Share via

Azure firewall rules redeploy

alsavi1984 21 Reputation points
2021-02-04T20:31:16.43+00:00

Good night,

I have a question about how to perform the following changes at azure firewall level.

We have an azure firewall which have hundred number of rules and it is growing very quickly. So ,we have planned to perform changes redepleying it's from zero to improve its management and efficiency at firewall level rules collection.

After reading several post we have found that it could be changed via scripting, but we want to know if anyone has used firewall manager.

Reading MSN docs, it won't be any additional money charges as it will only be performed in one appliance, but we have doubts it this tool could be useful for our case and overall efficient.

Neither we want to change our network infrastructure as other related options of firewall manager are related to deploy more firewalls by every vnet and it has associated obviously a money charge.

So, as experience engineers or people who have more knowledge that me as I'm newbie, could you recommend us any idea about it?

Have anyone performed this change at firewall level or have anyone used firewall manager?

I will be very grateful with your aid and conseils.

Thanks

Azure Firewall Manager
Azure Firewall Manager
An Azure service that provides central network security policy and route management for globally distributed, software-defined perimeters.
85 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. suvasara-MSFT 10,011 Reputation points
    2021-02-09T11:26:37.38+00:00

    @alsavi1984 , Azure Firewall policy is used to manage multiple firewall instances from a central point. A firewall policy simply consists of network rules, application rules, NAT rules, and threat intelligence settings. A firewall policy is a standalone resource that you can associate with Azure Firewalls using either AFM or its own resource in the Azure portal.

    You can either associate the policy to an existing Azure Firewall or create a new Azure Firewall instance when creating a new policy through the wizard. Also, you can use PowerShell to migrate existing firewall rules that run on a standalone Azure Firewall to a firewall policy.

    Here is the PowerShell script for your reference,
    Migrate Azure Firewall configurations to Azure Firewall policy using PowerShell

    ----------

    Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.