I`m trying to implement Traffic Manager, application gateway and Palo Alto Firewall. However, not sure what Is the right flow after Traffic Manager i.e.
I have NVA firewall in region 1 only and no firewall in region 2. App service and DB implemented in both regions
Example: Accessing a Web Server via Internet through Traffic Manager
Internet ---->Traffic Manager (using performance routing between 2 regions)----> Azure App Gateway - WAF ----> Target App Service
is it possible to protect the traffic with NVA firewall also or no need, what is the recommended design and traffic flow? and where to add Azure CDN?