To use your Barracuda NextGen Firewall to its fullest extent on the Microsoft Azure platform, configure the firewall to integrate with the services offered by the cloud platform. Azure Cloud integration allows the firewall to connect directly to the Azure service fabric to rewrite Azure User Defined Routes and to monitor the IP Forwarding setting of the NIC of your firewall VM.
Azure Cloud Integration
To be able to deploy and run a high availability firewall cluster in Azure, the firewall must be able to rewrite Azure User Defined Routes and monitor the IP Forwarding setting of the NIC of your firewall VM. If a global HTTP proxy is configured, all REST API calls are sent via the proxy. An Azure AD Application and management certificate are used to authenticate each REST API call.
For more information, see How to Configure Azure Cloud Integration using ARM and How to Configure Azure Cloud Integration using ASM.
Add multiple data disks to your firewall or Control Center VM to better optimize accessing your disks in the Azure storage account. Data disks can be added during deployment, or attached to existing firewall or Control Center VMs. Data on the existing /phion0 partition must be migrated via shell script to the data disk RAID array.
For more information, see How to Add and Remove Data Disks in Azure using ARM and How to Add and Remove Data Disks in Azure using ASM.
Syslog Streaming to Microsoft OMS
To stream log data from your firewall to Microsoft OMS in Azure, you must configure Azure Cloud integration and configure syslog streaming on the firewall to send the syslog stream to Azure OMS. On the Azure side, the virtual machines are connected to the OMS workspace. All selected log files are then streamed to Azure OMS, where they can be stored, analyzed, or processed.
For more information, see How to Configure Azure OMS Log Streaming.