It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

Azure Security Center Integration

  • Last updated on

The Azure Security Center aims to prevent, detect, and respond to threats to your resources in Azure. Based on your existing setup, the Azure Security Center recommends ways for you to secure your VMs. VMs in backend subnets must be protected by a network security group. The configuration of the firewall VM is tailored to secure incoming traffic for specific services using a Dst NAT access rule with a dynamic NAT connection method. If you also want to route outgoing traffic over the firewall, you must enable IP forwarding and add an Azure route table with UDR routes. CloudGen Firewalls deployed through the Security Center are automatically configured to send the following status information and threat logs to the Azure Security Center:

  • CPU load
  • Disk space
  • Service status
  • License state
  • Dropped Azure EventHub messages
  • Incident reports for all threat Logs

Before You Begin

Create a dedicated subnet for the firewall in your virtual network to be able to route incoming and outgoing traffic over the firewall.

Step 1. Deploy through Azure Security Center Recommendations

  1. Go to https://portal.azure.com.
  2. In the left menu, click More Services and go to the Security Center.
    asc_01.png
  3. Click Overview, and in the Prevention section, click Networking. The Networking blade opens.
    asc_02.png
  4. Click on NGFW not installed.
    asc_03.png
  5. In the Add a Next Generation Firewall blade, click on the endpoint you want to protect with the firewall.
    asc_04.png
  6. Click Create New to create a new firewall VM, or select an existing firewall from the list to protect your resources.

Step 2. (optional) Configure the Firewall VM to Handle Outgoing Traffic

For the firewall to handle outgoing traffic for the backend VMs, you must configure the following: