Skip to content

Latest commit

 

History

History

Add-new-firewalls-to-existing-deployment

README.md

Azure-Firewall-into-existing-environment

Select the template that matches your requirements

Two Arm Firewall (Management + Untrust + Trust Interfaces into Availability Zones)

This template was created to support the deployment of a 3 interface Palo Alto Networks firewall into an existing Microsoft Azure environment that has the following items already deployed: The following are required

  • Firewalls into existing VNET in another RG
  • VNET - with 3 subnets (Management + Untrust + Trust) in a region supporting AZs
  • Resource Group for Firewall (Select the Firewall RG when deploying)
  • Resource Group for VNET

Single Arm Firewall (Management + Trust Interfaces)

This template was created to support the deployment of a 2 interface Palo Alto Networks firewall into an existing Microsoft Azure environment that has the following items already deployed: The following are required

  • Availability Set for the Firewall
  • VNET - with 2 subnets (Management + Trust)
  • Resource Group for Firewall

Two Arm Firewall (Management + Untrust + Trust Interfaces)

This template was created to support the deployment of a 3 interface Palo Alto Networks firewall into an existing Microsoft Azure environment that has the following items already deployed: The following are required

  • Availability Set for the Firewall
  • VNET - with 2 subnets (Management + Untrust + Trust)
  • Resource Group for Firewall

Three Arm Firewall (Management + Untrust + Trust + VPN Interfaces)

This template was created to support the deployment of a 4 interface Palo Alto Networks firewall into an existing Microsoft Azure environment that has the following items already deployed: The following are required

  • Availability Set for the Firewall
  • VNET - with 3 subnets
  • Resource Group for Firewall

Three Arm Firewall WITHOUT an Availability Set (Management + Untrust + Trust + VPN Interfaces)

This template was created to support the deployment of a 3 interface Palo Alto Networks firewall into an existing Microsoft Azure environment that has the following items already deployed but is NOT a member of an availability set:

  • VNET - with 3 subnets
  • Resource Group for Firewall

FEATURES:

  • It is possible to choose the version of software the firewall is running. 7.1 or 8.0 (Latest)
  • The deployment SKU can also be choosen during deployment. BYOL, Bundle1 or Bundle2 are the available options.
  • Static IP addresses assignment is used for all the firewall interfaces.

The following managed disk types are supported:

                -Premium_LRS
                -Standard_LRS

The following VMs are supported:

                -Standard_D3
                -Standard_D4
                -Standard_D3_v2
                -Standard_D4_v2
                -Standard_DS3_v2
                -Standard_DS4_v2

NOTE: Make sure the VMs are supported in the specific Storage Account Type and Azure Region.

After deploying, this firewall can be intetgrated into a load balancer setup via the Azure Portal.