Azure Firewall is a stateful firewall service that is hosted in Azure. It provides a highly available firewall solution that is also extremely scalable.  The Azure Firewall service also provides logging and metrics on the network traffic of virtual networks among subscriptions. There are many types of filtering, such as Application FQDN and Network filtering. There is even threat intelligence filtering, which is a feature that can be enabled to alert or block traffic from/to known malicious IP addresses and domains. Azure Firewall can be combined with Virtual Desktop Infrastructure (VDI) deployments on Azure to create a secure work remote work environment for businesses. 

In this lab, you will deploy and configure an Azure Firewall and create rules for devices on an internal network.

Learning Objectives

Upon completion of this lab you will be able to:

• Understand the concept of a stateful firewall
• Learn how to deploy the Azure Firewall service
• Create rules to allow and secure access to an internal network in Azure

Intended Audience

This lab is intended for:

• Individuals studying to take the AZ-500 exam
• Anyone interested in Azure Cloud Security

Lab Prerequisites

You should be familiar with:

• Working at the command line in Linux
• Basic Azure concepts including resource groups, virtual networks, VMs, and the Azure CLI
• Networking fundamentals such as subnets, ports, and routing

The following courses can be used to fulfill the prerequisites:

• Networking Fundamentals Pathway
• Microsoft Azure Fundamentals

Updates

October 14th, 2024 - Updated the instructions and screenshots to reflect the latest UI

November 9th, 2023 - Updated the instructions and screenshots to reflect the latest UI

February 18th, 2021 - Updated firewall creation settings to reflect the latest Portal experience