisites:


November 9th, 2023 - Updated the instructions and screenshots to reflect the latest UI

February 18th, 2021 - Updated firewall creation settings to reflect the latest Portal experience

Environment before

Environment after

About the author
Learning paths

Luke is a Site Reliability Engineer at Microsoft. His background is infrastructure development using Terraform and in 2021 he was awarded the HashiCorp Ambassador award. He is an Azure DevOps Engineer Expert, Azure Administrator Associate, and HashiCorp Certified - Terraform Associate.

Lab steps
Logging in to the Microsoft Azure Portal
Deploy the Azure Firewall Service and Create Route
Create Azure Firewall Rules
Test Azure Firewall Rules