Forum Discussion
keithshort
Dec 09, 2021Copper Contributor
Can I use Azure Firewall for IDS capabilities between On-Prem and Azure VNETs?
The scenario I'm inquiring about is this:
On-Prem end of Expressroute circuit=>Azure end of Expressroute circuit=>Expressroute VNET Gateway=>Azure Firewall NVA=>Azure VNETs
Note - the Expressroute circuit has been up an running without issue for months. I'm just asking about inserting the Azure Firewall inline, so that we can have IDS capabilities.
Thanks
- ChrisBradshawIron ContributorThis should be fine- I’m running the Azure Firewall between the on-prem connection and the Azure VNETs, essentially using it as a data centre-perimeter firewall.
There is an example architecture provided by Microsoft which uses this: https://docs.microsoft.com/en-us/azure/architecture/reference-architectures/dmz/secure-vnet-dmz