If you think your question has been answered, click "Mark as Answer" if just helped click "Vote as helpful". This can be beneficial to other community members reading this forum thread.
Best regards
Subhash
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
People,
I need some help in planning and deploying Azure Firewall.
What's the best practice and the steps to configure it properly for multi-region deployments to protect workload like:
Thanks in advance.
If you think your question has been answered, click "Mark as Answer" if just helped click "Vote as helpful". This can be beneficial to other community members reading this forum thread.
Best regards
Subhash
@EnterpriseArchitect , Azure Firewall can be deployed in a central virtual network and peer other virtual networks to it in a hub-and-spoke model. You can then set the default route from the peered virtual networks to point to this central firewall virtual network. Global VNet peering is supported, but it isn't recommended because of potential performance and latency issues across regions. For best performance, deploy one firewall per region.
The advantage of this model is the ability to centrally exert control on multiple spoke VNETs across different subscriptions. There are also cost savings as you don't need to deploy a firewall in each VNet separately.
----------
Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.