Do Azure Firewall at VNet blocks any log analytics workspace data

AzureUser-9588 151 Reputation points
2020-11-11T08:39:48.017+00:00

I have a set of VMs spread across different VNets, these VMs logs data to Log Analytics workspace and these VNets are connected via Hub-Spoke topology. Looking to implement Azure Firewall at Hub to increase the security across my VNet resources.
Now I would like to understand if newly using a Azure Firewall at VNet will have any impact on underlying VMs sending logs to Log Analytics workspace? Do I need to explicitly enable any ports/URLs/IPs, which might be required for on-premises firewall scenarios? Are there any known issues with this setup?

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,315 questions
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
678 questions
Azure Firewall Manager
Azure Firewall Manager
An Azure service that provides central network security policy and route management for globally distributed, software-defined perimeters.
92 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Roderick Bant 2,051 Reputation points
    2020-11-11T12:00:07.593+00:00

    According to the Log Analytics agent firewall requirements you should allow outbound traffic on port 443 to the following:

    Agent Resource Ports Direction Bypass HTTPS inspection
    *.ods.opinsights.azure.com Port 443 Outbound Yes
    *.oms.opinsights.azure.com Port 443 Outbound Yes
    *.blob.core.windows.net Port 443 Outbound Yes
    *.azure-automation.net Port 443 Outbound Yes


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.