In the Previous Post, I've explained how to setup Palo Alto VMs in the same resource group including the network configuration and other configuration.

In this post, I will explain how to configure the Active and Passive Node from Azure side

Take a Look on the below design which is shared on Palo Alto Portal, as we will follow almost the same

For a long time I was thinking about hybrid cloud deploymentand, and how it becomes a very common option either azure to azure or On-premises, AWS, Google cloud, so I decided to share with you all the way to connect between with pro and Con of each one.

One of my customers has requested to deploy HA Palo Alto Firewalls on Azure, and since that time I suffered multiple time as I didn't find enough resources explaining the same so I decided to write this post and share my experience with everyone

Before I start I will explain the current Azure architecture Design I have. The below design explaining Microsoft best practices for deploying resources across Subscriptions and VNETs

read more :
​https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/migrate/azure-best-practices/migrate-best-practices-networking

Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability.

As I haired from a few customers that Azure firewall is a little bit expensive! and some of them they don't have a budget for test/dev environment,as it cost (approximately $100 monthly, per appliance). This price gets compounded if you need to deploy multiple Azure Firewall appliances per regional VNet

In this post we will explain how to deploy FortiGate NGFW for Azure, you can deploy the FortiGate for Azure as a virtual appliance in Azure cloud (infrastructure as a service)

Azure Virtual WAN is a networking service that provides optimized and automated branch-to-branch connectivity through Azure.

1. Connect any number of branches with multiple connections
2. Auto provisioning from branch office to Azure
3. Automated configuration download and connection enablement
4. Built for throughput and scalability
5. Unified monitoring and management CPE branch devices managed by a growing ecosystem of SD-WAN and VPN partners

Virtual WAN provides large-scale site-to-site connectivity and is built for throughput, scalability, and ease of use. ExpressRoute and point-to-site connectivity functionality is currently under Preview. CPE branch devices auto-provision and connect into Azure Virtual WAN. These devices are available from a growing ecosystem of SD-WAN and VPN partners