Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Online Help

    Home FortiCNP 22.4.a Online Help
    22.4.a
    22.4.a
    22.3.b
    22.3.a

    Enable Azure Cloud Integration

    Enable Azure Cloud Integration

    Data Collection will be setup first. After Data Collection is activated, enable integration to allow security center to integrate with other Microsoft security services by allowing other services to access cloud data.

    1. Log in to Azure portal with you Azure AD account: https://portal.azure.com/.
    2. Search and click on Microsoft Defender for Cloud.
    3. Go to Management > Environment settings, and click on your current Azure Subscription.

    4. In Servers resource type, turn on the toggle switch button to activate it, and click Change plan >.

    5. Select Microsoft Defender for Servers Plan 2 and click Confirm.

    6. Go back to Settings menu and click Auto provisioning
    7. Turn on the Extension: Log Analytics agent for Azure VMs and click Edit Configuration.

    8. In Workspace configuration, select Connect Azure VMs to the default workspace(s) created by Defender for Cloud.

    9. In Store additional raw data - Windows security events, select Common, and click Apply.
    10. Turn on another Extension: Vulnerability assessment for machines and click Edit configuration.

    11. Select Microsoft threat and vulnerability management and click Apply.

      12. Note: other extensions are recommended to be turn on, but not required.

    12. Go back to Settings > Integrations.
    13. In Enable integrations, enable both integrations:
      1. Allow Microsoft Defender for Cloud Apps to access my data
      2. Allow Microsoft Defender for Endpoint to access my data.

    Setup Azure Security Policy for Full Subscription Users (Optional)

    If you have Azure Pay as you go subscription, enable Data Collection and Threat detection is sufficient for Azure Integration.

    For Azure full subscription users, setup appropriate security policy for your organization.

    1. Continue from the steps above in the same subscription setting, go to Security Policy.

    2. Enable the security policies required by your organizations.

    After Azure data collection and integration is enabled, FortiCNP is able extract cloud integration data from Azure and provide real time cloud security monitoring.

    Previous
    Next

    Enable Azure Cloud Integration

    Enable Azure Cloud Integration

    Data Collection will be setup first. After Data Collection is activated, enable integration to allow security center to integrate with other Microsoft security services by allowing other services to access cloud data.

    1. Log in to Azure portal with you Azure AD account: https://portal.azure.com/.
    2. Search and click on Microsoft Defender for Cloud.
    3. Go to Management > Environment settings, and click on your current Azure Subscription.

    4. In Servers resource type, turn on the toggle switch button to activate it, and click Change plan >.

    5. Select Microsoft Defender for Servers Plan 2 and click Confirm.

    6. Go back to Settings menu and click Auto provisioning
    7. Turn on the Extension: Log Analytics agent for Azure VMs and click Edit Configuration.

    8. In Workspace configuration, select Connect Azure VMs to the default workspace(s) created by Defender for Cloud.

    9. In Store additional raw data - Windows security events, select Common, and click Apply.
    10. Turn on another Extension: Vulnerability assessment for machines and click Edit configuration.

    11. Select Microsoft threat and vulnerability management and click Apply.

      12. Note: other extensions are recommended to be turn on, but not required.

    12. Go back to Settings > Integrations.
    13. In Enable integrations, enable both integrations:
      1. Allow Microsoft Defender for Cloud Apps to access my data
      2. Allow Microsoft Defender for Endpoint to access my data.

    Setup Azure Security Policy for Full Subscription Users (Optional)

    If you have Azure Pay as you go subscription, enable Data Collection and Threat detection is sufficient for Azure Integration.

    For Azure full subscription users, setup appropriate security policy for your organization.

    1. Continue from the steps above in the same subscription setting, go to Security Policy.

    2. Enable the security policies required by your organizations.

    After Azure data collection and integration is enabled, FortiCNP is able extract cloud integration data from Azure and provide real time cloud security monitoring.

    Previous
    Next