FortiSIEM Discovering Microsoft Azure Infrastructure

Leave a reply
Discovering Microsoft Azure Infrastructure

Discovering Microsoft Azure Cloud infrastructure follows the same basic process described in Setting Access Credentials for Device Discovery an d Discovering Devices, but requires a different approach to associating credentials to IP addresses, since Azure uses dynamic, rather than static, IP address assignment.

Create a Certificate file for communicating to Azure Management Server

Setting Access Credentials for Microsoft Azure Discovery

Associating Microsoft Azure with Credentials

Discovering Microsoft Azure Compute Nodes

Create a Certificate file for communicating to Azure Management Server

 

  1. Login to the Azure old portal, upload the .cer to the Settings->”Management Certificates” section.

 

Setting Access Credentials for Microsoft Azure Discovery
  1. Log into your Supervisor node.
  2. Go to Admin > Setup Wizard > Credentials.
  3. Under Enter Credentials, click Add.
  4. Enter a Name for the credential.
  5. For Device Type, select Microsoft Azure Compute.
  6. For Subscription ID, enter .
  7. Upload the Certificate File, enter the region where your AWS instance is located.
  8. Enter the Access Key ID and Secret Access Key associated with your AWS instance.
  9. Click Save.
Associating Microsoft Azure with Credentials

After you’ve defined all the credentials associated with the access protocols used by devices in your Microsoft Azure instance, you need to associate those credentials.

  1. Log into your Supervisor node.
  2. Go to Admin > Setup Wizard > Credentials.
  3. Under Enter IP Range to Credential Associations, click Add.
  4. For IP/Host Name, enter com.
  5. Click +, and add the Microsoft Azure Compute credential created in “Setting Access Credentials for Microsoft Azure Discovery”, as well as any other generic credentials you’ve created.
  6. Click OK.
  7. Click Test Connectivity to make sure you can reach your instance and that all credentials are entered correctly before you initiate discovery.
Discovering Microsoft Azure Compute Nodes

After you’ve defined and tested all the credentials, you can proceed to discovery.

  1. Log into your Supervisor node.
  2. Go to Admin > Setup Wizard > Discovery.
  3. Click Add
  4. For Discovery Type, select Azure Scan.
  5. Click
  6. Select the entry just created and click

If discovery is successful, your discovered instances will be added to Admin > Setup wizard > Monitor Change/Performance and CMDB > Devices > Microsoft Azure Cloud > Azure Compute.

 

This entry was posted in Administration Guides, FortiSIEM on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.