The Virtual Network, the fundamental building block in the cloud IaaS service, is working different way compared to traditional networks. Therefore, network devices such as firewalls should be configured differently. Default routing in the virtual network should be altered to make sure all traffic travels via the firewall. Some firewall features such as high availability is not working the same way compared to on-premises deployment, because of cloud limitations. Load balancer should be implemented instead of high availability feature. As we have new tools and a new environment, a new process to deploy firewalls in a cloud environment is needed.

The aim of this research was to find a process to implement a Palo Alto Networks firewall in Azure, which would standardize the configuration while minimizing the deployment time and create an implementation guide based on the selected process.

Azure Portal, Azure CLI and Azure Resource Manager Templates were evaluated for implementing the firewall. Azure Resource Manager Template was selected, as it is very fast and support automation.

An ARM template was created based on Palo Alto Networks “Azure Architecture Guide”. The ARM template uses parameters to create resources in Azure. To minimize the template file modification, parameters values are provided with a parameters file in .json format. Using separate parameters files allows to use the same ARM template to implement a firewall in different customer environments.

A Python script was developed to create parameters file in a correct format using an Excel file as input. The Excel file was used to collect information such as IP addresses, FQDNs etc. from customer.

The results of this study show how ARM templates can be used to build an infrastructure in Azure, including Palo Alto Networks firewalls, load balancers, virtual network, and subnets. Using ARM templates minimizes the time required for deployment significantly. Almost all process is automated where very little input needed from the expert, therefore it also minimizes the human error.