Thursday, October 28, 2021

Azure Network Security Demo Lab Environment with new updates. v2.1


A new version of the Azure Network Security lab demo environment is now available in our GitHub Repository. As a result of the constant need to validate different architectures and the increasing additional features in our Network security suite (Azure Firewall, Web Application Firewall and DDOS Standard protection), the new demo lab when deployed, allow more feature tests to be validated.

This lab environment contains the recently GA Azure Firewall premium with Firewall Manager and Azure Frontdoor Premium.tobiotolorin_0-1635455554425.png

This new lab also provides the following on deployment:


  • Script to generate Self-signed certificate
  • VM with Bastion Access
  • Azure Keyvault integration

Lab owners will be able to use this lab to validate different architectures without the need to deploy individual components that may not be required for their specific scenario. This lab can then be removed by deleting the Resource group containing the resources.

Example POC scenarios that users of this lab may be looking to validate include:


  • Azure Firewall with Frontdoor and App Gateway plus Virtual Machines and Web App – This is one of the common scenarios that may be broken into deployment types based on network requirements such as preserving public IP addresses, inbound traffic inspection etc. More on the different architectures in this post


  • App Gateway plus Webapp – Application behavior with different WAF custom rules and WAF tuning. Example scenarios may tht you are looking to customize rule sets and validate the new improvements in Azure WAF for Application Gateway. 


  • Azure Premium Firewall and Virtual machines – Azure Firewall is encouraged when protecting your Azure Virtual Desktop deployments by passing all traffic through Azure firewall. This is also covered extensively in a previous post here.



  • Azure DDOS Protection Utilize the standard DDOS protection option in the demo lab to observe the response to volumetric attacks in a controlled environment


  • Azure Firewall Premium for intermediate Certificate Authority – In production environment, Enterprise KPI is often used to generate certificates. Azure Firewall Premium may however be used to manage Intermediate CA certificate. More information on using Azure Firewall to manage certs can be found in this doc.



There are different scenarios that may require a quick and ready lab testing such as IDPS validation, TLS inspectionAzure Firewall detection in Sentinel, Rule Processing Logic, Web Categories testing, automations among others.


The earlier  version 2.0 which contains the old demo lab environment will be maintained and made available for the rest of the year. This may be useful for customers looking to try out Azure Firewall standard migration to the new SKU and other legacy tests. We are excited to make this environment available to the community and are looking forward to your feedback.



Fore more information on Azure Network Security training, see the Network Security Ninja training.

Watch videos on:

New Detections, Hunting Queries and Response Automation in Azure Firewall Solution for Sentinel
Azure Premium Firewall - Deep Dive

Azure FrontDoor - Deep Dive


Posted at