Deploying F5’s Web Application Firewall in Microsoft Azure Security Center

Deploying F5’s Web Application Firewall in Microsoft Azure Security Center


Welcome to this tutorial on how to deploy F5s web application firewall or WAF to protect an application Deployed in Microsoft Azure Before you begin you’ll need an existing web application deployed in Azure you want to protect with F5’s WAF And an F5 license token for each instance of F5s web application firewall you want to use To get started in the left pane click Security center next click the recommendations chart from the list of recommendations click add a web application firewall a list of available web applications opens in a new pane From the application list select the application you want to secure click create new and then click F5 networks The new page with useful information and links appears at the bottom of the page click create First select the number of machines you want to deploy. In this case we’re deploying two machines for redundancy and high availability Review the hosts entry and then in the password field type a unique password You can click pricing tier for information about sizing and pricing When you are satisfied at the bottom of the pane click the ok button Next in the licensed token field copy and paste your F5 license tokens if you’re only deploying one machine You’ll only see one field For security blocking level you can select low medium or high click the icon for a brief description of each level from the application type list select the application you want to protect and then click ok Once you see two check marks Click the create button Azure begins the process of deploying the F5 WAF for your application this process can take up to 60 minutes You can click the notification icon to see the status of the deployment You’ll receive another notification for measurer when it is completed deploying the F5 WAF after the WAF has successfully deployed we recommend you test your new F5 WAF Future video will show techniques for sending traffic to the WAF and ensuring this traffic is properly handled or blocked Once you’re satisfied with the functionality of the WAF you must finalize the configuration this includes changing the DnS record for your web application From the current server IP to the IP of the WAF When you’re ready click Security Center again in the left pane and then click the recommendations panel Click finalize Web Application Firewall Setup and then click your web application Again ensure you have changed the DnS settings for your web application and then check the box When you’re ready click restrict traffic Azure gives you a notification that it is finalizing the web application firewall setup You will receive another notification when it is complete And when it’s complete your web application will be secured with F5 Networks. Thank you for watching this video

Danny Hutson

1 thought on “Deploying F5’s Web Application Firewall in Microsoft Azure Security Center

  1. Can you explain how this works with certificates? Are you faking a man in the middle attack? Will this work with an App Service Plan deployed to an ASEv2 in a Vnet?

Leave a Reply

Your email address will not be published. Required fields are marked *