Azure Firewall Policy during region failure

Sourav 21 Reputation points
2021-10-06T11:47:54.8+00:00

I have the below architecture in Azure -

138100-image.png

Two Virtual Network -- vnet1 (region: East US), vnet2 (region: West US)
Two Firewall -- fw1(on vnet1, East US) , fw2(on vnet2, West US)
One Firewall Policy in East US -- fwpolicy(attached to both fw1 and fw2)

Now my question is -

  1. If the East US region goes down, will the policy still be accessible by fw2(from West US) ?
  2. If yes then will there be any interruption on West US region's traffic because of the primary region failure ?
Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.
600 questions
Azure Firewall Manager
Azure Firewall Manager
An Azure service that provides central network security policy and route management for globally distributed, software-defined perimeters.
88 questions
0 comments
Accepted answer
  1. SaiKishor-MSFT 17,216 Reputation points
    2021-10-06T17:04:16.787+00:00

    @Sourav Thank you for reaching out to Microsoft Q&A.

    I understand that you are having questions regarding Azure Firewall Policy. Thank you for sharing your network diagram with us. Answering your questions below:

    1.If the East US region goes down, will the policy still be accessible by fw2(from West US) ?
    Yes, it will be accessible. Policy is region failure resilient. If East US is down, West US will not be affected.

    2.If yes then will there be any interruption on West US region's traffic because of the primary region failure ?
    No, there will not be any interruption.

    Hope this answers your questions. Please let us know if you have any further questions/concerns and we will be glad to assist further. Thank you!

    Remember:

    Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

    Want a reminder to come back and check responses? Here is how to subscribe to a notification.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Brant Boyd 1 Reputation point
    2022-05-09T16:20:26.887+00:00

    My apologies for posting to such an old thread but I have a question on this exact same matter...

    This may seem like splitting hairs, but I'd like to further clarification on the answer provided. During an outage of the assigned region, can the policy be modified from the redundant region?

    0 comments