question

alsavi1984-2195 avatar image
0 Votes"
alsavi1984-2195 asked suvasara-MSFT commented

Azure firewall rules redeploy

Good night,

I have a question about how to perform the following changes at azure firewall level.

We have an azure firewall which have hundred number of rules and it is growing very quickly. So ,we have planned to perform changes redepleying it's from zero to improve its management and efficiency at firewall level rules collection.

After reading several post we have found that it could be changed via scripting, but we want to know if anyone has used firewall manager.

Reading MSN docs, it won't be any additional money charges as it will only be performed in one appliance, but we have doubts it this tool could be useful for our case and overall efficient.

Neither we want to change our network infrastructure as other related options of firewall manager are related to deploy more firewalls by every vnet and it has associated obviously a money charge.

So, as experience engineers or people who have more knowledge that me as I'm newbie, could you recommend us any idea about it?

Have anyone performed this change at firewall level or have anyone used firewall manager?

I will be very grateful with your aid and conseils.

Thanks

azure-firewall-manager
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

suvasara-MSFT avatar image
0 Votes"
suvasara-MSFT answered suvasara-MSFT commented

@alsavi1984-2195, Azure Firewall policy is used to manage multiple firewall instances from a central point. A firewall policy simply consists of network rules, application rules, NAT rules, and threat intelligence settings. A firewall policy is a standalone resource that you can associate with Azure Firewalls using either AFM or its own resource in the Azure portal.

You can either associate the policy to an existing Azure Firewall or create a new Azure Firewall instance when creating a new policy through the wizard. Also, you can use PowerShell to migrate existing firewall rules that run on a standalone Azure Firewall to a firewall policy.

Here is the PowerShell script for your reference,
Migrate Azure Firewall configurations to Azure Firewall policy using PowerShell



Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.



· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@alsavi1984-2195 ,
Greetings,

If you think your question has been answered, click "Mark as Answer" if just helped click "Vote as helpful". This can be beneficial to other community members reading this forum thread.


Best regards
Subhash

0 Votes 0 ·