This section provides step-by-step instructions on how to deploy a Virtual MOVEit WAF.

There is a button on the Microsoft Azure Marketplace called GET IT NOW. When you click this button and log in, you are brought to the Azure portal and a choice of products is displayed. When you select a product and click Continue, you are brought to the dashboard screen to create a Virtual Machine.

The steps in this document reflect the steps in the Azure Marketplace (http://portal.azure.com).

To deploy a new MOVEit WAF using ARM, follow the steps below:

  1. From the Azure Management Portal dashboard, click Create a resource.

  2. Enter MOVEit WAF in the search bar and press Enter on your keyboard.
  3. From the drop-down menu, select the desired MOVEit WAF type and click Create.

  4. Under Project details, complete the following fields:
    1. Select the Azure Subscription.
    2. Select an existing or create a new Resource group to deploy MOVEit WAF into.

  5. Under Instance details, complete the following fields:
    1. Enter a Virtual machine name for MOVEit WAF.
    2. Select an Azure Region.
    3. Confirm that the desired MOVEit WAF type is selected in the Image drop-down list.
    4. Enable or disable Azure Spot instance.
    5. Select the desired Size for the virtual machine.

      Note: If you want to enable 10 Gb throughput for a MOVEit WAF virtual machine (VM) in Azure, you must select an Azure VM instance type that supports the 10 Gb Mellanox driver. For more information, refer to the Enable a 10 Gb Interface section.

      vCPU and RAM allocation can be assigned based on your requirements due to the uncapped performance available, but consider using a larger instance size for heavy workloads. For production, consider allocating at least 8 vCPU and 16 GiB RAM.

  6. Under Administrator account, complete the following fields:
    1. Select the Authentication type (SSH public key or Password).
      Note: We recommend using a password, but either way will work fine.
    2. Enter a Username.
      Note: This username is not used by MOVEit WAF for Azure. The default username to access MOVEit WAF is bal.
    3. Enter a Password for the bal account and confirm the password.
      Note: This password is used to access MOVEit WAF Web User Interface (WUI).
    4. SSH public key source: You can either create a new key pair, use an existing key stored in Azure, or use an existing public key. For further details on creating a new key pair, refer to the following section: Create an SSH Key Pair.
      Note: It is recommended to store SSH keys in a secure location.
  7. Click Next: Disks.
  8. Leave the defaults for Disk options and Data disks.

  9. Click Next: Networking.
  10. Under Network interface, complete the following fields:
    1. Select an existing or create a new Virtual network.
    2. Select an existing or create a new Subnet.
    3. Select an existing or create a new Public IP.
    4. Keep the default setting for NIC network security group.
      Note: If you want to enable 10 Gb throughput for a MOVEit WAF VM in Azure, you must select an Azure VM instance type that supports the 10 Gb Mellanox driver. This can be enabled after MOVEit WAF has been deployed, for more information, refer to the Enable a 10 Gb Interface section.
      Note: The security group should contain rules for port 8443 (management), 22 (SSH), 443 (HTTPS) for secure web traffic, and optionally 21 (FTP(S)) for file transfer traffic if this service is deployed and in use.
  11. Click Next: Management.
  12. You can optionally make any necessary changes to the Monitoring, Identity, and Auto-Shutdown sections or leave them as default.

    Note: Ensure that the Enable OS guest diagnostics check box is disabled because there is no support available for collection of diagnostics from MOVEit WAF in Azure. If this option is enabled, MOVEit WAF will not boot correctly.
  13. Click Next: Advanced.

    Note: Custom data is not supported by MOVEit WAF.
  14. You can optionally make any necessary updates to the Tags section or leave the defaults.

  15. Click Next: Review + create.
  16. You can optionally click Download a template for automation to download an ARM template.

  17. Click Create.
Note: If you chose to create a new SSH key pair, you are now prompted to store the private key for the public key you created. Azure does not store the private key. After the SSH key is created, you will not be able to download the private key.

The creation of a VM may take a few minutes or more depending on the Azure portal’s responsiveness and other factors. Ensure that the VM is created without any errors. Resolve any errors if needed.

When creating connected VMs, ensure to select the same Virtual network as MOVEit WAF.