QuickStart: Get started with Cloud NGFW by Palo Alto Networks
In this quickstart, you use Azure Marketplace to find and create an instance of Cloud NGFW by Palo Alto Networks - an Azure Native ISV Service resource.
Create a new Cloud NGFW by Palo Alto Networks resource
In this section, you see how create a Palo Alto Networks resource.
Basics
In the Azure portal, create a Cloud NGFW by Palo Alto Networks resource using the Marketplace. Use search to find Cloud NGFW by Palo Alto Networks. Then, select Subscribe. Then, select Create.
Set the following values in the Basics tab.
Property Description Subscription From the drop-down, select your Azure subscription where you have owner access. Resource group Specify whether you want to create a new resource group or use an existing one. A resource group is a container that holds related resources for an Azure solution. For more information, see Azure Resource Group overview. Name Put the name for the Palo Alto Networks account you want to create. Region Select an appropriate region. Pricing Plan Specified based on the selected Palo Alto Networks plan.
Networking
After completing the Basics tap, select the Next: Networking to see the Networking tab. 1. Select either Virtual Network or Virtual Wan Hub.
Use the dropdowns to set the Virtual Network, Private Subnet, and Public Public Subnet associated with the Palo Alto Networks deployment.
For Public IP Address Configuration, select either Create New or Use Existing and type in a name for Public IP Address Name(s).
Select the checkbox Enable Source NAT to indicate your preferred NAT settings.
Security Policy
After setting the Domain Name System (DNS) values, select the Next: Security Policy to see the Security Policies tab. You can set the policies for the firewall using this tab.
Select checkbox Managed By to indicate either Azure Portal or Palo Alto Networks Panorama.
For Choose Local Rulestack, select either Create New or Use Existing options.
Input an existing rulestack in the Local Rulestack option.
Select the checkbox Best practice rule to indicate Firewall mode or IDS mode options.
DNS Proxy
After completing the Security Policies values, select the Next: DNS Proxy to see the DNS Proxy screen.
Select the checkbox DNS Proxy to indicate Disabled or Enabled.
Tags
You can specify custom tags for the new Palo Alto Networks resource in Azure by adding custom key-value pairs.
Select Tags.
Type in the Name and Value properties that you need.
Property Description Name Name of the tag corresponding to the Azure Palo Alto Networks resource. Value Value of the tag corresponding to the Azure Palo Alto Networks resource.
Terms
Next, you must accept the Terms of Use for the new Palo Alto Networks resource.
Select Terms.
Select the checkbox I Agree to indicate approval.
Review and create
Select the Next: Review + Create to navigate to the final step for resource creation. When you get to the Review + Create page, all validations are run. At this point, review all the selections made in the Basics, Networking, and optionally Tags panes. You can also review the Palo Alto and Azure Marketplace terms and conditions.
After reviewing all the information, select Create. Azure now deploys the Cloud NGFW by Palo Alto Networks.
Deployment completed
Once the create process is completed, select Go to Resource to navigate to the specific Cloud NGFW by Palo Alto Networks resource.
Select Overview in the Resource menu to see information on the deployed resources.
Next steps
Get Started with Cloud Next-Generation Firewall by Palo Alto Networks on