Fortinet black logo

Online Help

Home FortiCNP 22.3.a Online Help

Enable Microsoft Azure Integration

22.3.a
22.4.a
22.3.b
22.3.a
Copy Link
Copy Doc ID cf00dcb1-0886-11ed-bb32-fa163e15d75b:184085

Enable Microsoft Azure Integration

FortiCNP provides Azure cloud integration where it integrates Azure cloud security integration data and provide real time cloud security monitoring. FortiCNP will receive security findings from Azure security integration and informs users of probe findings.

Prerequisite

An active Microsoft Azure AD account with security policy setup is required for Microsoft Azure to provide cloud integration data to FortiCNP.

Steps to Enable Azure Cloud Integration

Data Collection will be setup first. After Data Collection is activated, enable integration to allow security center to integrate with other Microsoft security services by allowing other services to access cloud data.

  1. Log in to Azure portal with you Azure AD account: https://portal.azure.com/.
  2. Search and click on Microsoft Defender for Cloud.
  3. Go to Management > Environment settings, and click on your current Azure Subscription.

  4. In Servers resource type, turn on the toggle switch button to activate it, and click Change plan >.

  5. Select Microsoft Defender for Servers Plan 2 and click Confirm.

    6. Note: Other Defender plans are recommended, but not required.

  6. Go back to Settings menu and click Auto provisioning
  7. Turn on the Extension: Log Analytics agent for Azure VMs and click Edit Configuration.

  8. In Workspace configuration, select Connect Azure VMs to the default workspace(s) created by Defender for Cloud.

  9. In Store additional raw data - Windows security events, select Common, and click Apply.
  10. Turn on another Extension: Vulnerability assessment for machines and click Edit configuration.

  11. Select Microsoft threat and vulnerability management and click Apply.

    12. Note: other extensions are recommended to be turn on, but not required.

  12. Go back to Settings > Integrations.
  13. In Enable integrations, enable both integrations:
    1. Allow Microsoft Defender for Cloud Apps to access my data
    2. Allow Microsoft Defender for Endpoint to access my data.

Steps to setup Azure Security Policy (Optional)

If you have Azure Pay as you go subscription, having Data Collection and Threat detection setup is sufficient for Azure Integration. For Azure full subscription users, you may setup security policy.

  1. Continue from the steps above in the same subscription setting, go to Security Policy.

  2. Enable the security policies required by your organizations.

After Azure data collection and integration is enabled, FortiCNP is able extract cloud integration data from Azure and provide real time cloud security monitoring.

Previous
Next

Enable Microsoft Azure Integration

FortiCNP provides Azure cloud integration where it integrates Azure cloud security integration data and provide real time cloud security monitoring. FortiCNP will receive security findings from Azure security integration and informs users of probe findings.

Prerequisite

An active Microsoft Azure AD account with security policy setup is required for Microsoft Azure to provide cloud integration data to FortiCNP.

Steps to Enable Azure Cloud Integration

Data Collection will be setup first. After Data Collection is activated, enable integration to allow security center to integrate with other Microsoft security services by allowing other services to access cloud data.

  1. Log in to Azure portal with you Azure AD account: https://portal.azure.com/.
  2. Search and click on Microsoft Defender for Cloud.
  3. Go to Management > Environment settings, and click on your current Azure Subscription.

  4. In Servers resource type, turn on the toggle switch button to activate it, and click Change plan >.

  5. Select Microsoft Defender for Servers Plan 2 and click Confirm.

    6. Note: Other Defender plans are recommended, but not required.

  6. Go back to Settings menu and click Auto provisioning
  7. Turn on the Extension: Log Analytics agent for Azure VMs and click Edit Configuration.

  8. In Workspace configuration, select Connect Azure VMs to the default workspace(s) created by Defender for Cloud.

  9. In Store additional raw data - Windows security events, select Common, and click Apply.
  10. Turn on another Extension: Vulnerability assessment for machines and click Edit configuration.

  11. Select Microsoft threat and vulnerability management and click Apply.

    12. Note: other extensions are recommended to be turn on, but not required.

  12. Go back to Settings > Integrations.
  13. In Enable integrations, enable both integrations:
    1. Allow Microsoft Defender for Cloud Apps to access my data
    2. Allow Microsoft Defender for Endpoint to access my data.

Steps to setup Azure Security Policy (Optional)

If you have Azure Pay as you go subscription, having Data Collection and Threat detection setup is sufficient for Azure Integration. For Azure full subscription users, you may setup security policy.

  1. Continue from the steps above in the same subscription setting, go to Security Policy.

  2. Enable the security policies required by your organizations.

After Azure data collection and integration is enabled, FortiCNP is able extract cloud integration data from Azure and provide real time cloud security monitoring.

Previous
Next