Has anyone had any experience with deploying an Fortinet firewall VM on Azure in a VNet? I want to extend on-premise firewall policies and protections to an RDS farm deployment in Azure (IaaS, hence VNet).
Also, anybody know if Fortinet has a schedule to release FortiManager and/or FortiAnalyzer on Azure? They are only offered on AWS right now, and I would prefer not to have to add AWS to the mix if I want to roll these out.
On the 1st part yes we deployed the VM for a demo . On the 2nd part(s0; no, I don't recall ever FTNT and MS ever getting to agreement for other FTNT products in the azure cloud solution.We use the real manager-appliance & with a tunnel from our real DC to the vCloud and it worked fine btw.
If you need to manage other FGTfws and have an existing manager than it just simpler to run the virt-instance across a tunnel back to corp at the real or virtual appliance be done. No need to install it a remote-cloud unless that's your only datacenter.
As far as Virt-FWAppliance it worked fine but we had issues within the memory allocation that support never figured out. Our pass lame SSE team also never completed the POC so we dropped the whole azure and FTNT solution & abandon the case with support so I can't comment if the appliance was the issue or azure but as far as my understanding the image in the azure mktplace is the exact same image anywhere else so it should just work.
IMHO: I would strike up a license and roll out a POC before getting fully involved.
I want to move everything possible to public cloud, with minimal on premise server(s). But I want to extend the security model that I have across physical offices to what runs in the cloud. This wasn't a huge concern for me when I started with domain controllers and some IT application workloads in Azure IaaS, but now putting an RDS farm in there it's a gaping hole in my opinion if the web browsing, etc. is wide open there, while users on local laptops and desktops in offices are behind UTM firewall.
I have no existing FM or FA, so not locked in to any hardware. But as I am looking at number of sites expanding, these are things I want to look at soon. So I'm not tethered to any hardware at this point, and hence would not pick hardware if public cloud can achieve the same thing. I would just prefer to have all in Azure instead of breaking things up between Azure and AWS if I can avoid it.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.