We’re in the early research phase of implementing an Azure Firewall, behind which we will be placing existing non-domain-joined Azure VMs that act as web servers hosting our corporate website.<\/p>\n
Today, we have a load balancer in place that balances sessions and persistence and we’d like to be more aggressive with what requests we let in - namely geolocation based.<\/p>\n
I welcome your experiences if you have recently implemented an Azure Firewall in your tenant.<\/p>","upvoteCount":6,"answerCount":4,"datePublished":"2025-07-15T19:42:31.128Z","author":{"@type":"Person","name":"systemsadministrator1446","url":"https://community.spiceworks.com/u/systemsadministrator1446"},"suggestedAnswer":[{"@type":"Answer","text":"
We’re in the early research phase of implementing an Azure Firewall, behind which we will be placing existing non-domain-joined Azure VMs that act as web servers hosting our corporate website.<\/p>\n
Today, we have a load balancer in place that balances sessions and persistence and we’d like to be more aggressive with what requests we let in - namely geolocation based.<\/p>\n
I welcome your experiences if you have recently implemented an Azure Firewall in your tenant.<\/p>","upvoteCount":6,"datePublished":"2025-07-15T19:42:31.196Z","url":"https://community.spiceworks.com/t/azure-firewall-implementation/1224067/1","author":{"@type":"Person","name":"systemsadministrator1446","url":"https://community.spiceworks.com/u/systemsadministrator1446"}},{"@type":"Answer","text":"
Didn’t even know that was a thing…but it might solve a hypothetical I’ve been pondering and keep some future potential costs down! I’ll keep this in my back pocket for a bit <\/p>","upvoteCount":1,"datePublished":"2025-07-15T20:01:52.147Z","url":"https://community.spiceworks.com/t/azure-firewall-implementation/1224067/2","author":{"@type":"Person","name":"Jay-Updegrove","url":"https://community.spiceworks.com/u/Jay-Updegrove"}},{"@type":"Answer","text":"
I suggest looking at cloudflare WAF (web application firewall) also. It is on my upcoming project lists, and I have been advised its better (easier to manage and use, more effective) than the Azure equivalents.<\/p>\n
In my research you can even combine it with cloudflare tunnels so you can keep your Web servers in a private network and not directly expose your machines to the internet.<\/p>","upvoteCount":1,"datePublished":"2025-07-17T14:20:37.372Z","url":"https://community.spiceworks.com/t/azure-firewall-implementation/1224067/3","author":{"@type":"Person","name":"molan","url":"https://community.spiceworks.com/u/molan"}},{"@type":"Answer","text":"
Hello. As someone that deployed an Azure Firewall, I would strongly suggest a different type of virtual firewall in azure. While it is cost effective it is definitely a bit harder to grasp and not so straight forward to manage. Logging is all done through the workspace analytics. I have been using it for 2 years and currently migrating to a virtual palo alto.<\/p>","upvoteCount":1,"datePublished":"2025-07-17T16:02:16.669Z","url":"https://community.spiceworks.com/t/azure-firewall-implementation/1224067/4","author":{"@type":"Person","name":"popeyesailzzz","url":"https://community.spiceworks.com/u/popeyesailzzz"}}]}}