Fortinet black logo

Import Azure settings into FortiSandbox

Copy Link
Copy Doc ID baade84c-0e8a-11ed-bb32-fa163e15d75b:383141
Download PDF

Import Azure settings into FortiSandbox

In FortiSandbox v3.2.0 and higher, you can import Azure settings using the Account Authentication method or the Service Principal method.

Import using Account Authentication

To import Azure account authentication:

  1. Go to the FortiSandbox GUI.
  2. Click System > Azure Config.
    Note

    The Azure email account should be the Owner of the resource group of FortiSandbox.

    Microsoft Azure account emailYour user ID.
    Microsoft Azure account passwordYour user password.
    LocationSelect the location you used to set up the resource group.
    Subscription IDYour subscription ID.
    Resource groupThe resource group.
    Storage accountStorage account name.
    Storage account access keyStorage account access key.
    Network security groupThe security group you created for FortiSandbox port2.
    Virtual NetworkName of the virtual network you crated.
    SubnetThe subnet you created for the FortiSandbox port2 interface.
    VM type

    The VM type of custom VM clone(s).

    • Minimum: Standard_B2ms

    • Recommended: Standard_B2ms

  3. Click Test Connection to verify the connection is accessible and authentication is valid.
  4. Click Submit.

Import using Service Principal

To import the Azure settings using Service Principal, get the client and tenant IDs from the Azure portal and then enter them into FortiSandbox using the GUI.

Requirements:
To get client and tenant IDs in the Azure portal:
  1. In the Azure portal, go to Azure Active Directory > App registrations and locate the service principal information in the application you created.

    For information, see (Optional) Create an App registration.

  2. Go to Manage > Certificates & Secrets. The service principal information is located in the Application (client) ID and Directory (tenant) ID fields.

To import Azure service principal in FortiSandbox:

  1. In FortiSandbox, go to System > Azure Config.
  2. In FortiSandbox, enter the following Azure configuration settings and then click Submit.

    Client id

    Enter the Application (client) ID from the Azure portal.

    Client Secret

    Enter the client secret.

    Location

    The location you used to set up the resource group.

    Tenant id

    Enter the Directory (tenant) ID from the Azure portal.

    Subscription ID

    Your subscription ID.

    Resource group

    Resource group.

    Storage account

    Storage account name.

    Storage account access key

    Storage account access key.

    Monitor storage account

    Monitor account name.

    Monitor account access key

    Monitor account access key.

    Network security group

    The security group you created for FortiSandbox port2.

    Virtual network

    Name of the virtual network you created.

    Subnet

    Use the subnet created for the local Windows or Linux VM communication (port2) if one exists. Otherwise, select the management subnet.

    VM Type

    The VM type of custom VM clone(s).

    • Minimum: Standard_B2ms

    • Recommended: Standard_B2ms

Import Azure settings into FortiSandbox

In FortiSandbox v3.2.0 and higher, you can import Azure settings using the Account Authentication method or the Service Principal method.

Import using Account Authentication

To import Azure account authentication:

  1. Go to the FortiSandbox GUI.
  2. Click System > Azure Config.
    Note

    The Azure email account should be the Owner of the resource group of FortiSandbox.

    Microsoft Azure account emailYour user ID.
    Microsoft Azure account passwordYour user password.
    LocationSelect the location you used to set up the resource group.
    Subscription IDYour subscription ID.
    Resource groupThe resource group.
    Storage accountStorage account name.
    Storage account access keyStorage account access key.
    Network security groupThe security group you created for FortiSandbox port2.
    Virtual NetworkName of the virtual network you crated.
    SubnetThe subnet you created for the FortiSandbox port2 interface.
    VM type

    The VM type of custom VM clone(s).

    • Minimum: Standard_B2ms

    • Recommended: Standard_B2ms

  3. Click Test Connection to verify the connection is accessible and authentication is valid.
  4. Click Submit.

Import using Service Principal

To import the Azure settings using Service Principal, get the client and tenant IDs from the Azure portal and then enter them into FortiSandbox using the GUI.

Requirements:
To get client and tenant IDs in the Azure portal:
  1. In the Azure portal, go to Azure Active Directory > App registrations and locate the service principal information in the application you created.

    For information, see (Optional) Create an App registration.

  2. Go to Manage > Certificates & Secrets. The service principal information is located in the Application (client) ID and Directory (tenant) ID fields.

To import Azure service principal in FortiSandbox:

  1. In FortiSandbox, go to System > Azure Config.
  2. In FortiSandbox, enter the following Azure configuration settings and then click Submit.

    Client id

    Enter the Application (client) ID from the Azure portal.

    Client Secret

    Enter the client secret.

    Location

    The location you used to set up the resource group.

    Tenant id

    Enter the Directory (tenant) ID from the Azure portal.

    Subscription ID

    Your subscription ID.

    Resource group

    Resource group.

    Storage account

    Storage account name.

    Storage account access key

    Storage account access key.

    Monitor storage account

    Monitor account name.

    Monitor account access key

    Monitor account access key.

    Network security group

    The security group you created for FortiSandbox port2.

    Virtual network

    Name of the virtual network you created.

    Subnet

    Use the subnet created for the local Windows or Linux VM communication (port2) if one exists. Otherwise, select the management subnet.

    VM Type

    The VM type of custom VM clone(s).

    • Minimum: Standard_B2ms

    • Recommended: Standard_B2ms