Links

Azure

Overview

If you are deploying an AppSec Gateway to protect an existing production website, we recommend you also read the HOW-TO guide for this particular deployment.
CloudGuard AppSec can be deployed as either a single virtual machine or a Scale-Set in Azure. It acts as a reverse proxy where before / after you can deploy Azure Load Balancers:
Make sure you obtain the <token> from the Enforcement Profile page, Authentication section. You will need it in during agent deployment.

Installation

Follow these steps to deploy CloudGuard AppSec in Azure using an ARM Template:

Step 1: Azure Log in

Log in to to your Azure account.

Step 2: Verify required permissions

Verify that you have the required permissions:
Azure permissions
Microsoft.Resources:
Purchase Resource
Validate Deployment
Microsoft.Insights:
Update autoscale setting
Microsoft.Compute:
Create or Update Virtual Machine Scale Set
Microsoft.KeyVault: Update Access Policy
Microsoft.Network:
Create or Update Public Ip Address
Create or Update Virtual Network
Create or Update Route Table
Create or Update Network Security Group
Create or Update Load Balancer
Microsoft.Storage:
Update Storage Account Create
If deploying VMSS with a new Azure Key Vault:
Microsoft.KeyVault:
Update Key Vault
Write Secret

Step 3: Deployment using ARM Template

You have two options to store certificates: