The FortiGate Next-Generation Firewall for Microsoft Azure is deployed as a virtual appliance in Microsoft’s Azure cloud (IaaS). This section shows you how to install and configure a single instance FortiGate-VM virtual appliance in Microsoft Azure to provide a full NGFW/UTM security solution in front of Microsoft Azure IaaS resources.
This section covers the deployment of simple web servers, but this type of deployment can be used for any type of public resource protection, with only slight modifications. With this architecture as a starting point, you can implement more advanced solutions, including multi-tiered solutions.
In this document, two subnets are created: Subnet1, which is used to connect the FortiGate-VM to the Microsoft Azure Virtual Gateway, and Subnet2, which is used to connect the FortiGate-VM and the web server.