It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda Web Application Firewall
Overview Documentation Training Certification Materials

Deploying the Barracuda Web Application Firewall Virtual Machine Scale Sets (VMSS) - PAYG Instance in Microsoft Azure

  • Last updated on

Before proceeding with deploying the Barracuda Web Application Firewall (WAF) VMSS, do the following:

Step 1. Create a Resource Group

To create a resource group, perform the following steps:

  1. Log into the Microsoft Azure Portal.
  2. Click Resource groups in the left panel.

              Resource_Group.png
  3. In the Resource groups page, click Add and specify values for the following:
    1. Resource group name: Enter a name for the resource group.
    2. Subscription: Select the subscription in which you want to create the resource group.
    3. Resource group location: Select a location for the resource group.
    4. Click Create.

      Create_Resource_Group.png

Step 2. Create a Storage Account

Perform the following steps to create a storage account:

  1. Log into the Microsoft Azure Portal.
  2. Click New in the left panel, and type Storage Account in the Search field.
  3. In the search results, select Microsoft Storage account.

       Storage_Account.png
  4. In the Storage account – blob, file, table, queue page, click Create.

       Create_SA.png
  5. In the Create storage account page:
    1. Name: Enter a name for the storage account.
    2. Deployment model: Ensure the deployment model is set to Resource Manager.
    3. Account kind: Select the type of storage account that needs to be created. Default: General purpose
    4. Performance: Select the performance tier as required.
    5. Replication: Select the replication option for the storage account.
    6. Secure transfer required: Select Enabled if you want to transfer the data into or out of storage account. Default: Disabled.
    7. Subscription: Select the subscription in which you want to create the storage account. Note: Ensure that the subscription for the storage account and the resource group is same.
    8. Resource group: Select the resource group created in Step 1. Create a Resource Group.
    9. Location: Select the location for the storage account. Note: Ensure that the location for the storage account and the resource group is same.
    10. Click Create.

      Create_storage_account.png

Deploying the Barracuda WAF VMSS

Perform the following steps to deploy the Barracuda WAF VMSS instance:

  1. Log into the Microsoft Azure Portal.
  2. Click Marketplace at the bottom of the screen.
  3. In the Everything page, type Barracuda WAF VMSS Template in the Search text field.
  4. In the search results, select Barracuda WAF VMSS Template - PAYG.

    Barracuda_WAF_VMSS_Template_Search.png
  5. In the Barracuda WAF VMSS Template - PAYG page:
    1. Read the product overview.
    2. Click Create.

      WAF_VMSS_Template_PAYG.png
  6. In the Create Barracuda WAF VMSS Template - PAYG > 1 Basics page:
    1. Barracuda WAF VMSS Set Name: Enter a name for the Barracuda WAF VMSS.
    2. Password: Enter a password for authentication. This will be your password to access the Barracuda WAF web interface.
    3. Confirm Password: Re-enter the password for confirmation.
    4. Billing Method: Select Pay as You Go (Hourly Billing) form the drop-down list as your billing method.
    5. Firmware Version: From the drop-down list, select the firmware version on which your instance is deployed.
    6. Subscription: Select the subscription from the drop-down list.
    7. Resource group: Create a new resource group or select a resource group that is empty from the existing Resource group list.
    8. Location: Select a location for the Barracuda WAF VMSS.
    9. Click OK.

      Basic_Settings.png
  7. In the Create Barracuda WAF VMSS Template - PAYG > 2 Deployment Options page:
    1. Barracuda WAF Instance Size: Select a size for the instance.

    2. Storage Account: Create a new storage account or select a storage account from the existing Storage account list.

      The storage account should be in the same region where the Barracuda WAF VMSS instance needs to be deployed.

    3. Virtual network: Create a new virtual network, or select a virtual network from the existing Virtual network list in which you want to deploy the Barracuda WAF VMSS.
    4. Subnets: Review the subnet configuration and modify if required.
    5. New Public IP address name: Enter a name for the public IP address associated with the Barracuda WAF VMSS.
    6. Domain name for accessing the Barracuda WAF: Enter the domain for the Barracuda WAF VMSS.
    7. Boot diagnostics: When Enabled, the boot up debug logs gets saved in the specified storage account.
    8. Click OK.

      Deployment_Options.png
  8. In the Create Barracuda WAF VMSS Template - PAYG > 3 Azure Auto Scaling Configuration page:
    1. Instance Count
      1. Initial Instances: Enter the number of instances to be deployed initially to serve the traffic. Default: 2
      2. Maximum Instances: Enter the maximum number of instances to be scaled up to handle the traffic when required. Default: 5

      3. Minimum Instances: Enter the minimum number of instances to be scaled down when the traffic less. Default: 2

        - Ensure that the Minimum Instances are lesser than or same as the Initial Instances.

        - If the Initial Instances value is less than the Minimum Instances, the deployment of instances will fail.

      4. Overprovisioning: When set to Enable, the VMSS spins up more number of virtual machines than what is required to handle the traffic.

    2. Scale Up Thresholds
      1. CPU%: Enter the scale up threshold for CPU utilization. Default: 85%
      2. Network In: Enter the scale up threshold for NetworkIn throughput. Default: 9175040
      3. Network Out: Enter the scale up threshold for NetworkOut throughput. Default: 9175040
    3. Scale Down Thresholds
      1. CPU%: Enter the scale down threshold for SPU utilization. Default: 60%
      2. Network In: Enter the scale down threshold for NetworkIn throughput. Default: 5242880
      3. Network Out: Enter the scale down threshold for NetworkOut throughput. Default: 5242880
    4. Notification Email ID(s) in CSV Format: Enter the email address to which the auto scaling event notification emails needs to be sent.
    5. Click OK.

      Auto_Scaling_Configuration.png
  9. In the Create Barracuda WAF VMSS Template - PAYG > 4 Azure API Configuration page:
  10. Authentication Method: Select the authentication method to authenticate to Azure Active Directory (AAD).
    1. Azure AD Credentials
      1. Azure User ID: Enter the user name to authenticate to the AAD.
      2. Azure User Password: Enter the password associated with user.
      3. Confirm Password: Re-enter the password to confirm.
    2. Azure Service Principal
      1. Client ID: Enter the ID of the application in AAD.
      2. Tenant ID: Enter the ID of the Active Directory tenant.
      3. Azure Secret Key: Enter the secret key generated.
    3. Click OK.

      Service_Principal.png
  12. In the Create Barracuda WAF VMSS Template - PAYG > 5 Barracuda WAF Bootstrap Settings page.
    1. Cluster Shared Secret: Enter a password to be used by the Barracuda WAF instances in the VMSS group.
    2. Confirm Shared Secret: Re-type the shared secret password.
    3. Bootstrap Method: Select the method (NONE, BASIC or BACKUP) for bootstrapping.
    4. Basic Bootstrap Configuration
      1. WAF Service Name: Enter a name for the service that needs to be created on the Barracuda WAF instances.
      2. WAF Service Port: Enter the port number on which the service is listening to.
      3. Backend Servers (IP:PORT): Enter the IP address of the server followed by the port that needs to be protected by the Barracuda WAF. Use comma (,) as a separator to specify multiple server IP addresses.
    5. Backup Bootstrap Configuration
      1. Azure Storage Account Name: Enter the name of the storage account.
      2. Azure Storage Account Key: Enter the key of the storage account.
      3. Azure Storage Blob Name: Enter the name of the blob configured in the storage account.
      4. Type of Backup File: Select the appropriate backup file from the drop-down list
      5. Barracuda WAF Backup File Name: Enter the name of the backup file that you want to use for bootstrapping the instances.
    6. OMS Workspace Details
      1. OMS Workspace ID: Enter the workspace ID of the OMS server (if any).
      2. OMS Workspace Primary Key: Enter the primary key of the OMS server.
    7. Click OK.

      Backup_Bootstrap.png
  13. In the Create Barracuda WAF VMSS Template - PAYG > 6 Azure Load Balancer Configuration page:
    1. Health Probe Settings
      1. Protocol: Select TCP or HTTP. It is recommended to use the TCP protocol.
      2. Port: Enter the port to be used when probing the instance.
      3. Interval: Enter the interval time to probe the instance.
      4. Unhealthy threshold: Enter how many attempts can fail before the backend instance is marked as unhealthy.
    2. Load Balancer Rule Settings
      1. Port: Enter the port on which the load balancer is listening.
      2. Backend Port: Enter the port on which the Barracuda WAF is listening.
      3. Session Persistence: Select the persistence type.
    3. EULA Acceptance Details
      1. User Name: Enter the username of the user signing the EULA agreement.
      2. Email ID: Enter the Email ID of the user signing the EULA agreement.
      3. Company Name: Enter the user's company name.
      4. Domain Name: Enter the domain name for the Barracuda WAF VMSS.
    4. Click OK.

      Load_Balancer_Configuration.png
  14. In the Create Barracuda WAF VMSS Template - PAYG > 7 Summary page, verify the values you entered and click OK.

    Summary.png
  15. In the Create Barracuda WAF VMSS Template - PAYG > 8 Buy page, read the Terms of use | privacy policy and click Create.

    Buy.png