I have a project deploying vMX to Azure cloud that we need to move customer servers to the cloud. I am considering Meraki vMX deployment secure enough to deploy without Firewall. I did some research and find that the Meraki MX in one-armed concentrator mode doesn't support Firewall features. And if I want RDP and inbound/outbound ACLs/NAT and IPS features I need to go for deploying Azure (or any VNF) firewall before it. But I saw deployments without Firewall as well only with vMX. If someone has vMX deployment experience can you please share your thoughts on best practice, considering Firewall cost does it really worth it?
How can I handle security concerns without Firewall deployment?
I think RDP/inbound/outbound rules can be configured on the Azure VM network interface or security groups. And also with Azure Public IP NAT to vMX LAN Ip can be security some level.