Loading...
 
HOME  /  BLOG  /  DEPLOYING FORTIGATE-VM ON AZURE: A STEP-BY-STEP GUIDE

Blog

Deploying FortiGate-VM on Azure: A Step-by-Step Guide

Introduction

Deploying FortiGate-VM on Microsoft Azure provides robust security features tailored for the cloud environment. This guide walks you through the entire deployment process, ensuring your FortiGate-VM is up and running seamlessly. See below for a step-by-step guide. 

Step1: Log in to the Azure Portal

 The Azure portal is the certal hub for managing Azure resources. Logging into the portal is the first step to accessing the services and resources Azure offers. 

  1. Navigate to the Azure portal at https://portal.azure.com.
  2.  Enter your credentials to log in to your Azure account. 

Step2: Create a New Resource 

Creating a new resource in Azure involves selecting the specific service or application you want to deploy. For this guide, we focus on deploying FortiGate-VM. 

  1. In the Azure portal, click on "Create a resource" in the middle of the homepage. 
  2. In the "Search the Marketplace" field type "Fortigate" and press enter. 
  3. Locate the "Fortinet FortiGate Next-Generation Firewall (VM)"  option in the search results.

 Note: Ensure you select the correct FortiGate solution that matches your deployment needs.

         4. Click the "Create" button associated with this option. 

         5. From the drop-down meny, select "Single VM" as shown in the screenshot below. 

The "Single VM" option is ideal for straightforward setups where high availability and scaling are not initially required. 

 

Step3: Configure the Basics 

Configuring the basic settings involves specifying essential parameters for your FortiGate VM deployment, such as subscription, region, and authentication details. 

1. Subscription: Select your Azure subscription.

- The Subscription defines the billing account under which your resources will be created and managed. 

2. Resource group: Either create a new resource group or select an existing one. 

- Resource groups help you manage and organize related resources in Azure. It's advisable to group resources that share the same lifecycle. 

3. Region: Choose the region where you want to deploy the FortiGate-VM. 

- Tip: Select a region closest to your users to minimize latency and improve performance. 

4. VM name: Provide a name for your virtual machine. 

- Best Practice: Use a naming convention that reflects the function or location of the VM. 

5. Image: Ensure the selected image is the desired FortiGate-VM version. 

- Different images might offer different features or improvements, so choose the one that fits your requirements. 

6. Size: Choose an appropriate VM size based on your requirements. 

- The size determines the VM's compute resources, such as CPU and memory. Ensure the selected size aligns with your perdormance needs and budget. 

 

Step4: Configure Networking 

Networking configuration defines how your FortiGate-VM will connect within Azure and potentially to external resources.

1. Select Virtual Network (VNet) and Subnet: 

- Select the virtual network (VNet) and subnet where the FortiGate-VM will be deployed. IF you don't have a VNet, you can create a new one. 

 - VNets allow you to segment your resources into isolated networks for security and performance reasons. 

2. Configure Public IP Address: 

- Configure the public IP address settings if you need to expose the FortiGate-VM to the internet. 

- A public IP address is necessary for remote access and management if you intend to manage the FortiGate-VM from outside the Azure environment. 

 3. Manage Network Security Group (Firewall): 

- For Network security group (firewall), create or select an existing security group to manage inbound and outbound traffic rules. 

- Network security groups act as virtual firewalls, controllng traffic to and from your VM. Ensure you have the necessary rules to allow management and pplication traffic. 

 Step5: Review and Create 

This step involves reviewing all configurations to ensure everything is correctly set before deploying the VM. 

1. Click on the "Review + create" button to validate the configuration. 

  • Tip: Double - check all settings to avoid misconfigurations that could result in deployment failures or unexpected behavior. 

2. Azure will validate the deployment settings. IF there are any errors, address them as prompted. 

  • Note: Common issues include incorrect resource group names, missing configurations, or insufficient permissions. 

3. Once validation passes, review all the configurations to ensure they are correct. 

4. Click on "Create" to start the deployment. 

Conclusion

Deploying FortiGate-VM on Azure involves configuring several essential parameters, such as network settings, VM size, and authentication methods. By following the steps outlined in this guide, you can ensure a smooth deployment, providing your cloud environment with the robust security features offered by FortiGate. 

 

Christodoulos Antoniades, an Engineer at the IBSCY team. He holds a BSc in Computer Science from the University of Sunderland. He joined the IBSCY team in 2021.

In his years with the company, he has cultivated his expertise and acquire several professional certifications, including Microsoft 365 Certified: Fundamentals, Microsoft Certified: Azure Administrator Associate, Microsoft Certified: Azure Network Engineer Associate, and Yeastar Certified Cloud Associate. 

Latest Articles
Configuring Microsoft Defender for Endpoint Using Microsoft Best Practices

Configuring Microsoft Defender for Endpoint Using Microsoft Best Practices

Implementing Microsoft Defender for Endpoint effectively involves several key steps. These include leveraging threat-hunting capabilities to proactively ...more