Description
Azure Firewall is a managed, cloud-native, stateful network security service that protects your Azure Virtual Network (VNet) resources. It provides built-in high availability and scalability, allowing centralized enforcement of application and network-level connectivity policies across multiple subscriptions and virtual networks.
In this lab, you’ll perform a basic setup and configuration of Azure Firewall using the Azure Portal. You’ll also create the required Virtual Network and subnet during deployment to learn how Azure Firewall filters traffic between subnets and external networks in a simple, easy-to-follow setup.
Objectives
In this lab, you will:
- Learn how to create a Virtual Network and subnet during Azure Firewall setup.
- Configure basic network and application rules to manage traffic flow.
- Deploy Azure Firewall through the Azure Portal.
- Test and verify connectivity through the firewall to ensure rules are working properly.
Subscribe to access Azure PlayCloud LabsLab Steps
Creating an Azure Firewall
1. Navigate to the Azure Firewall service by typing Firewall and selecting the Firewalls service in the search bar.
2. Start creating the firewall by clicking Create at the upper bar or by clicking the Create firewall button at the center of the page.
Configuring the Firewall
1. In the Basics tab, set the following configuration:
- Resource group: default resource group (azure-lab-rg-****)
- Name: your desired Azure Firewall name
- Region: Central US
- Firewall SKU: Basic
2. In Firewall policy, click Add new to create a new firewall policy.
- Policy name: your desired Firewall policy name
- Region: Central US
- Click OK
3. Configure the virtual network and address space
- Choose a virtual network: choose Create new
- Virtual network name: your desired virtual network name
- Address space: 10.0.0.0/16
- IPv4 subnet: 10.0.1.0/24
- Public IP address: Add new -> your desired Public IP name
4. Configure the Firewall Management NIC
- Subnet address space: 10.0.2.0/26
- Management public IP address: Add new -> your desired Management Public IP name (this is different from the Public IP in the previous step)
5. Once done, scroll up and click the Review + create tab to validate your configuration.
Final validation and deployment
1. Wait for the “Validation passed” message to show up, then review if all configurations are correct. Once done, click Create.
2. Wait for the deployment to be successful. Once done, check the new firewall that you created.
Congratulations! You have successfully deployed your first Azure Firewall along with the necessary Virtual Network and management subnet. This foundational setup ensures that your network traffic can be filtered and secured using Azure Firewall. In upcoming guided labs, you will learn how to configure firewall rules, set up route tables to route traffic through the firewall, deploy virtual machines behind it, and monitor traffic using Azure Monitor, enabling you to fully utilize Azure Firewall’s capabilities.