This is a continuation of the previous article on Firewalls, Network Virtual Appliances on Microsoft Azure public cloud. There are many choices to make for the appropriate use and security of the services and applications hosted on this public cloud especially given that a variety of devices can be onboarded as products from networking companies.  This article continues the discussion with an emphasis on the Azure Firewall.

Azure Firewall is a cloud-native security service that distinguishes it from a traditional NVA by offering its cloud-native security service as a stateful network and application-level service known as a firewall. Firewalls can easily be configured with REST-based APIs. 

Firewall gives you unprecedented flexibility with rules based on ip addresses. For example,

// create workspace

string workspaceName = TestUtilities.GenerateName("sampleworkspace");

var createWorkspaceParams = CommonData.PrepareWorkspaceCreateParams();

var workspaceCreate = SynapseClient.Workspaces.CreateOrUpdate(CommonData.ResourceGroupName, workspaceName, createWorkspaceParams);



// get workspace

var workspaceGet = SynapseClient.Workspaces.Get(CommonData.ResourceGroupName, workspaceName);

Console.WriteLine(workspaceGet.ProvisioningState.Equals("Succeeded"))



// create firewall rule

string firewallRuleName = TestUtilities.GenerateName("firewallrulesample");

var firewallRuleCreateParams = CommonData.PrepareFirewallRuleParams(CommonData.StartIpAddress, CommonData.EndIpAddress);

var firewallRuleCreate = SynapseClient.IpFirewallRules.CreateOrUpdate(CommonData.ResourceGroupName, workspaceName, firewallRuleName, firewallRuleCreateParams);



// get firewall

var firewallRuleGet = SynapseClient.IpFirewallRules.Get(CommonData.ResourceGroupName, workspaceName, firewallRuleName);

Console.WriteLine(workspaceGet.ProvisioningState.Equals("Succeeded"))



// update firewall

var firewallRuleUpdateParams = CommonData.PrepareFirewallRuleParams(CommonData.UpdatedStartIpAddress, CommonData.UpdatedEndIpAddress);

var firewallRuleUpdate = SynapseClient.IpFirewallRules.CreateOrUpdate(CommonData.ResourceGroupName, workspaceName, firewallRuleName, firewallRuleUpdateParams);



// delete firewall

SynapseClient.IpFirewallRules.Delete(CommonData.ResourceGroupName, workspaceName, firewallRuleName);