Deployment of a single FortiWeb Web Application Firewall accompanied by the required infrastructure.

In Microsoft Azure, this single FortiWeb-VM pulls a basic setup to start exploring the capabilities of the Web Application Firewall. The central system will receive all or specific traffic that needs inspection going to/coming from on-prem networks or the public internet.

This deployment will automatically create a full working environment containing the following components. It is possible to reference an existing VNET. In that case, the external and internal subnets need to be created or exist in the existing VNET.

This active/active pair of FortiWeb-VMs communicates with each other and the Azure fabric probes the systems for availability. This FortiWeb setup will receive the traffic to be inspected using the public IP. A load balancer will be deployed to distributes traffic to all the HA members. If an instance is down, it will be ignored by the load balancer for traffic distribution. If the failed instances is the primary node, one of the secondary instances immediately takes its role to become the new primary.