Azure

Overview
If you are deploying an AppSec Gateway to protect an existing production website, we recommend you also read the HOW-TO guide for this particular deployment.
CloudGuard AppSec can be deployed as either a single virtual machine or a Scale-Set in Azure. It acts as a reverse proxy where before / after you can deploy Azure Load Balancers:
Make sure you obtain the <token> from the Enforcement Profile page, Authentication section. You will need it in during agent deployment.
​
​
Installation
Follow these steps to deploy CloudGuard AppSec in Azure using an ARM Template:
Step 1:  Azure Log in
Log in to to your Azure account.
Step 2: Verify required permissions
Verify that you have the required permissions:
Azure permissions
Microsoft.Resources:
Purchase Resource
Validate Deployment
Microsoft.Insights:
Update autoscale setting
Microsoft.Compute:
Create or Update Virtual Machine Scale Set
Microsoft.KeyVault: Update Access Policy
Microsoft.Network: 
Create or Update Public Ip Address
Create or Update Virtual Network
Create or Update Route Table
Create or Update Network Security Group
Create or Update Load Balancer
Microsoft.Storage:
Update Storage Account Create
​
If deploying VMSS with a new Azure Key Vault: 
Microsoft.KeyVault:
Update Key Vault
Write Secret
Step 3: Deployment using ARM Template
Open the CloudGuard AppSec Azure page: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/checkpoint.checkpoint_waap?tab=Overview.
Click the blue "Get It Now" button to start the configuration wizard.
   You have two options to store certificates:
Store Certificates in Azure
Store Certificates on Gateway
Store certificates on the AppSec Gateway
Store Certificates in Azure
Last modified 10mo ago