Azure firewall rules processing logic

Venu Gopal Krishna VV 100 Reputation points
2023-07-25T06:10:27.5766667+00:00

Hi All,

need some help in Azure firewall processing logic, i have two rule collection group in the application group as below.

i have google.com in both allow and deny action group. ideally lowest priority number will process fist, as shown below deny group has the highest priority and google.com shouldn't be allowed.

initially when this was implemented google.com was denied but all of a sudden, we are seeing google.com allowed though we have it mentioned in the deny action group. can someone please help on this. is there any change from Microsoft ? or am i missing something.

appreciate for help in this

User's image

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
533 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,020 questions
{count} votes