1

I just need some help to figure out if Azure Firewall is actually needed for the below architecture. Just to set some context, we are using a micro-services based architecture deployed in AKS. Apart from that we have already configured Web Application Firewall (WAF) for the Applications and SQL Firewall for the Databases. It you would be really helpful if someone could provide insights on the need for Azure Firewall and the reason for that conclusion. If Azure Firewall is not needed, Kindly let me know on how we can protect the exposed ports. Thanks in advance Please find the architecture diagram here

  • Can't answer it, but the architecture diagram looks like you may have an Azure *Standard Support* plan or higher? If that is the case, this includes *architecture support* from Microsoft directly. – Daniel Nov 03 '20 at 22:13

1 Answers1

0

Azure Firewall primarily provides 2 things:

  1. Outbound traffic filtering from your virtual network
  2. Inbound DNAT for incoming traffic into your network

If you need either of these, then you can look at using Azure Firewall. Without more details on your requirements we cannot say.

Sam Cogan
  • 38,158
  • 6
  • 77
  • 113