To use your Barracuda CloudGen Firewall to its fullest extent on the Microsoft Azure platform, configure the firewall to integrate with the services offered by the cloud platform. Azure Cloud integration allows the firewall to connect directly to the Azure service fabric to rewrite Azure User Defined Routes and to monitor the IP Forwarding setting of the NIC of your firewall VM.
Azure Cloud Integration
To be able to deploy and run a high availability firewall cluster in Azure, the firewall must be able to rewrite Azure User Defined Routes and monitor the IP Forwarding setting of the NIC of your firewall VM. If a global HTTP proxy is configured, all REST API calls are sent via the proxy. An Entra ID application and management certificate are used to authenticate each REST API call.
For more information, see How to Configure Azure Cloud Integration Using ARM.
Data Disks
Add multiple data disks to your firewall or Control Center VM to better optimize accessing your disks in the Azure storage account. Data disks can be added during deployment, or attached to existing firewall or Control Center VMs. Data on the existing /phion0 partition must be migrated via shell script to the data disk RAID array.
For more information, see How to Add and Remove Data Disks in Azure using ARM.
Syslog Streaming to Azure Log Analytics
To stream log data from your firewall to a Log Analytics workspace in Microsoft Azure, you must configure Azure Cloud integration and configure syslog streaming on the firewall to send the syslog stream to Azure Log Analytics. On the Azure side, the virtual machines are connected to the Log Analytics workspace. All selected log files are then streamed to Azure Log Analytics, where they can be stored, analyzed, or processed.
For more information, see How to Configure Log Streaming to Microsoft Azure Log Analytics.